blumia/dde-application-manager
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix: add necessary check before take execArgs

Browse Source 
Signed-off-by: ComixHe <heyuming@deepin.org>
This commit is contained in:
ComixHe 2023-11-06 11:30:54 +08:00 committed by Comix
parent 03deb2c935
commit ff5f2062c3
4 changed files with 32 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

31
src/dbus/applicationservice.cpp
View File

@ -213,8 +213,13 @@ QDBusObjectPath ApplicationService::Launch(const QString &action, const QStringL
optionsMap.insert("_hooks", hooks); optionsMap.insert("_hooks", hooks);
} }
auto cmds = generateCommand(optionsMap); auto cmds = generateCommand(optionsMap);
auto task = unescapeExec(execStr, fields);
if (!task) {
sendErrorReply(QDBusError::InternalError, "Invalid Command.");
return {};
}
auto [bin, execCmds, res] = unescapeExec(execStr, fields); auto [bin, execCmds, res] = std::move(task);
if (bin.isEmpty()) { if (bin.isEmpty()) {
qCritical() << "error command is detected, abort."; qCritical() << "error command is detected, abort.";
sendErrorReply(QDBusError::Failed); sendErrorReply(QDBusError::Failed);
@ -735,12 +740,12 @@ void ApplicationService::resetEntry(DesktopEntry *newEntry) noexcept
emit scaleFactorChanged(); emit scaleFactorChanged();
} }
QStringList ApplicationService::unescapeExecArgs(const QString &str) noexcept std::optional<QStringList> ApplicationService::unescapeExecArgs(const QString &str) noexcept
{ {
auto unescapedStr = unescape(str, true); auto unescapedStr = unescape(str, true);
if (unescapedStr.isEmpty()) { if (unescapedStr.isEmpty()) {
qWarning() << "unescape Exec failed."; qWarning() << "unescape Exec failed.";
return {}; return std::nullopt;
} }
auto deleter = [](wordexp_t *word) { auto deleter = [](wordexp_t *word) {
@ -755,8 +760,7 @@ QStringList ApplicationService::unescapeExecArgs(const QString &str) noexcept
switch (ret) { switch (ret) {
case WRDE_BADCHAR: case WRDE_BADCHAR:
errMessage = "BADCHAR"; errMessage = "BADCHAR";
qWarning() << "wordexp error: " << errMessage; break;
return {};
case WRDE_BADVAL: case WRDE_BADVAL:
errMessage = "BADVAL"; errMessage = "BADVAL";
break; break;
@ -773,7 +777,7 @@ QStringList ApplicationService::unescapeExecArgs(const QString &str) noexcept
errMessage = "unknown"; errMessage = "unknown";
} }
qWarning() << "wordexp error: " << errMessage; qWarning() << "wordexp error: " << errMessage;
return {}; return std::nullopt;
} }
} }
@ -788,9 +792,20 @@ QStringList ApplicationService::unescapeExecArgs(const QString &str) noexcept
LaunchTask ApplicationService::unescapeExec(const QString &str, const QStringList &fields) noexcept LaunchTask ApplicationService::unescapeExec(const QString &str, const QStringList &fields) noexcept
{ {
LaunchTask task; LaunchTask task;
auto execList = unescapeExecArgs(str); auto opt = unescapeExecArgs(str);
task.LaunchBin = execList.first();
if (!opt.has_value()) {
qWarning() << "unescapeExecArgs failed.";
return {};
}
auto execList = std::move(opt).value();
if (execList.isEmpty()) {
qWarning() << "exec format is invalid.";
return {};
}
task.LaunchBin = execList.first();
QRegularExpression re{"%[fFuUickdDnNvm]"}; QRegularExpression re{"%[fFuUickdDnNvm]"};
auto matcher = re.match(str); auto matcher = re.match(str);
if (!matcher.hasMatch()) { if (!matcher.hasMatch()) {

2
src/dbus/applicationservice.h
View File

@ -124,7 +124,7 @@ public:
const QLocale &locale = getUserLocale()) const noexcept; const QLocale &locale = getUserLocale()) const noexcept;
[[nodiscard]] LaunchTask unescapeExec(const QString &str, const QStringList &fields) noexcept; [[nodiscard]] LaunchTask unescapeExec(const QString &str, const QStringList &fields) noexcept;
[[nodiscard]] static QStringList unescapeExecArgs(const QString &str) noexcept; [[nodiscard]] static std::optional<QStringList> unescapeExecArgs(const QString &str) noexcept;
private Q_SLOTS: private Q_SLOTS:
void onGlobalScaleFactorChanged() noexcept; void onGlobalScaleFactorChanged() noexcept;

1
src/dbus/jobmanager1service.h
View File

@ -28,6 +28,7 @@ struct LaunchTask
LaunchTask(LaunchTask &&) = default; LaunchTask(LaunchTask &&) = default;
LaunchTask &operator=(const LaunchTask &) = default; LaunchTask &operator=(const LaunchTask &) = default;
LaunchTask &operator=(LaunchTask &&) = default; LaunchTask &operator=(LaunchTask &&) = default;
explicit operator bool() const { return !LaunchBin.isEmpty() and !command.isEmpty(); }
QString LaunchBin; QString LaunchBin;
QStringList command; QStringList command;
QVariantList Resources; QVariantList Resources;

8
src/dbus/processguesser1service.cpp
View File

@ -74,7 +74,13 @@ QString ProcessGuesser1Service::GuessApplicationId(const QDBusUnixFileDescriptor
continue; continue;
} }
auto execList = ApplicationService::unescapeExecArgs(exec); auto opt = ApplicationService::unescapeExecArgs(exec);
if (!opt) {
sendErrorReply(QDBusError::InternalError);
return {};
}
auto execList = std::move(opt).value();
if (execList.isEmpty()) { if (execList.isEmpty()) {
sendErrorReply(QDBusError::InternalError); sendErrorReply(QDBusError::InternalError);
return {}; return {};