From 316d02285c002240b93640185c3e615a75394158 Mon Sep 17 00:00:00 2001 From: Suman Manjunath Date: Mon, 30 Jun 2008 03:47:34 +0000 Subject: Patch from Tobias Mueller ** Fix for bug #540516 (Fix for a vulnerability issue). svn path=/trunk/; revision=35700 --- plugins/backup-restore/ChangeLog | 7 +++++++ plugins/backup-restore/backup.c | 27 ++++++++++++++++++--------- 2 files changed, 25 insertions(+), 9 deletions(-) diff --git a/plugins/backup-restore/ChangeLog b/plugins/backup-restore/ChangeLog index ea638cf47d..04c319f227 100644 --- a/plugins/backup-restore/ChangeLog +++ b/plugins/backup-restore/ChangeLog @@ -1,3 +1,10 @@ +2008-06-30 Tobias Mueller + + ** Fix for bug #540516 + + * backup.c (backup), (restore), (check): Sanitize user input while + accepting path/filename of the backup. + 2008-06-20 Milan Crha * backup.c: (main): Use Evolution icon for the window. diff --git a/plugins/backup-restore/backup.c b/plugins/backup-restore/backup.c index ddd97c287b..8711871581 100644 --- a/plugins/backup-restore/backup.c +++ b/plugins/backup-restore/backup.c @@ -62,9 +62,11 @@ static void backup (const char *filename) { char *command; + char *quotedfname; g_return_if_fail (filename && *filename); - + quotedfname = g_shell_quote(filename); + CANCEL (complete); txt = _("Shutting down Evolution"); /* FIXME Will the versioned setting always work? */ @@ -81,9 +83,10 @@ backup (const char *filename) /* FIXME compression type?" */ /* FIXME date/time stamp?" */ /* FIXME backup location?" */ - command = g_strdup_printf ("cd $HOME && tar cf - .evolution .camel_certs | gzip > %s", filename); + command = g_strdup_printf ("cd $HOME && tar cf - .evolution .camel_certs | gzip > %s", quotedfname); s (command); g_free (command); + g_free (quotedfname); txt = _("Backup complete"); @@ -102,9 +105,11 @@ static void restore (const char *filename) { char *command; - + char *quotedfname; + g_return_if_fail (filename && *filename); - + quotedfname = g_shell_quote(filename); + /* FIXME Will the versioned setting always work? */ CANCEL (complete); txt = _("Shutting down Evolution"); @@ -117,9 +122,10 @@ restore (const char *filename) CANCEL (complete); txt = _("Extracting files from backup"); - command = g_strdup_printf ("cd $HOME && gzip -cd %s| tar xf -", filename); + command = g_strdup_printf ("cd $HOME && gzip -cd %s| tar xf -", quotedfname); s (command); g_free (command); + g_free (quotedfname); CANCEL (complete); txt = _("Loading Evolution settings"); @@ -144,10 +150,12 @@ static void check (const char *filename) { char *command; + char *quotedfname; g_return_if_fail (filename && *filename); - - command = g_strdup_printf ("tar ztf %s | grep -e \"^\\.evolution/$\"", filename); + quotedfname = g_shell_quote(filename); + + command = g_strdup_printf ("tar ztf %s | grep -e \"^\\.evolution/$\"", quotedfname); result = system (command); g_free (command); @@ -155,10 +163,11 @@ check (const char *filename) if (result) exit (result); - command = g_strdup_printf ("tar ztf %s | grep -e \"^\\.evolution/%s$\"", filename, GCONF_DUMP_FILE); + command = g_strdup_printf ("tar ztf %s | grep -e \"^\\.evolution/%s$\"", quotedfname, GCONF_DUMP_FILE); result = system (command); g_free (command); - + g_free (quotedfname); + g_message ("Second result %d", result); } -- cgit v1.2.3