From 13d9b0cac97e438bf7dc06452ee7fb3480907d88 Mon Sep 17 00:00:00 2001
From: Rex Dieter <rdieter@math.unl.edu>
Date: Fri, 20 Feb 2015 15:54:46 -0600
Subject: [PATCH 8/8] xdg-open: safer xdg-open (BR89130)
inspired by patch from Vincent Bernat <bernat@debian.org>
---
ChangeLog | 3 +++
scripts/xdg-open.in | 65 ++++++++++++++++++++++++++++++++---------------------
2 files changed, 43 insertions(+), 25 deletions(-)
diff --git a/ChangeLog b/ChangeLog
index 9a01f82..0c0ab97 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,5 +1,8 @@
=== xdg-utils 1.1.x ===
+2015-02-20 Rex Dieter <rdieter@fedoraproject.org>
+ * xdg-open: safer xdg-open (BR89130), inspired by patch from Vincent Bernat <bernat@debian.org>
+
2015-01-19 Rex Dieter <rdieter@fedoraproject.org>
* xdg-open: better fix for command injection vulnerability (BR66670)
* xdg-open is extremely slow because get_key executes grep unnecessarily (BR88524)
diff --git a/scripts/xdg-open.in b/scripts/xdg-open.in
index ee2889e..074ba6f 100644
--- a/scripts/xdg-open.in
+++ b/scripts/xdg-open.in
@@ -161,7 +161,7 @@ search_desktop_file()
{
local default="$1"
local dir="$2"
- local arg="$3"
+ local target="$3"
local file=""
# look for both vendor-app.desktop, vendor/app.desktop
@@ -174,34 +174,49 @@ search_desktop_file()
if [ -r "$file" ] ; then
command="$(get_key "${file}" "Exec" | first_word)"
command_exec=`which $command 2>/dev/null`
- arguments="$(get_key "${file}" "Exec" | last_word)"
- arg_one="`echo "$arg" | sed 's/[&*\\]/\\\\&/g'`"
icon="$(get_key "${file}" "Icon")"
- if [ "${icon}" != "" ]
- then
- icon="--icon '${icon}'"
- else
- icon="''"
- fi
# FIXME: Actually LC_MESSAGES should be used as described in
# http://standards.freedesktop.org/desktop-entry-spec/latest/ar01s04.html
- localised_name="'$(get_key "${file}" "Name")'"
- arguments_exec="$(echo "$arguments" | sed -e 's*%[fFuU]*'"$arg_one"'*g' \
- -e 's*%i*'"$icon"'*g' \
- -e 's*%c*'"$localised_name"'*g')"
-
- if [ -x "$command_exec" ] ; then
- if echo "$arguments" | grep -iq '%[fFuU]' ; then
- echo START "$command_exec" "$arguments_exec"
- eval "'$command_exec'" "'$arguments_exec'"
- else
- echo START "$command_exec" "$arguments_exec" "$arg"
- eval "'$command_exec'" "'$arguments_exec'" "'$arg'"
- fi
+ localised_name="$(get_key "${file}" "Name")"
+ set -- $(get_key "${file}" "Exec" | last_word)
+ # We need to replace any occurrence of "%f", "%F" and
+ # the like by the target file. We examine each
+ # argument and append the modified argument to the
+ # end then shift.
+ local args=$#
+ local replaced=0
+ while [ $args -gt 0 ]; do
+ case $1 in
+ %[c])
+ replaced=1
+ arg="${localised_name}"
+ shift
+ set -- "$@" "$arg"
+ ;;
+ %[fFuU])
+ replaced=1
+ arg="$(echo $target | sed 's/[&*\\]/\\\\&/g')"
+ shift
+ set -- "$@" "$arg"
+ ;;
+ %[i])
+ replaced=1
+ shift
+ set -- "$@" "--icon" "$icon"
+ ;;
+ *)
+ arg="$1"
+ shift
+ set -- "$@" "$arg"
+ ;;
+ esac
+ args=$(( $args - 1 ))
+ done
+ [ $replaced -eq 1 ] || set -- "$@" "$target"
+ "$command_exec" "$@"
- if [ $? -eq 0 ]; then
- exit_success
- fi
+ if [ $? -eq 0 ]; then
+ exit_success
fi
fi
--
1.9.3