[evince/gnome-3-22] comics: Remove support for tar and tar-like commands
- From: Bastien Nocera <hadess src gnome org>
- To: commits-list gnome org
- Cc:
- Subject: [evince/gnome-3-22] comics: Remove support for tar and tar-like commands
- Date: Thu, 13 Jul 2017 12:03:55 +0000 (UTC)
commit fa072dbbfd964e85b4a54f8e34751cf62c77d0ea
Author: Bastien Nocera <hadess hadess net>
Date: Thu Jul 6 20:02:00 2017 +0200
comics: Remove support for tar and tar-like commands
When handling tar files, or using a command with tar-compatible syntax,
to open comic-book archives, both the archive name (the name of the
comics file) and the filename (the name of a page within the archive)
are quoted to not be interpreted by the shell.
But the filename is completely with the attacker's control and can start
with "--" which leads to tar interpreting it as a command line flag.
This can be exploited by creating a CBT file (a tar archive with the
.cbt suffix) with an embedded file named something like this:
"--checkpoint-action=exec=bash -c 'touch ~/hacked;'.jpg"
CBT files are infinitely rare (CBZ is usually used for DRM-free
commercial releases, CBR for those from more dubious provenance), so
removing support is the easiest way to avoid the bug triggering. All
this code was rewritten in the development release for GNOME 3.26 to not
shell out to any command, closing off this particular attack vector.
This also removes the ability to use libarchive's bsdtar-compatible
binary for CBZ (ZIP), CB7 (7zip), and CBR (RAR) formats. The first two
are already supported by unzip and 7zip respectively. libarchive's RAR
support is limited, so unrar is a requirement anyway.
Discovered by Felix Wilhelm from the Google Security Team.
https://bugzilla.gnome.org/show_bug.cgi?id=784630
backend/comics/comics-document.c | 40 +-------------------------------------
configure.ac | 2 +-
2 files changed, 2 insertions(+), 40 deletions(-)
---
diff --git a/backend/comics/comics-document.c b/backend/comics/comics-document.c
index 96ed26e..3af119a 100644
--- a/backend/comics/comics-document.c
+++ b/backend/comics/comics-document.c
@@ -56,8 +56,7 @@ typedef enum
RARLABS,
GNAUNRAR,
UNZIP,
- P7ZIP,
- TAR
+ P7ZIP
} ComicBookDecompressType;
typedef struct _ComicsDocumentClass ComicsDocumentClass;
@@ -117,9 +116,6 @@ static const ComicBookDecompressCommand command_usage_def[] = {
/* 7zip */
{NULL , "%s l -- %s" , "%s x -y %s -o%s", FALSE, OFFSET_7Z},
-
- /* tar */
- {"%s -xOf" , "%s -tf %s" , NULL , FALSE, NO_OFFSET}
};
static GSList* get_supported_image_extensions (void);
@@ -364,13 +360,6 @@ comics_check_decompress_command (gchar *mime_type,
comics_document->command_usage = GNAUNRAR;
return TRUE;
}
- comics_document->selected_command =
- g_find_program_in_path ("bsdtar");
- if (comics_document->selected_command) {
- comics_document->command_usage = TAR;
- return TRUE;
- }
-
} else if (g_content_type_is_a (mime_type, "application/x-cbz") ||
g_content_type_is_a (mime_type, "application/zip")) {
/* InfoZIP's unzip program */
@@ -396,12 +385,6 @@ comics_check_decompress_command (gchar *mime_type,
comics_document->command_usage = P7ZIP;
return TRUE;
}
- comics_document->selected_command =
- g_find_program_in_path ("bsdtar");
- if (comics_document->selected_command) {
- comics_document->command_usage = TAR;
- return TRUE;
- }
} else if (g_content_type_is_a (mime_type, "application/x-cb7") ||
g_content_type_is_a (mime_type, "application/x-7z-compressed")) {
@@ -425,27 +408,6 @@ comics_check_decompress_command (gchar *mime_type,
comics_document->command_usage = P7ZIP;
return TRUE;
}
- comics_document->selected_command =
- g_find_program_in_path ("bsdtar");
- if (comics_document->selected_command) {
- comics_document->command_usage = TAR;
- return TRUE;
- }
- } else if (g_content_type_is_a (mime_type, "application/x-cbt") ||
- g_content_type_is_a (mime_type, "application/x-tar")) {
- /* tar utility (Tape ARchive) */
- comics_document->selected_command =
- g_find_program_in_path ("tar");
- if (comics_document->selected_command) {
- comics_document->command_usage = TAR;
- return TRUE;
- }
- comics_document->selected_command =
- g_find_program_in_path ("bsdtar");
- if (comics_document->selected_command) {
- comics_document->command_usage = TAR;
- return TRUE;
- }
} else {
g_set_error (error,
EV_DOCUMENT_ERROR,
diff --git a/configure.ac b/configure.ac
index 36e866a..26a1a7d 100644
--- a/configure.ac
+++ b/configure.ac
@@ -795,7 +795,7 @@ AC_SUBST(TIFF_MIME_TYPES)
AC_SUBST(APPDATA_TIFF_MIME_TYPES)
AM_SUBST_NOTMAKE(APPDATA_TIFF_MIME_TYPES)
if test "x$enable_comics" = "xyes"; then
-
COMICS_MIME_TYPES="application/x-cbr;application/x-cbz;application/x-cb7;application/x-cbt;application/x-ext-cbr;application/x-ext-cbz;application/vnd.comicbook+zip;application/x-ext-cb7;application/x-ext-cbt"
+
COMICS_MIME_TYPES="application/x-cbr;application/x-cbz;application/x-cb7;application/x-ext-cbr;application/x-ext-cbz;application/vnd.comicbook+zip;application/x-ext-cb7;"
APPDATA_COMICS_MIME_TYPES=$(echo "<mimetype>$COMICS_MIME_TYPES</mimetype>" | sed -e
's/;/<\/mimetype>\n <mimetype>/g')
if test -z "$EVINCE_MIME_TYPES"; then
EVINCE_MIME_TYPES="${COMICS_MIME_TYPES}"
[
Date Prev][
Date Next] [
Thread Prev][
Thread Next]
[
Thread Index]
[
Date Index]
[
Author Index]
