Skip to content

Commit a7401e6

Browse files
smcvalexlarsson
authored andcommitted
dir: Refuse to export .desktop files with suspicious uses of @@ tokens
This is either a malicious/compromised app trying to do an attack, or a mistake that will break handling of %f, %u and so on. Either way, if we refuse to export the .desktop file, resulting in installation failing, then it makes the rejection more obvious than quietly removing the magic tokens. Signed-off-by: Simon McVittie <smcv@collabora.com> (cherry picked from commit 46b3ede)
1 parent eb7946b commit a7401e6

File tree

1 file changed

+5
-1
lines changed

1 file changed

+5
-1
lines changed

Diff for: common/flatpak-dir.c

+5-1
Original file line numberDiff line numberDiff line change
@@ -7140,7 +7140,11 @@ export_desktop_file (const char *app,
71407140
else if (strcasecmp (arg, "%u") == 0)
71417141
g_string_append_printf (new_exec, " @@u %s @@", arg);
71427142
else if (g_str_has_prefix (arg, "@@"))
7143-
g_print (_("Skipping invalid Exec argument %s\n"), arg);
7143+
{
7144+
flatpak_fail_error (error, FLATPAK_ERROR_EXPORT_FAILED,
7145+
_("Invalid Exec argument %s"), arg);
7146+
goto out;
7147+
}
71447148
else
71457149
g_string_append_printf (new_exec, " %s", arg);
71467150
}

0 commit comments

Comments
 (0)