File inkscape-relative-filename.patch of Package inkscape
From: Michael Karcher <debian@mkarcher.dialup.fu-berlin.de>
Date: Sat, 29 Dec 2012 17:33:33 +0100
Subject: Fix LP: #911146 relative filename vulnerability
Ensures that filenames passed to extensions are made absolute before
changing the current working directory.
---
src/extension/implementation/script.cpp | 9 ++++++++-
1 file changed, 8 insertions(+), 1 deletion(-)
diff --git a/src/extension/implementation/script.cpp b/src/extension/implementation/script.cpp
index b78fbda..02c3aeb 100644
--- a/src/extension/implementation/script.cpp
+++ b/src/extension/implementation/script.cpp
@@ -954,7 +954,14 @@ int Script::execute (const std::list<std::string> &in_command,
// assemble the rest of argv
std::copy(in_params.begin(), in_params.end(), std::back_inserter(argv));
if (!filein.empty()) {
- argv.push_back(filein);
+ if(Glib::path_is_absolute(filein))
+ argv.push_back(filein);
+ else {
+ std::vector<std::string> buildargs;
+ buildargs.push_back(Glib::get_current_dir());
+ buildargs.push_back(filein);
+ argv.push_back(Glib::build_filename(buildargs));
+ }
}
int stdout_pipe, stderr_pipe;
-- 1.7.10.4