Skip to content

Commit

Permalink
#4252 use whitelist for vfb env
Browse files Browse the repository at this point in the history
  • Loading branch information
totaam committed Jun 16, 2024
1 parent ac0f2c1 commit e1b5660
Show file tree
Hide file tree
Showing 2 changed files with 18 additions and 7 deletions.
15 changes: 11 additions & 4 deletions xpra/util/env.py
Original file line number Diff line number Diff line change
Expand Up @@ -3,10 +3,12 @@
# Xpra is released under the terms of the GNU GPL v2, or, at your option, any
# later version. See the file COPYING for details.

import re
import os
import sys
import warnings
from contextlib import AbstractContextManager, nullcontext
from collections.abc import Sequence
from threading import RLock
from typing import Any

Expand Down Expand Up @@ -248,13 +250,18 @@ def get_saved_env_var(var, default=None):
return _saved_env.get(var, default)


def get_exec_env(remove=("LS_COLORS", "LESSOPEN", "HISTCONTROL", "HISTSIZE", )) -> dict[str, str]:
# let's make things more complicated than they should be:
# on win32, the environment can end up containing unicode, and subprocess chokes on it
def get_exec_env(remove: Sequence[str] = ("LS_COLORS", "LESSOPEN", "HISTCONTROL", "HISTSIZE", ),
keep: Sequence[str] = ()) -> dict[str, str]:
env: dict[str, str] = {}
for k, v in os.environ.items():
if k in remove:
# anything matching `remove` is dropped:
if any(re.match(pattern, k) for pattern in remove):
continue
# if `keep` is empty, then we ignore it, otherwise we require a match:
if keep and not any(re.match(pattern, k) for pattern in keep):
continue
# let's make things more complicated than they should be:
# on win32, the environment can end up containing unicode, and subprocess chokes on it:
try:
env[k] = v.encode("utf8").decode("latin1")
except UnicodeError:
Expand Down
10 changes: 7 additions & 3 deletions xpra/x11/vfb_util.py
Original file line number Diff line number Diff line change
Expand Up @@ -19,7 +19,7 @@
from xpra.common import RESOLUTION_ALIASES, DEFAULT_REFRESH_RATE, get_refresh_rate_for_value
from xpra.scripts.config import InitException, get_Xdummy_confdir, FALSE_OPTIONS
from xpra.util.str_fn import csv
from xpra.util.env import envint, envbool, shellsub, osexpand
from xpra.util.env import envint, envbool, shellsub, osexpand, get_exec_env
from xpra.os_util import getuid, getgid, POSIX, OSX
from xpra.server.util import setuidgid
from xpra.util.io import is_writable, pollwait
Expand Down Expand Up @@ -292,6 +292,10 @@ def pathexpand(s: str) -> str:
if (xvfb_executable.endswith("Xorg") or xvfb_executable.endswith("Xdummy")) and pixel_depth > 0:
xvfb_cmd.append("-depth")
xvfb_cmd.append(str(pixel_depth))
env = get_exec_env(keep=("SHELL", "HOSTNAME", "XMODIFIERS",
"PWD", "HOME", "USERNAME", "LANG", "TERM", "USER",
"XDG_RUNTIME_DIR", "XDG_DATA_DIR", "PATH"))
log(f"xvfb env={env}")
xvfb = None
try:
if use_display_fd:
Expand All @@ -314,7 +318,7 @@ def preexec() -> None:
# pylint: disable=consider-using-with
# pylint: disable=subprocess-popen-preexec-fn
xvfb = Popen(xvfb_cmd, executable=xvfb_executable,
preexec_fn=preexec, cwd=cwd, pass_fds=(w_pipe,))
preexec_fn=preexec, cwd=cwd, env=env, pass_fds=(w_pipe,))
except OSError as e:
log("Popen%s", (xvfb_cmd, xvfb_executable, cwd), exc_info=True)
raise InitException(f"failed to execute xvfb command {xvfb_cmd}: {e}") from None
Expand Down Expand Up @@ -362,7 +366,7 @@ def preexec() -> None:
# pylint: disable=consider-using-with
# pylint: disable=subprocess-popen-preexec-fn
xvfb = Popen(xvfb_cmd, executable=xvfb_executable,
stdin=PIPE, preexec_fn=preexec)
stdin=PIPE, preexec_fn=preexec, env=env)
except Exception:
if xvfb and xvfb.poll() is None:
log.error(" stopping vfb process with pid %i", xvfb.pid)
Expand Down

0 comments on commit e1b5660

Please sign in to comment.