WrapEarnPass created an issue (geany/geany-plugins#1584)
Similar to geany/geany#4611
Plugins use spawn methods without ensuring their commands are shell escaped,
leading to potential shell exploits for maliciously crafted file names.
The following plugins implement some kind of spawn, without referencing a Geany
built-in, meaning they should be invoking ```g_shell_quote``` on their
arguments or commands to limit shell injections.
```
./geanyctags/src/geanyctags.c:static void spawn_cmd(const gchar *cmd, const
gchar *dir)
./geanyctags/src/geanyctags.c: success = spawn_sync(working_dir, NULL, argv,
NULL,
./geanyctags/src/geanyctags.c: success = spawn_sync(working_dir, cmd, NULL,
NULL,
./geanyctags/src/geanyctags.c: spawn_cmd(cmd, base_path);
./lsp/src/lsp-server.c: g_spawn_close_pid(pid);
./lsp/src/lsp-server.c: if (!spawn_kill_process(srv->pid, &error))
./lsp/src/lsp-server.c: success =
lsp_spawn_with_pipes_and_stderr_callback(NULL, cmd->str, NULL,
./lsp/src/spawn/spawn.c:// stolen from Geany, made lsp_spawn_async_with_pipes()
public, removed unneeded stuff
./lsp/src/spawn/spawn.c:static gboolean spawn_parse_argv(const gchar
*command_line, gint *argcp, gchar ***argvp,
./lsp/src/spawn/spawn.c: * See @c spawn_check_command() for details.
./lsp/src/spawn/spawn.c:static gchar *spawn_get_program_name(const gchar
*command_line, GError **error)
./lsp/src/spawn/spawn.c:static gchar *spawn_create_process_with_pipes(wchar_t
*w_command_line, const wchar_t *w_working_directory,
./lsp/src/spawn/spawn.c:static void spawn_append_argument(GString *command,
const char *text)
./lsp/src/spawn/spawn.c: * This is the low-level spawning function. Please use
@c spawn_with_callbacks() unless
./lsp/src/spawn/spawn.c: * If a @a child_pid is passed, it's your
responsibility to invoke @c g_spawn_close_pid().
./lsp/src/spawn/spawn.c:static gboolean spawn_async_with_pipes(const gchar
*working_directory, const gchar *command_line,
./lsp/src/spawn/spawn.c: gchar *program =
spawn_get_program_name(command_line, error);
./lsp/src/spawn/spawn.c: spawn_append_argument(command, *argv++);
./lsp/src/spawn/spawn.c: g_message("full spawn command line: %s",
command->str);
./lsp/src/spawn/spawn.c: failure =
spawn_create_process_with_pipes(w_command, w_working_directory,
./lsp/src/spawn/spawn.c: gboolean spawned;
./lsp/src/spawn/spawn.c: if (!spawn_parse_argv(command_line,
&cl_argc, &cl_argv, error))
./lsp/src/spawn/spawn.c: spawned =
g_spawn_async_with_pipes(working_directory, full_argv, envp,
./lsp/src/spawn/spawn.c: if (!spawned)
./lsp/src/spawn/spawn.c: return spawned;
./lsp/src/spawn/spawn.c:static void spawn_destroy_common(SpawnChannelData *sc)
./lsp/src/spawn/spawn.c:static void spawn_timeout_destroy_cb(gpointer data)
./lsp/src/spawn/spawn.c: spawn_destroy_common(sc);
./lsp/src/spawn/spawn.c:static void spawn_destroy_cb(gpointer data)
./lsp/src/spawn/spawn.c: spawn_destroy_common(sc);
./lsp/src/spawn/spawn.c:static gboolean spawn_read_cb(GIOChannel *channel,
GIOCondition condition, gpointer data);
./lsp/src/spawn/spawn.c:static gboolean spawn_timeout_read_cb(gpointer data)
./lsp/src/spawn/spawn.c: return spawn_read_cb(sc->channel, G_IO_IN,
data);
./lsp/src/spawn/spawn.c:static gboolean spawn_read_cb(GIOChannel *channel,
GIOCondition condition, gpointer data)
./lsp/src/spawn/spawn.c:// geany_debug("Switching spawn
