[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Gnash-commit] [SCM] Gnash branch, master, updated. release_0_8_9_final-
|
From: |
Sandro Santilli |
|
Subject: |
[Gnash-commit] [SCM] Gnash branch, master, updated. release_0_8_9_final-1497-g6528395 |
|
Date: |
Wed, 27 Jun 2012 15:00:40 +0000 |
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "Gnash".
The branch, master has been updated
via 6528395caa1c460d80933b7461e805d97b02921c (commit)
from e0bc76ce13d69e565b446d93b24bc59f5277440a (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
http://git.savannah.gnu.org/cgit//commit/?id=6528395caa1c460d80933b7461e805d97b02921c
commit 6528395caa1c460d80933b7461e805d97b02921c
Author: Sandro Santilli <address@hidden>
Date: Wed Jun 27 16:59:21 2012 +0200
Fix opening of external URL with Gnash Standalone (#31833)
Do so by assuming/requiring urlOpenerFormat to put %u in single
quotes and adding shell escaping for that.
diff --git a/NEWS b/NEWS
index 1d48d43..1f2015e 100644
--- a/NEWS
+++ b/NEWS
@@ -1,6 +1,10 @@
Gnash 0.8.11
YYYY/MM/DD
+Improvements since 0.8.10 release are:
+
+ * Fix opening of external URL with Gnash Standalone (#31833)
+
Gnash 0.8.10
2012/02/04
diff --git a/libcore/movie_root.cpp b/libcore/movie_root.cpp
index ce0d50c..6c32e9b 100644
--- a/libcore/movie_root.cpp
+++ b/libcore/movie_root.cpp
@@ -2140,15 +2140,43 @@ movie_root::getURL(const std::string& urlstr, const
std::string& target,
std::string command = rcfile.getURLOpenerFormat();
/// Try to avoid letting flash movies execute
- /// arbitrary commands (sic)
+ /// arbitrary commands (sic).
///
- /// Maybe we should exec here, but if we do we might have problems
- /// with complex urlOpenerFormats like:
- /// firefox -remote 'openurl(%u)'
+ /// NOTE: it is assumed that the user-provided command
+ /// puts the url place-holder within single quotes.
+ /// Failing that, there will be the possibility
+ /// for malicious SWF files to run arbitrary commands.
+ ///
///
- std::string safeurl = url.encode(urlstr);
+ /// Check safety of user provided command
+ ///
+ /// TODO: improve this check
+ /// - quote nested in double quote
+ /// - %u after second quote
+ /// - use regexp ?
+ /// TODO: check only once
+ ///
+ bool command_is_safe = false;
+ do {
+ std::string::size_type loc = command.find('\'');
+ if ( loc == std::string::npos ) break;
+ loc = command.find("%u", loc);
+ if ( loc == std::string::npos ) break;
+ loc = command.find('\'', loc);
+ if ( loc == std::string::npos ) break;
+ command_is_safe = true;
+ } while (0);
+
+ if ( ! command_is_safe ) {
+ log_error("The '%%u' token in urlOpenerFormat rc directive should
be within single quotes");
+ return;
+ }
+
+ std::string safeurl = urlstr;
+ boost::replace_all(safeurl, "'", "'\\''");
+
boost::replace_all(command, "%u", safeurl);
-
+
log_debug("Launching URL: %s", command);
const int ret = std::system(command.c_str());
if (ret == -1) {
-----------------------------------------------------------------------
Summary of changes:
NEWS | 4 ++++
libcore/movie_root.cpp | 40 ++++++++++++++++++++++++++++++++++------
2 files changed, 38 insertions(+), 6 deletions(-)
hooks/post-receive
--
Gnash
| [Prev in Thread] |
Current Thread |
[Next in Thread] |
- [Gnash-commit] [SCM] Gnash branch, master, updated. release_0_8_9_final-1497-g6528395,
Sandro Santilli <=