blumia/dde-application-manager
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix: add necessary check before take execArgs

Browse Source 
Signed-off-by: ComixHe <heyuming@deepin.org>
This commit is contained in:
ComixHe 2023-11-06 11:30:54 +08:00 committed by Comix
parent 03deb2c935
commit ff5f2062c3
4 changed files with 32 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

31
src/dbus/applicationservice.cpp
View File

@ -213,8 +213,13 @@ QDBusObjectPath ApplicationService::Launch(const QString &action, const QStringL
optionsMap.insert("_hooks", hooks);
}
auto cmds = generateCommand(optionsMap);
auto task = unescapeExec(execStr, fields);
if (!task) {
sendErrorReply(QDBusError::InternalError, "Invalid Command.");
return {};
}
auto [bin, execCmds, res] = unescapeExec(execStr, fields);
auto [bin, execCmds, res] = std::move(task);
if (bin.isEmpty()) {
qCritical() << "error command is detected, abort.";
sendErrorReply(QDBusError::Failed);
@ -735,12 +740,12 @@ void ApplicationService::resetEntry(DesktopEntry *newEntry) noexcept
emit scaleFactorChanged();
}
QStringList ApplicationService::unescapeExecArgs(const QString &str) noexcept
std::optional<QStringList> ApplicationService::unescapeExecArgs(const QString &str) noexcept
{
auto unescapedStr = unescape(str, true);
if (unescapedStr.isEmpty()) {
qWarning() << "unescape Exec failed.";
return {};
return std::nullopt;
}
auto deleter = [](wordexp_t *word) {
@ -755,8 +760,7 @@ QStringList ApplicationService::unescapeExecArgs(const QString &str) noexcept
switch (ret) {
case WRDE_BADCHAR:
errMessage = "BADCHAR";
qWarning() << "wordexp error: " << errMessage;
return {};
break;
case WRDE_BADVAL:
errMessage = "BADVAL";
break;
@ -773,7 +777,7 @@ QStringList ApplicationService::unescapeExecArgs(const QString &str) noexcept
errMessage = "unknown";
}
qWarning() << "wordexp error: " << errMessage;
return {};
return std::nullopt;
}
}
@ -788,9 +792,20 @@ QStringList ApplicationService::unescapeExecArgs(const QString &str) noexcept
LaunchTask ApplicationService::unescapeExec(const QString &str, const QStringList &fields) noexcept
{
LaunchTask task;
auto execList = unescapeExecArgs(str);
task.LaunchBin = execList.first();
auto opt = unescapeExecArgs(str);
if (!opt.has_value()) {
qWarning() << "unescapeExecArgs failed.";
return {};
}
auto execList = std::move(opt).value();
if (execList.isEmpty()) {
qWarning() << "exec format is invalid.";
return {};
}
task.LaunchBin = execList.first();
QRegularExpression re{"%[fFuUickdDnNvm]"};
auto matcher = re.match(str);
if (!matcher.hasMatch()) {

2
src/dbus/applicationservice.h
View File

@ -124,7 +124,7 @@ public:
const QLocale &locale = getUserLocale()) const noexcept;
[[nodiscard]] LaunchTask unescapeExec(const QString &str, const QStringList &fields) noexcept;
[[nodiscard]] static QStringList unescapeExecArgs(const QString &str) noexcept;
[[nodiscard]] static std::optional<QStringList> unescapeExecArgs(const QString &str) noexcept;
private Q_SLOTS:
void onGlobalScaleFactorChanged() noexcept;

1
src/dbus/jobmanager1service.h
View File

@ -28,6 +28,7 @@ struct LaunchTask
LaunchTask(LaunchTask &&) = default;
LaunchTask &operator=(const LaunchTask &) = default;
LaunchTask &operator=(LaunchTask &&) = default;
explicit operator bool() const { return !LaunchBin.isEmpty() and !command.isEmpty(); }
QString LaunchBin;
QStringList command;
QVariantList Resources;

8
src/dbus/processguesser1service.cpp
View File

@ -74,7 +74,13 @@ QString ProcessGuesser1Service::GuessApplicationId(const QDBusUnixFileDescriptor
continue;
}
auto execList = ApplicationService::unescapeExecArgs(exec);
auto opt = ApplicationService::unescapeExecArgs(exec);
if (!opt) {
sendErrorReply(QDBusError::InternalError);
return {};
}
auto execList = std::move(opt).value();
if (execList.isEmpty()) {
sendErrorReply(QDBusError::InternalError);
return {};