[Bug 1825396] Re: "Open in Terminal" returns "Text ended before matching quote was found for '"
This bug was fixed in the package gnome-shell-extension-desktop-icons - 19.01.3-1~ubuntu19.04.1 --- gnome-shell-extension-desktop-icons (19.01.3-1~ubuntu19.04.1) disco; urgency=medium * Backport new upstream release from eoan to disco (LP: #1829244) - Fixes insecure commandline construction problem (LP: #1825396) gnome-shell-extension-desktop-icons (19.01.3-1) experimental; urgency=medium * New upstream release * Drop all patches, since they are included upstream -- Iain Lane Wed, 15 May 2019 15:13:51 +0100 ** Changed in: gnome-shell-extension-desktop-icons (Ubuntu Disco) Status: Fix Committed => Fix Released -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1825396 Title: "Open in Terminal" returns "Text ended before matching quote was found for '" To manage notifications about this bug go to: https://bugs.launchpad.net/gnome-shell-extension-desktop-icons/+bug/1825396/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1825396] Re: "Open in Terminal" returns "Text ended before matching quote was found for '"
** Changed in: gnome-shell-extension-desktop-icons (Ubuntu Disco) Importance: Undecided => High -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1825396 Title: "Open in Terminal" returns "Text ended before matching quote was found for '" To manage notifications about this bug go to: https://bugs.launchpad.net/gnome-shell-extension-desktop-icons/+bug/1825396/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1825396] Re: "Open in Terminal" returns "Text ended before matching quote was found for '"
I tested version 19.01.3-1~ubuntu19.04.1 (from -proposed) on a fully updated 19.04, and can no longer reproduce this issue: The terminal window opens - as expected - in directory ~/Desktop/aaa'bbb/. Injecting commands as discussed in comment 2 appears to be no longer possible. ** Tags removed: verification-needed verification-needed-disco ** Tags added: verification-done verification-done-disco -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1825396 Title: "Open in Terminal" returns "Text ended before matching quote was found for '" To manage notifications about this bug go to: https://bugs.launchpad.net/gnome-shell-extension-desktop-icons/+bug/1825396/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1825396] Re: "Open in Terminal" returns "Text ended before matching quote was found for '"
Hello Tom, or anyone else affected, Accepted gnome-shell-extension-desktop-icons into disco-proposed. The package will build now and be available at https://launchpad.net/ubuntu/+source/gnome-shell-extension-desktop- icons/19.01.3-1~ubuntu19.04.1 in a few hours, and then in the -proposed repository. Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how to enable and use -proposed. Your feedback will aid us getting this update out to other Ubuntu users. If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested and change the tag from verification-needed-disco to verification-done-disco. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-failed-disco. In either case, without details of your testing we will not be able to proceed. Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance for helping! N.B. The updated package will be released to -updates after the bug(s) fixed by this package have been verified and the package has been in -proposed for a minimum of 7 days. ** Changed in: gnome-shell-extension-desktop-icons (Ubuntu Disco) Status: In Progress => Fix Committed ** Tags added: verification-needed verification-needed-disco -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1825396 Title: "Open in Terminal" returns "Text ended before matching quote was found for '" To manage notifications about this bug go to: https://bugs.launchpad.net/gnome-shell-extension-desktop-icons/+bug/1825396/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1825396] Re: "Open in Terminal" returns "Text ended before matching quote was found for '"
OK got it in eoan, will update disco now (might take some time to be processed). ** Description changed: + [ Description ] + Attempting to open a Desktop folder named "aaa'bbb" (without double quotes) using the "Open in Terminal" option from the context menu produces a notification message stating: - Execution of "x-terminal-emulator --working-directory=/home/... + Execution of "x-terminal-emulator --working-directory=/home/... Text ended before matching quote was found for '. (The text was "x-terminal-emulator --working-directory=/home/x/Desktop/aaa'bbb") This suggests improper escaping (possible security impact with command injection). + + [ QA ] Steps to reproduce: 1. On the Ubuntu 19.04.0 amd64 Desktop, right-click, and select "New folder" 2. Enter the following folder name and press Enter: aaa'bbb 3. Right-click on the newly created folder icon 4. Select "Open in Terminal" 5. The above notification pops up, no terminal window opens. The expected outcome would be: 5. A terminal window opens in directory ~/Desktop/aaa'bbb + + [ Regression potential ] + + See bug #1829244 + + [ ... ] ProblemType: Bug DistroRelease: Ubuntu 19.04 Package: gnome-shell-extension-desktop-icons 19.01.1-1 ProcVersionSignature: Ubuntu 5.0.0-13.14-generic 5.0.6 Uname: Linux 5.0.0-13-generic x86_64 ApportVersion: 2.20.10-0ubuntu27 Architecture: amd64 CurrentDesktop: ubuntu:GNOME Date: Thu Apr 18 18:40:28 2019 InstallationDate: Installed on 2019-04-14 (4 days ago) InstallationMedia: Ubuntu 19.04 "Disco Dingo" - Alpha amd64 (20190413.2) PackageArchitecture: all SourcePackage: gnome-shell-extension-desktop-icons UpgradeStatus: