From 3aa04324252afc0480ff3dfd4d8eaee0345bb757 Mon Sep 17 00:00:00 2001 From: wmayer Date: Thu, 3 Oct 2019 02:37:25 +0200 Subject: [PATCH] fix further file names vulnerabilities in modules --- src/Mod/Drawing/Gui/Command.cpp | 7 ++++++- src/Mod/Import/Gui/Command.cpp | 4 ++++ src/Mod/Raytracing/Gui/Command.cpp | 2 ++ 3 files changed, 12 insertions(+), 1 deletion(-) diff --git a/src/Mod/Drawing/Gui/Command.cpp b/src/Mod/Drawing/Gui/Command.cpp index 140cea10e1..ab4351cfa3 100644 --- a/src/Mod/Drawing/Gui/Command.cpp +++ b/src/Mod/Drawing/Gui/Command.cpp @@ -22,6 +22,7 @@ #include +#include #include #include @@ -72,6 +73,7 @@ void CmdDrawingOpen::activated(int iMsg) QString::fromLatin1("%1 (*.svg *.svgz)").arg(QObject::tr("Scalable Vector Graphic"))); if (!filename.isEmpty()) { + filename = Base::Tools::escapeEncodeFilename(filename); // load the file with the module Command::doCommand(Command::Gui, "import Drawing, DrawingGui"); #if PY_MAJOR_VERSION < 3 @@ -108,9 +110,10 @@ void CmdDrawingNewPage::activated(int iMsg) QFileInfo tfi(a->property("Template").toString()); if (tfi.isReadable()) { + QString filename = Base::Tools::escapeEncodeFilename(tfi.filePath()); openCommand("Create page"); doCommand(Doc,"App.activeDocument().addObject('Drawing::FeaturePage','%s')",FeatName.c_str()); - doCommand(Doc,"App.activeDocument().%s.Template = '%s'",FeatName.c_str(), (const char*)tfi.filePath().toUtf8()); + doCommand(Doc,"App.activeDocument().%s.Template = '%s'",FeatName.c_str(), (const char*)filename.toUtf8()); doCommand(Doc,"App.activeDocument().recompute()"); doCommand(Doc,"Gui.activeDocument().getObject('%s').show()",FeatName.c_str()); commitCommand(); @@ -595,6 +598,7 @@ void CmdDrawingSymbol::activated(int iMsg) { std::string PageName = pages.front()->getNameInDocument(); std::string FeatName = getUniqueObjectName("Symbol"); + filename = Base::Tools::escapeEncodeFilename(filename); openCommand("Create Symbol"); doCommand(Doc,"import Drawing"); #if PY_MAJOR_VERSION < 3 @@ -657,6 +661,7 @@ void CmdDrawingExportPage::activated(int iMsg) doCommand(Doc,"PageFile = open(App.activeDocument().%s.PageResult,'r')",Sel[0].FeatName); std::string fname = (const char*)fn.toUtf8(); + fname = Base::Tools::escapeEncodeFilename(fname); #if PY_MAJOR_VERSION < 3 doCommand(Doc,"OutFile = open(unicode(\"%s\",'utf-8'),'w')",fname.c_str()); #else diff --git a/src/Mod/Import/Gui/Command.cpp b/src/Mod/Import/Gui/Command.cpp index 807f050ae8..f835746d9a 100644 --- a/src/Mod/Import/Gui/Command.cpp +++ b/src/Mod/Import/Gui/Command.cpp @@ -26,6 +26,7 @@ #endif #include +#include #include #include #include @@ -63,6 +64,7 @@ void FCCmdImportReadBREP::activated(int iMsg) return; } + fn = Base::Tools::escapeEncodeFilename(fn); doCommand(Doc,"TopoShape = Import.ReadBREP(\"%s\")",(const char*)fn.toUtf8()); commitCommand(); } @@ -97,6 +99,7 @@ void ImportStep::activated(int iMsg) if (!fn.isEmpty()) { openCommand("Part ImportSTEP Create"); doCommand(Doc,"f = App.document().addObject(\"ImportStep\",\"ImportStep\")"); + fn = Base::Tools::escapeEncodeFilename(fn); doCommand(Doc,"f.FileName = \"%s\"",(const char*)fn.toUtf8()); commitCommand(); updateActive(); @@ -136,6 +139,7 @@ void ImportIges::activated(int iMsg) if (!fn.isEmpty()) { openCommand("ImportIGES Create"); doCommand(Doc,"f = App.document().addObject(\"ImportIges\",\"ImportIges\")"); + fn = Base::Tools::escapeEncodeFilename(fn); doCommand(Doc,"f.FileName = \"%s\"",(const char*)fn.toUtf8()); commitCommand(); updateActive(); diff --git a/src/Mod/Raytracing/Gui/Command.cpp b/src/Mod/Raytracing/Gui/Command.cpp index 8898dbdb51..3bc2053c62 100644 --- a/src/Mod/Raytracing/Gui/Command.cpp +++ b/src/Mod/Raytracing/Gui/Command.cpp @@ -252,6 +252,7 @@ void CmdRaytracingWriteView::activated(int) if (fn.isEmpty()) return; std::string cFullName = (const char*)fn.toUtf8(); + cFullName = strToPython(cFullName); // get all objects of the active document @@ -556,6 +557,7 @@ void CmdRaytracingExportProject::activated(int) doCommand(Doc,"PageFile = open(App.activeDocument().%s.PageResult,'r')",Sel[0].FeatName); std::string fname = (const char*)fn.toUtf8(); + fname = strToPython(fname); #if PY_MAJOR_VERSION < 3 doCommand(Doc,"OutFile = open(unicode('%s','utf-8'),'w')",fname.c_str()); #else