|
|
676f1ea |
From e11199d9cf45efcd52505da90c5430646de4ea26 Mon Sep 17 00:00:00 2001
|
|
|
676f1ea |
From: David Maciejak <david.maciejak@gmail.com>
|
|
|
676f1ea |
Date: Tue, 30 Sep 2014 15:51:31 +0800
|
|
|
676f1ea |
Subject: [PATCH] wmaker: fix arbitrary shell command injection
|
|
|
676f1ea |
|
|
|
676f1ea |
Workspace background pref can be tricked to run arbitrary cmds.
|
|
|
676f1ea |
---
|
|
|
676f1ea |
src/defaults.c | 16 ++++++++++------
|
|
|
676f1ea |
1 files changed, 10 insertions(+), 6 deletions(-)
|
|
|
676f1ea |
|
|
|
676f1ea |
diff --git a/src/defaults.c b/src/defaults.c
|
|
|
676f1ea |
index 6ca7f3f..105114b 100644
|
|
|
676f1ea |
--- a/src/defaults.c
|
|
|
676f1ea |
+++ b/src/defaults.c
|
|
|
676f1ea |
@@ -3097,13 +3097,17 @@ static int setWorkspaceBack(WScreen * scr, WDefaultEntry * entry, void *tdata, v
|
|
|
676f1ea |
len = strlen(text) + 40;
|
|
|
676f1ea |
command = wmalloc(len);
|
|
|
676f1ea |
dither = wPreferences.no_dithering ? "-m" : "-d";
|
|
|
676f1ea |
- if (wPreferences.smooth_workspace_back)
|
|
|
676f1ea |
- snprintf(command, len, "wmsetbg %s -S -p '%s' &", dither, text);
|
|
|
676f1ea |
- else
|
|
|
676f1ea |
- snprintf(command, len, "wmsetbg %s -p '%s' &", dither, text);
|
|
|
676f1ea |
+ if (!strstr(text, "\'") && !strstr(text, "\\")) {
|
|
|
676f1ea |
+ command = wmalloc(len);
|
|
|
676f1ea |
+ if (wPreferences.smooth_workspace_back)
|
|
|
676f1ea |
+ snprintf(command, len, "wmsetbg %s -S -p '%s' &", dither, text);
|
|
|
676f1ea |
+ else
|
|
|
676f1ea |
+ snprintf(command, len, "wmsetbg %s -p '%s' &", dither, text);
|
|
|
676f1ea |
+ ExecuteShellCommand(scr, command);
|
|
|
676f1ea |
+ wfree(command);
|
|
|
676f1ea |
+ } else
|
|
|
676f1ea |
+ wwarning(_("Invalid arguments for background \"%s\""), text);
|
|
|
676f1ea |
wfree(text);
|
|
|
676f1ea |
- ExecuteShellCommand(scr, command);
|
|
|
676f1ea |
- wfree(command);
|
|
|
676f1ea |
}
|
|
|
676f1ea |
WMReleasePropList(value);
|
|
|
676f1ea |
|
|
|
676f1ea |
--
|
|
|
676f1ea |
1.7.6.6.GIT
|
|
|
676f1ea |
|