xdg-open wrongly passes all command line arguments as one argument to e.g. okular on non Gnome desktops (#1191981)

2015-02-20 16:01:30 -06:00 · 2015-02-20 16:01:30 -06:00 · a83f3e59ad
commit a83f3e59ad
parent f9ce222fb8
2 changed files with 119 additions and 1 deletions
--- a/0008-xdg-open-safer-xdg-open-BR89130.patch
+++ b/0008-xdg-open-safer-xdg-open-BR89130.patch
@ -0,0 +1,114 @@
+From 13d9b0cac97e438bf7dc06452ee7fb3480907d88 Mon Sep 17 00:00:00 2001
+From: Rex Dieter <rdieter@math.unl.edu>
+Date: Fri, 20 Feb 2015 15:54:46 -0600
+Subject: [PATCH 8/8] xdg-open: safer xdg-open (BR89130)
+
+inspired by patch from Vincent Bernat <bernat@debian.org>
+---
+ ChangeLog           |  3 +++
+ scripts/xdg-open.in | 65 ++++++++++++++++++++++++++++++++---------------------
+ 2 files changed, 43 insertions(+), 25 deletions(-)
+
+diff --git a/ChangeLog b/ChangeLog
+index 9a01f82..0c0ab97 100644
+--- a/ChangeLog
+++ b/ChangeLog
+@@ -1,5 +1,8 @@
+ === xdg-utils 1.1.x ===
+ 
+2015-02-20 Rex Dieter <rdieter@fedoraproject.org>
+   * xdg-open: safer xdg-open (BR89130), inspired by patch from Vincent Bernat <bernat@debian.org>
+
+ 2015-01-19 Rex Dieter <rdieter@fedoraproject.org>
+    * xdg-open: better fix for command injection vulnerability (BR66670)
+    * xdg-open is extremely slow because get_key executes grep unnecessarily (BR88524)
+diff --git a/scripts/xdg-open.in b/scripts/xdg-open.in
+index ee2889e..074ba6f 100644
+--- a/scripts/xdg-open.in
+++ b/scripts/xdg-open.in
+@@ -161,7 +161,7 @@ search_desktop_file()
+ {
+     local default="$1"
+     local dir="$2"
+-    local arg="$3"
+    local target="$3"
+ 
+     local file=""
+     # look for both vendor-app.desktop, vendor/app.desktop
+@@ -174,34 +174,49 @@ search_desktop_file()
+     if [ -r "$file" ] ; then
+         command="$(get_key "${file}" "Exec" | first_word)"
+         command_exec=`which $command 2>/dev/null`
+-        arguments="$(get_key "${file}" "Exec" | last_word)"
+-        arg_one="`echo "$arg" | sed 's/[&*\\]/\\\\&/g'`"
+         icon="$(get_key "${file}" "Icon")"
+-        if [ "${icon}" != "" ]
+-        then
+-            icon="--icon '${icon}'"
+-        else
+-            icon="''"
+-        fi
+         # FIXME: Actually LC_MESSAGES should be used as described in
+         # http://standards.freedesktop.org/desktop-entry-spec/latest/ar01s04.html
+-        localised_name="'$(get_key "${file}" "Name")'"
+-        arguments_exec="$(echo "$arguments" | sed -e 's*%[fFuU]*'"$arg_one"'*g' \
+-                                                  -e 's*%i*'"$icon"'*g' \
+-                                                  -e 's*%c*'"$localised_name"'*g')"
+-
+-        if [ -x "$command_exec" ] ; then
+-            if echo "$arguments" | grep -iq '%[fFuU]' ; then
+-                echo START "$command_exec" "$arguments_exec"
+-                eval "'$command_exec'" "'$arguments_exec'"
+-            else
+-                echo START "$command_exec" "$arguments_exec" "$arg"
+-                eval "'$command_exec'" "'$arguments_exec'" "'$arg'"
+-            fi
+        localised_name="$(get_key "${file}" "Name")"
+        set -- $(get_key "${file}" "Exec" | last_word)
+        # We need to replace any occurrence of "%f", "%F" and
+        # the like by the target file. We examine each
+        # argument and append the modified argument to the
+        # end then shift.
+        local args=$#
+        local replaced=0
+        while [ $args -gt 0 ]; do
+            case $1 in
+                %[c])
+                    replaced=1
+                    arg="${localised_name}"
+                    shift
+                    set -- "$@" "$arg"
+                    ;;
+                %[fFuU])
+                    replaced=1
+                    arg="$(echo $target | sed 's/[&*\\]/\\\\&/g')"
+                    shift
+                    set -- "$@" "$arg"
+                    ;;
+                %[i])
+                    replaced=1
+                    shift
+                    set -- "$@" "--icon" "$icon"
+                    ;;
+                *)
+                    arg="$1"
+                    shift
+                    set -- "$@" "$arg"
+                    ;;
+            esac
+            args=$(( $args - 1 ))
+        done
+        [ $replaced -eq 1 ] || set -- "$@" "$target"
+        "$command_exec" "$@"
+ 
+-            if [ $? -eq 0 ]; then
+-                exit_success
+-            fi
+        if [ $? -eq 0 ]; then
+            exit_success
+         fi
+     fi
+ 
+-- 
+1.9.3
+
--- a/xdg-utils.spec
+++ b/xdg-utils.spec
@ -4,7 +4,7 @@
 Summary: Basic desktop integration functions 
 Name:    xdg-utils
 Version: 1.1.0
-Release: 0.36.%{pre}%{?dist}
+Release: 0.37.%{pre}%{?dist}

 URL:     http://portland.freedesktop.org/ 
 %if 0%{?pre:1}
@ -23,6 +23,7 @@ Patch4: 0004-xdg-screensaver-Change-screensaver_freedesktop-s-int.patch
 Patch5: 0005-xdg-open-better-fix-for-command-injection-vulnerabil.patch
 Patch6: 0006-xdg-open-Improve-performance-of-get_key-function.patch
 Patch7: 0007-Add-changelog-for-prior-commit.patch
+Patch8: 0008-xdg-open-safer-xdg-open-BR89130.patch

 # make sure BuildArch comes *after* patches, to ensure %%autosetup works right
 # http://bugzilla.redhat.com/1084309
@ -97,6 +98,9 @@ make install DESTDIR=%{buildroot}


 %changelog
+* Fri Feb 20 2015 Rex Dieter <rdieter@fedoraproject.org> 1.1.0-0.37.rc3
+- xdg-open wrongly passes all command line arguments as one argument to e.g. okular on non Gnome desktops (#1191981)
+
 * Mon Jan 19 2015 Rex Dieter <rdieter@fedoraproject.org> 1.1.0-0.36.rc3
 - pull in upstream performance improvement (fdo#88524)