[Bf-blender-cvs] [f2df5206987] master: Preferences: disable reading preferences for regular file loading

Thu, 11 Jul 2019 22:07:22 -0700 

Commit: f2df5206987f691f245c929a7d3b9086d2020c66
Author: Campbell Barton
Date:   Fri Jul 12 14:58:37 2019 +1000
Branches: master
https://developer.blender.org/rBf2df5206987f691f245c929a7d3b9086d2020c66

Preferences: disable reading preferences for regular file loading

Although the Auto-Run Python Scripts flag isn't used,
this is still a security risk since exclude paths list is.

Further this isn't what users would expect when loading a file &
only some preferences were being loaded so it's not useful.

===================================================================

M       source/blender/windowmanager/intern/wm_files.c

===================================================================

diff --git a/source/blender/windowmanager/intern/wm_files.c 
b/source/blender/windowmanager/intern/wm_files.c
index ef957fa03c5..d517622645c 100644
--- a/source/blender/windowmanager/intern/wm_files.c
+++ b/source/blender/windowmanager/intern/wm_files.c
@@ -634,7 +634,17 @@ bool WM_file_read(bContext *C, const char *filepath, 
ReportList *reports)
 
     /* confusing this global... */
     G.relbase_valid = 1;
-    retval = BKE_blendfile_read(C, filepath, &(const struct 
BlendFileReadParams){0}, reports);
+    retval = BKE_blendfile_read(
+        C,
+        filepath,
+        /* Loading preferences when the user intended to load a regular file 
is a security risk,
+         * because the excluded path list is also loaded.
+         * Further it's just confusing if a user loads a file and various 
preferences change. */
+        &(const struct BlendFileReadParams){
+            .is_startup = false,
+            .skip_flags = BLO_READ_SKIP_USERDEF,
+        },
+        reports);
 
     /* BKE_file_read sets new Main into context. */
     Main *bmain = CTX_data_main(C);

_______________________________________________
Bf-blender-cvs mailing list
[email protected]
https://lists.blender.org/mailman/listinfo/bf-blender-cvs

Reply via email to