callisto-debian/evolution
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Quote filename during restore to prevent user assisted arbitrary code execution

Browse Source 
Fixes bug 540516.
This commit is contained in:
Tobias Mueller
2009-11-04 00:09:27 +00:00
parent c79efd6590
commit 8cff3c4e4c
1 changed files with 5 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
plugins/backup-restore/backup-restore.c
View File

@ -73,10 +73,14 @@ sanity_check (const gchar *filename)
{
gchar *command;
gint result;
gchar *quotedfname;
command = g_strdup_printf ("%s/evolution-backup --check %s", EVOLUTION_TOOLSDIR, filename);
quotedfname = g_shell_quote(filename);
command = g_strdup_printf ("%s/evolution-backup --check %s", EVOLUTION_TOOLSDIR, quotedfname);
result = system (command);
g_free (command);
g_free (quotedfname);
#ifdef HAVE_SYS_WAIT_H
g_message ("Sanity check result %d:%d %d", WIFEXITED (result), WEXITSTATUS (result), result);