File CVE-2021-21381.patch of Package flatpak.25785
diff -urp flatpak-1.2.3.orig/common/flatpak-dir.c flatpak-1.2.3/common/flatpak-dir.c
--- flatpak-1.2.3.orig/common/flatpak-dir.c 2022-08-25 13:22:25.696516257 -0500
+++ flatpak-1.2.3/common/flatpak-dir.c 2022-08-25 14:22:48.780705399 -0500
@@ -6103,6 +6103,12 @@ export_desktop_file (const char *app,
g_string_append_printf (new_exec, " @@ %s @@", arg);
else if (strcasecmp (arg, "%u") == 0)
g_string_append_printf (new_exec, " @@u %s @@", arg);
+ else if (g_str_has_prefix (arg, "@@"))
+ {
+ flatpak_fail_error (error, FLATPAK_ERROR_EXPORT_FAILED,
+ _("Invalid Exec argument %s"), arg);
+ goto out;
+ }
else
g_string_append_printf (new_exec, " %s", arg);
}