summaryrefslogtreecommitdiffstats
path: root/kio
diff options
context:
space:
mode:
authorMichele Calgaro <michele.calgaro@yahoo.it>2020-02-16 13:17:11 +0900
committerSlávek Banko <slavek.banko@axis.cz>2021-02-03 21:17:42 +0100
commit58b490adcc54db979c2145600fafe80ee843bcba (patch)
treefecabd90d92860b2c37a60922426c4e1a9c59503 /kio
parent5523d65792d5ce500bca091e8590fe84592d54a6 (diff)
downloadtdelibs-58b490adcc54db979c2145600fafe80ee843bcba.tar.gz
tdelibs-58b490adcc54db979c2145600fafe80ee843bcba.zip
Security: remove support for $(...) in KRun which could have allowed
execution of malicious code. This is similar to issue #45 for .desktop files. Signed-off-by: Michele Calgaro <michele.calgaro@yahoo.it> (cherry picked from commit 8b8f5064f7094a713a16ade3bf37d8efec601949)
Diffstat (limited to 'kio')
-rw-r--r--kio/kio/krun.cpp21
1 files changed, 1 insertions, 20 deletions
diff --git a/kio/kio/krun.cpp b/kio/kio/krun.cpp
index 9669a27c6..7b278d2cd 100644
--- a/kio/kio/krun.cpp
+++ b/kio/kio/krun.cpp
@@ -931,26 +931,7 @@ void KRun::init()
while( nDollarPos != -1 && nDollarPos+1 < static_cast<int>(aValue.length())) {
// there is at least one $
- if( (aValue)[nDollarPos+1] == '(' ) {
- uint nEndPos = nDollarPos+1;
- // the next character is no $
- while ( (nEndPos <= aValue.length()) && (aValue[nEndPos]!=')') )
- nEndPos++;
- nEndPos++;
- TQString cmd = aValue.mid( nDollarPos+2, nEndPos-nDollarPos-3 );
-
- TQString result;
- FILE *fs = popen(TQFile::encodeName(cmd).data(), "r");
- if (fs)
- {
- {
- TQTextStream ts(fs, IO_ReadOnly);
- result = ts.read().stripWhiteSpace();
- }
- pclose(fs);
- }
- aValue.replace( nDollarPos, nEndPos-nDollarPos, result );
- } else if( (aValue)[nDollarPos+1] != '$' ) {
+ if( (aValue)[nDollarPos+1] != '$' ) {
uint nEndPos = nDollarPos+1;
// the next character is no $
TQString aVarName;