diff options
author | Gabriel Corona <gabriel.corona@enst-bretagne.fr> | 2018-03-19 22:09:00 +0100 |
---|---|---|
committer | Rex Dieter <rdieter@gmail.com> | 2018-05-09 14:14:05 -0500 |
commit | ce802d71c3466d1dbb24f2fe9b6db82a1f899bcb (patch) | |
tree | 8169704b740974c7c62f1bf5be18d3468bc4c45e | |
parent | a9bf6d0a3fc771f5c4c1c5a8941e5234dc4f82bf (diff) |
Avoid argument injection vulnerability in open_envvar()
-rw-r--r-- | scripts/xdg-open.in | 10 |
1 files changed, 9 insertions, 1 deletions
diff --git a/scripts/xdg-open.in b/scripts/xdg-open.in index 2972257..021524b 100644 --- a/scripts/xdg-open.in +++ b/scripts/xdg-open.in @@ -351,6 +351,11 @@ open_generic_xdg_x_scheme_handler() fi } +has_single_argument() +{ + test $# = 1 +} + open_envvar() { local oldifs="$IFS" @@ -365,7 +370,10 @@ open_envvar() fi if echo "$browser" | grep -q %s; then - $(printf "$browser" "$1") + # Avoid argument injection. + # See https://bugs.freedesktop.org/show_bug.cgi?id=103807 + # URIs don't have IFS characters spaces anyway. + has_single_argument $1 && $(printf "$browser" "$1") else $browser "$1" fi |