41 lines
1.0 KiB
Diff
41 lines
1.0 KiB
Diff
From ce802d71c3466d1dbb24f2fe9b6db82a1f899bcb Mon Sep 17 00:00:00 2001
|
|
From: Gabriel Corona <gabriel.corona@enst-bretagne.fr>
|
|
Date: Mon, 19 Mar 2018 22:09:00 +0100
|
|
Subject: [PATCH] Avoid argument injection vulnerability in open_envvar()
|
|
|
|
---
|
|
scripts/xdg-open.in | 10 +++++++++-
|
|
1 file changed, 9 insertions(+), 1 deletion(-)
|
|
|
|
diff --git a/scripts/xdg-open.in b/scripts/xdg-open.in
|
|
index 2972257..021524b 100644
|
|
--- a/scripts/xdg-open.in
|
|
+++ b/scripts/xdg-open.in
|
|
@@ -351,6 +351,11 @@ open_generic_xdg_x_scheme_handler()
|
|
fi
|
|
}
|
|
|
|
+has_single_argument()
|
|
+{
|
|
+ test $# = 1
|
|
+}
|
|
+
|
|
open_envvar()
|
|
{
|
|
local oldifs="$IFS"
|
|
@@ -365,7 +370,10 @@ open_envvar()
|
|
fi
|
|
|
|
if echo "$browser" | grep -q %s; then
|
|
- $(printf "$browser" "$1")
|
|
+ # Avoid argument injection.
|
|
+ # See https://bugs.freedesktop.org/show_bug.cgi?id=103807
|
|
+ # URIs don't have IFS characters spaces anyway.
|
|
+ has_single_argument $1 && $(printf "$browser" "$1")
|
|
else
|
|
$browser "$1"
|
|
fi
|
|
--
|
|
2.17.1
|
|
|