From 8b8f5064f7094a713a16ade3bf37d8efec601949 Mon Sep 17 00:00:00 2001
From: Michele Calgaro <michele.calgaro@yahoo.it>
Date: Sun, 16 Feb 2020 13:17:11 +0900
Subject: Security: remove support for $(...) in KRun which could have allowed
 execution of malicious code. This is similar to issue #45 for .desktop files.

Signed-off-by: Michele Calgaro <michele.calgaro@yahoo.it>
---
 tdeio/tdeio/krun.cpp | 21 +--------------------
 1 file changed, 1 insertion(+), 20 deletions(-)

(limited to 'tdeio')

diff --git a/tdeio/tdeio/krun.cpp b/tdeio/tdeio/krun.cpp
index ccb638288..89c84952f 100644
--- a/tdeio/tdeio/krun.cpp
+++ b/tdeio/tdeio/krun.cpp
@@ -931,26 +931,7 @@ void KRun::init()
 
       while( nDollarPos != -1 && nDollarPos+1 < static_cast<int>(aValue.length())) {
         // there is at least one $
-        if( (aValue)[nDollarPos+1] == '(' ) {
-          uint nEndPos = nDollarPos+1;
-          // the next character is no $
-          while ( (nEndPos <= aValue.length()) && (aValue[nEndPos]!=')') )
-              nEndPos++;
-          nEndPos++;
-          TQString cmd = aValue.mid( nDollarPos+2, nEndPos-nDollarPos-3 );
-
-          TQString result;
-          FILE *fs = popen(TQFile::encodeName(cmd).data(), "r");
-          if (fs)
-          {
-             {
-             TQTextStream ts(fs, IO_ReadOnly);
-             result = ts.read().stripWhiteSpace();
-             }
-             pclose(fs);
-          }
-          aValue.replace( nDollarPos, nEndPos-nDollarPos, result );
-        } else if( (aValue)[nDollarPos+1] != '$' ) {
+        if( (aValue)[nDollarPos+1] != '$' ) {
           uint nEndPos = nDollarPos+1;
           // the next character is no $
           TQString aVarName;
-- 
cgit v1.2.1