mirror of
git://slackware.nl/current.git
synced 2025-01-12 08:03:03 +01:00
850107940f
kde/kdelibs-4.14.38-x86_64-4.txz: Rebuilt. kconfig: malicious .desktop files (and others) would execute code. For more information, see: https://mail.kde.org/pipermail/kde-announce/2019-August/000047.html https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14744 (* Security fix *)
112 lines
4.5 KiB
Diff
112 lines
4.5 KiB
Diff
From 2c3762feddf7e66cf6b64d9058f625a715694a00 Mon Sep 17 00:00:00 2001
|
|
From: Kai Uwe Broulik <kde@privat.broulik.de>
|
|
Date: Wed, 7 Aug 2019 09:47:46 +0200
|
|
Subject: Security: remove support for $(...) in config keys with [$e] marker.
|
|
|
|
It is very unclear at this point what a valid use case for this feature
|
|
would possibly be. The old documentation only mentions $(hostname) as
|
|
an example, which can be done with $HOSTNAME instead.
|
|
|
|
Note that $(...) is still supported in Exec lines of desktop files,
|
|
this does not require [$e] anyway (and actually works better without it,
|
|
otherwise the $ signs need to be doubled to obey kconfig $e escaping rules...).
|
|
|
|
Thanks to Fabian Vogt for testing.
|
|
|
|
(This is a backport of KDE Frameworks 5 kconfig patch to kdelibs)
|
|
|
|
Differential Revision: https://phabricator.kde.org/D22989
|
|
---
|
|
kdecore/config/kconfig.cpp | 32 +-------------------------------
|
|
kdecore/doc/README.kiosk | 12 ------------
|
|
kdecore/tests/kconfigtest.cpp | 6 +-----
|
|
3 files changed, 2 insertions(+), 48 deletions(-)
|
|
|
|
diff --git a/kdecore/config/kconfig.cpp b/kdecore/config/kconfig.cpp
|
|
index 7ea26a5..b30584b 100644
|
|
--- a/kdecore/config/kconfig.cpp
|
|
+++ b/kdecore/config/kconfig.cpp
|
|
@@ -160,37 +160,7 @@ QString KConfigPrivate::expandString(const QString& value)
|
|
int nDollarPos = aValue.indexOf( QLatin1Char('$') );
|
|
while( nDollarPos != -1 && nDollarPos+1 < aValue.length()) {
|
|
// there is at least one $
|
|
- if( aValue[nDollarPos+1] == QLatin1Char('(') ) {
|
|
- int nEndPos = nDollarPos+1;
|
|
- // the next character is not $
|
|
- while ( (nEndPos <= aValue.length()) && (aValue[nEndPos]!=QLatin1Char(')')) )
|
|
- nEndPos++;
|
|
- nEndPos++;
|
|
- QString cmd = aValue.mid( nDollarPos+2, nEndPos-nDollarPos-3 );
|
|
-
|
|
- QString result;
|
|
- QByteArray oldpath = qgetenv( "PATH" );
|
|
- QByteArray newpath;
|
|
- if (KGlobal::hasMainComponent()) {
|
|
- newpath = QFile::encodeName(KGlobal::dirs()->resourceDirs("exe").join(QChar::fromLatin1(KPATH_SEPARATOR)));
|
|
- if (!newpath.isEmpty() && !oldpath.isEmpty())
|
|
- newpath += KPATH_SEPARATOR;
|
|
- }
|
|
- newpath += oldpath;
|
|
- setenv( "PATH", newpath, 1/*overwrite*/ );
|
|
-// FIXME: wince does not have pipes
|
|
-#ifndef _WIN32_WCE
|
|
- FILE *fs = popen(QFile::encodeName(cmd).data(), "r");
|
|
- if (fs) {
|
|
- QTextStream ts(fs, QIODevice::ReadOnly);
|
|
- result = ts.readAll().trimmed();
|
|
- pclose(fs);
|
|
- }
|
|
-#endif
|
|
- setenv( "PATH", oldpath, 1/*overwrite*/ );
|
|
- aValue.replace( nDollarPos, nEndPos-nDollarPos, result );
|
|
- nDollarPos += result.length();
|
|
- } else if( aValue[nDollarPos+1] != QLatin1Char('$') ) {
|
|
+ if( aValue[nDollarPos+1] != QLatin1Char('$') ) {
|
|
int nEndPos = nDollarPos+1;
|
|
// the next character is not $
|
|
QString aVarName;
|
|
diff --git a/kdecore/doc/README.kiosk b/kdecore/doc/README.kiosk
|
|
index b95002d..d902c61 100644
|
|
--- a/kdecore/doc/README.kiosk
|
|
+++ b/kdecore/doc/README.kiosk
|
|
@@ -640,18 +640,6 @@ The following syntax is also supported:
|
|
Name[$ei]=${USER}
|
|
|
|
|
|
-Shell Commands in KDE config files.
|
|
-===================================
|
|
-
|
|
-Since KDE-3.1 arbitrary entries in configuration files can contain shell
|
|
-commands. This way the value of a configuration entry can be determined
|
|
-dynamically at runtime. In order to use this the entry must be marked
|
|
-with [$e].
|
|
-
|
|
-Example:
|
|
-Host[$e]=$(hostname)
|
|
-
|
|
-
|
|
KDE Kiosk Application API
|
|
==========================
|
|
|
|
diff --git a/kdecore/tests/kconfigtest.cpp b/kdecore/tests/kconfigtest.cpp
|
|
index 78e6ad1..37ea3c2 100644
|
|
--- a/kdecore/tests/kconfigtest.cpp
|
|
+++ b/kdecore/tests/kconfigtest.cpp
|
|
@@ -479,12 +479,8 @@ void KConfigTest::testPath()
|
|
QCOMPARE(group.readPathEntry("withBraces", QString()), QString("file://" + HOMEPATH) );
|
|
QVERIFY(group.hasKey("URL"));
|
|
QCOMPARE(group.readEntry("URL", QString()), QString("file://" + HOMEPATH) );
|
|
-#if !defined(Q_OS_WIN32) && !defined(Q_OS_MAC)
|
|
- // I don't know if this will work on windows
|
|
- // This test hangs on OS X
|
|
QVERIFY(group.hasKey("hostname"));
|
|
- QCOMPARE(group.readEntry("hostname", QString()), QHostInfo::localHostName());
|
|
-#endif
|
|
+ QCOMPARE(group.readEntry("hostname", QString()), QString("(hostname)")); // the $ got removed because empty var name
|
|
QVERIFY(group.hasKey("noeol"));
|
|
QCOMPARE(group.readEntry("noeol", QString()), QString("foo"));
|
|
}
|
|
--
|
|
cgit v1.1
|
|
|
|
|