source %s ((GSource*)%p on (GIOChannel*)%p) to a timeout source",
./lsp/src/spawn/spawn.c:
g_source_set_callback(new_source, spawn_timeout_read_cb, data,
spawn_timeout_destroy_cb);
./lsp/src/spawn/spawn.c:static void spawn_finalize(SpawnWatcherData *sw)
./lsp/src/spawn/spawn.c: g_spawn_close_pid(sw->pid);
./lsp/src/spawn/spawn.c:static gboolean spawn_timeout_watch_cb(gpointer data)
./lsp/src/spawn/spawn.c: spawn_finalize(sw);
./lsp/src/spawn/spawn.c:static void spawn_watch_cb(GPid pid, gint status,
gpointer data)
./lsp/src/spawn/spawn.c: g_source_set_callback(source,
spawn_timeout_watch_cb, data, NULL);
./lsp/src/spawn/spawn.c: spawn_finalize(sw);
./lsp/src/spawn/spawn.c:gboolean lsp_spawn_with_pipes_and_stderr_callback(const
gchar *working_directory, const gchar *command_line,
./lsp/src/spawn/spawn.c: if (spawn_async_with_pipes(working_directory,
command_line, argv, envp, &pid,
./lsp/src/spawn/spawn.c: callback = spawn_read_cb;
./lsp/src/spawn/spawn.c: g_source_set_callback(source,
(GSourceFunc) (void(*)(void)) callback, sc, spawn_destroy_cb);
./lsp/src/spawn/spawn.c: g_source_set_callback(source,
(GSourceFunc) (void(*)(void)) (GChildWatchFunc) spawn_watch_cb, sw, NULL);
./treebrowser/src/treebrowser.c: if (! spawn_async(dir, locale_cmd,
NULL, NULL, NULL, &error))
./treebrowser/src/treebrowser.c: spawn_async(cwd, CONFIG_OPEN_TERMINAL,
NULL, NULL, NULL, NULL);
./geanydoc/src/geanydoc.c: g_spawn_command_line_sync(command,
&tmp, NULL, NULL, NULL);
./geanydoc/src/geanydoc.c: g_spawn_command_line_async(command,
NULL);
./sendmail/src/sendmail.c:
g_spawn_command_line_async(command, &error);
./geanyvc/src/geanyvc.c: utils_spawn_sync(dir,
cur->data, (gchar **) env,
./geanyvc/src/geanyvc.c: utils_spawn_sync(dir,
cur->data, (gchar **) env,
./geanyvc/src/geanyvc.c: g_warning("geanyvc:
s_spawn_sync error: %s", error->message);
./geanyvc/src/geanyvc.c: ui_set_statusbar(FALSE,
_("geanyvc: s_spawn_sync error: %s"),
./geanyvc/src/externdiff.c: g_spawn_sync(NULL, argv, NULL,
./scope/src/debug.c: gboolean result = spawn_write_data(channel, condition,
&data);
./scope/src/debug.c:#define GDB_BUFFER_SIZE ((1 << 20) - 1) /* spawn adds 1
for '\0' */
./scope/src/debug.c: if (spawn_with_callbacks(NULL, NULL, args, NULL,
GDB_SPAWN_FLAGS, obtain_send_channel_cb,
./scope/src/debug.c: if (!spawn_kill_process(gdb_pid,
&gerror))
./scope/src/debug.c: spawn_kill_process(gdb_pid, NULL);
./geanylua/glspi_app.c: rv=g_spawn_async(NULL, argv, NULL, G_SPAWN_SEARCH_PATH,
NULL, NULL, NULL, &err);
./projectorganizer/src/prjorg-sidebar.c: if (!spawn_async(dir, cmd,
NULL, NULL, NULL, NULL))
./debugger/src/dbm_gdb.c:/* GDB spawn flags */
./debugger/src/dbm_gdb.c: g_spawn_close_pid(pid);
./debugger/src/dbm_gdb.c: /* spawn GDB */
./debugger/src/dbm_gdb.c: if
(!g_spawn_async_with_pipes(working_directory, (gchar**)gdb_args, gdb_env,
./debugger/src/dbm_gdb.c: dbg_cbs->report_error(_("Failed to
spawn gdb process"));
```
as of geany/geany-plugins@a13016056de1bef5945c3cff6fcf75c8d7b273a7 no plugins
invoke g_shell_quote.
```
geany-plugins$ git log | head -n1 && grep -IR g_shell_quote||echo 'No Results'
commit a13016056de1bef5945c3cff6fcf75c8d7b273a7
No Results
```
--
Reply to this email directly or view it on GitHub:
https://github.com/geany/geany-plugins/issues/1584
You are receiving this because you are subscribed to this thread.
Message ID: <geany/geany-plugins/issues/[email protected]>