File backintime-cve2017-16667.patch of Package backintime

Overview Repositories Revisions Requests Users Attributes Meta

File backintime-cve2017-16667.patch of Package backintime

From cef81d0da93ff601252607df3db1a48f7f6f01b3 Mon Sep 17 00:00:00 2001
From: Germar Reitze <germar.reitze@gmail.com>
Date: Tue, 7 Nov 2017 21:32:34 +0100
Subject: [PATCH] fix critical bug: shell injection in notify-send (fixes #834)

diff --git a/qt4/plugins/notifyplugin.py b/qt4/plugins/notifyplugin.py
index 1ab063ec..ae019221 100644
--- a/qt4/plugins/notifyplugin.py
+++ b/qt4/plugins/notifyplugin.py
@@ -19,6 +19,7 @@
 import os
 import pluginmanager
 import gettext
+import subprocess
 
 _=gettext.gettext
 
@@ -64,15 +65,15 @@ def on_new_snapshot( self, snapshot_id, snapshot_path ):
 
     def on_message( self, profile_id, profile_name, level, message, timeout ):
         if 1 == level:
-            cmd = "notify-send "
+            cmd = ['notify-send']
             if timeout > 0:
-                cmd = cmd + " -t %s" % (1000 * timeout)
+                cmd.extend(['-t', str(1000 * timeout)])
 
             title = "Back In Time (%s) : %s" % (self.user, profile_name)
             message = message.replace("\n", ' ')
             message = message.replace("\r", '')
 
-            cmd = cmd + " \"%s\" \"%s\"" % (title, message)
-            print(cmd)
-            os.system(cmd)
+            cmd.append(title)
+            cmd.append(message)
+            subprocess.Popen(cmd).communicate()
         return

Places

File backintime-cve2017-16667.patch of Package backintime

Places