No upgrade log present (probably fresh install) ** Also affects: gnome-shell-extension-desktop-icons (Ubuntu Disco) Importance: Undecided Status: New ** Changed in: gnome-shell-extension-desktop-icons (Ubuntu) Status: Confirmed => Fix Released ** Changed in: gnome-shell-extension-desktop-icons (Ubuntu Disco) Status: New => In Progress ** Changed in: gnome-shell-extension-desktop-icons (Ubuntu Disco) Assignee: (unassigned) => Iain Lane (laney) -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1825396 Title: "Open in Terminal" returns "Text ended before matching quote was found for '" To manage notifications about this bug go to: https://bugs.launchpad.net/gnome-shell-extension-desktop-icons/+bug/1825396/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1825396] Re: "Open in Terminal" returns "Text ended before matching quote was found for '"
I've pinged upstream, expecting a release soon which I will try to SRU. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1825396 Title: "Open in Terminal" returns "Text ended before matching quote was found for '" To manage notifications about this bug go to: https://bugs.launchpad.net/gnome-shell-extension-desktop-icons/+bug/1825396/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1825396] Re: "Open in Terminal" returns "Text ended before matching quote was found for '"
** Changed in: gnome-shell-extension-desktop-icons Status: New => Fix Released -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1825396 Title: "Open in Terminal" returns "Text ended before matching quote was found for '" To manage notifications about this bug go to: https://bugs.launchpad.net/gnome-shell-extension-desktop-icons/+bug/1825396/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1825396] Re: "Open in Terminal" returns "Text ended before matching quote was found for '"
Upstream bug: https://gitlab.gnome.org/World/ShellExtensions/desktop- icons/issues/111 -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1825396 Title: "Open in Terminal" returns "Text ended before matching quote was found for '" To manage notifications about this bug go to: https://bugs.launchpad.net/gnome-shell-extension-desktop-icons/+bug/1825396/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1825396] Re: "Open in Terminal" returns "Text ended before matching quote was found for '"
** Changed in: gnome-shell-extension-desktop-icons Status: Unknown => New -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1825396 Title: "Open in Terminal" returns "Text ended before matching quote was found for '" To manage notifications about this bug go to: https://bugs.launchpad.net/gnome-shell-extension-desktop-icons/+bug/1825396/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1825396] Re: "Open in Terminal" returns "Text ended before matching quote was found for '"
Iain, could you have a look to this one? ** Changed in: gnome-shell-extension-desktop-icons (Ubuntu) Importance: Undecided => High ** Changed in: gnome-shell-extension-desktop-icons (Ubuntu) Assignee: (unassigned) => Iain Lane (laney) -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1825396 Title: "Open in Terminal" returns "Text ended before matching quote was found for '" To manage notifications about this bug go to: https://bugs.launchpad.net/gnome-shell-extension-desktop-icons/+bug/1825396/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1825396] Re: "Open in Terminal" returns "Text ended before matching quote was found for '"
** Bug watch added: gitlab.gnome.org/World/ShellExtensions/desktop-icons/issues #111 https://gitlab.gnome.org/World/ShellExtensions/desktop-icons/issues/111 ** Also affects: gnome-shell-extension-desktop-icons via https://gitlab.gnome.org/World/ShellExtensions/desktop-icons/issues/111 Importance: Unknown Status: Unknown -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1825396 Title: "Open in Terminal" returns "Text ended before matching quote was found for '" To manage notifications about this bug go to: https://bugs.launchpad.net/gnome-shell-extension-desktop-icons/+bug/1825396/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1825396] Re: "Open in Terminal" returns "Text ended before matching quote was found for '"
As discussed on IRC, command injection is actually possible here. ** Changed in: gnome-shell-extension-desktop-icons (Ubuntu) Status: New => Confirmed -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1825396 Title: "Open in Terminal" returns "Text ended before matching quote was found for '" To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/gnome-shell-extension-desktop-icons/+bug/1825396/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1825396] Re: "Open in Terminal" returns "Text ended before matching quote was found for '"
** Information type changed from Public to Public Security -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1825396 Title: "Open in Terminal" returns "Text ended before matching quote was found for '" To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/gnome-shell-extension-desktop-icons/+bug/1825396/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1825396] Re: "Open in Terminal" returns "Text ended before matching quote was found for '"
Marking this as security since the following directory name proves command execution is possible: aaa -e bash -c 'firefox' -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1825396 Title: "Open in Terminal" returns "Text ended before matching quote was found for '" To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/gnome-shell-extension-desktop-icons/+bug/1825396/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
