diff options
| author | Tobias Mueller <tobiasmue@gnome.org> | 2009-11-04 08:09:27 +0800 |
|---|---|---|
| committer | Matthew Barnes <mbarnes@redhat.com> | 2010-02-02 07:00:47 +0800 |
| commit | 46d05a49a59009b2db40e810773bd5c12361a569 (patch) | |
| tree | af451885804b23da999bcaf9fbc9fad040aff4d5 | |
| parent | 5b6289c19a9d9bc4bf76e11d337574d5e2a229d9 (diff) | |
| download | gsoc2013-evolution-46d05a49a59009b2db40e810773bd5c12361a569.tar gsoc2013-evolution-46d05a49a59009b2db40e810773bd5c12361a569.tar.gz gsoc2013-evolution-46d05a49a59009b2db40e810773bd5c12361a569.tar.bz2 gsoc2013-evolution-46d05a49a59009b2db40e810773bd5c12361a569.tar.lz gsoc2013-evolution-46d05a49a59009b2db40e810773bd5c12361a569.tar.xz gsoc2013-evolution-46d05a49a59009b2db40e810773bd5c12361a569.tar.zst gsoc2013-evolution-46d05a49a59009b2db40e810773bd5c12361a569.zip | |
Quote filename during restore to prevent user assisted arbitrary code execution
Fixes bug 540516.
| -rw-r--r-- | plugins/backup-restore/backup-restore.c | 6 |
1 files changed, 5 insertions, 1 deletions
diff --git a/plugins/backup-restore/backup-restore.c b/plugins/backup-restore/backup-restore.c index 79221d4573..fe207a17f3 100644 --- a/plugins/backup-restore/backup-restore.c +++ b/plugins/backup-restore/backup-restore.c @@ -74,10 +74,14 @@ sanity_check (const gchar *filename) { gchar *command; gint result; + gchar *quotedfname; - command = g_strdup_printf ("%s/evolution-backup --check %s", EVOLUTION_TOOLSDIR, filename); + quotedfname = g_shell_quote(filename); + + command = g_strdup_printf ("%s/evolution-backup --check %s", EVOLUTION_TOOLSDIR, quotedfname); result = system (command); g_free (command); + g_free (quotedfname); #ifdef HAVE_SYS_WAIT_H g_message ("Sanity check result %d:%d %d", WIFEXITED (result), WEXITSTATUS (result), result); |