Skip to content

Commit 787a894

Browse files
committed
Fix a possible security issue
- Require manually set flag to run scripts from absolute pathname - Mostly applies to scripts given on the command line
1 parent eba61df commit 787a894

File tree

2 files changed

+18
-3
lines changed

2 files changed

+18
-3
lines changed

Diff for: guide/app_config_ini.tex

+2
Original file line numberDiff line numberDiff line change
@@ -736,6 +736,8 @@ \subsection{\big[scripts\big]}
736736
\begin{tabularx}{\textwidth}{l|l|l|X}\toprule
737737
\emph{ID} & \emph{Type} & \emph{Default} & \emph{Description}\\\midrule
738738
startup\_script & string & startup.ssc & name of script executed on program start\\
739+
flag\_script\_allow\_absolute\_path & bool & false & set true to allow scripts from absolute pathnames.
740+
This may pose a security risk if you run arbitrary scripts.\\
739741
flag\_script\_allow\_write\_absolute\_path & bool & false & set true to let scripts store files to absolute pathnames.
740742
This may pose a security risk if you run scripts from other authors
741743
without checking what they are doing.\\\bottomrule

Diff for: src/scripting/StelScriptMgr.cpp

+16-3
Original file line numberDiff line numberDiff line change
@@ -794,8 +794,10 @@ bool StelScriptMgr::runPreprocessedScript(const QString &preprocessedScript, con
794794
bool StelScriptMgr::runScript(const QString& fileName, const QString& includePath)
795795
{
796796
QString preprocessedScript;
797-
prepareScript(preprocessedScript,fileName,includePath);
798-
return runPreprocessedScript(preprocessedScript,fileName);
797+
if (prepareScript(preprocessedScript,fileName,includePath))
798+
return runPreprocessedScript(preprocessedScript,fileName);
799+
else
800+
return false;
799801
}
800802

801803
bool StelScriptMgr::runScriptDirect(const QString scriptId, const QString &scriptCode, int &errLoc, const QString& includePath)
@@ -820,9 +822,20 @@ bool StelScriptMgr::runScriptDirect(const QString& scriptCode, const QString &in
820822
bool StelScriptMgr::prepareScript( QString &script, const QString &fileName, const QString &includePath)
821823
{
822824
QString absPath;
825+
const bool okToRunScriptFromAbsolutePath=StelApp::getInstance().getSettings()->value("scripts/flag_script_allow_absolute_path", false).toBool();
823826

824827
if (QFileInfo(fileName).isAbsolute())
825-
absPath = fileName;
828+
{
829+
// Absolute paths may bear a security risk. We need a flag to allow them!
830+
if (okToRunScriptFromAbsolutePath)
831+
absPath = fileName;
832+
else
833+
{
834+
qWarning() << "SCRIPTING CONFIGURATION ISSUE: You are trying to run a script from absolute pathname.";
835+
qWarning() << " To enable this, edit config.ini and set [scripts]/flag_script_allow_absolute_path=true";
836+
return false;
837+
}
838+
}
826839
else
827840
absPath = StelFileMgr::findFile("scripts/" + fileName);
828841

0 commit comments

Comments
 (0)