diff options
| author | markt <markt> | 2007-07-03 22:57:05 (GMT) |
|---|---|---|
| committer | markt <markt> | 2007-07-03 22:57:05 (GMT) |
| commit | d667fcc887fa997bed7c54f1ef24ac9a363d2ace (patch) | |
| tree | 973a400f99da1203633b143962d3bbd1fa15cee3 | |
| parent | 8f6434efa67b2f11548c9862aaa0d29488645500 (diff) | |
| download | fluxbox-d667fcc887fa997bed7c54f1ef24ac9a363d2ace.zip fluxbox-d667fcc887fa997bed7c54f1ef24ac9a363d2ace.tar.bz2 | |
some security fixes for fluxbox-remote, and some minor changes for the gvim fix
| -rw-r--r-- | src/CommandParser.cc | 9 | ||||
| -rw-r--r-- | src/CommandParser.hh | 7 | ||||
| -rw-r--r-- | src/FbCommandFactory.cc | 19 | ||||
| -rw-r--r-- | src/FbCommandFactory.hh | 2 | ||||
| -rw-r--r-- | src/Screen.cc | 7 | ||||
| -rw-r--r-- | src/Screen.hh | 2 | ||||
| -rw-r--r-- | src/Window.cc | 19 | ||||
| -rw-r--r-- | util/fluxbox-remote.cc | 2 |
8 files changed, 39 insertions, 28 deletions
diff --git a/src/CommandParser.cc b/src/CommandParser.cc index 95630d0..a1e52e5 100644 --- a/src/CommandParser.cc +++ b/src/CommandParser.cc | |||
| @@ -62,7 +62,7 @@ CommandParser &CommandParser::instance() { | |||
| 62 | return *s_singleton; | 62 | return *s_singleton; |
| 63 | } | 63 | } |
| 64 | 64 | ||
| 65 | FbTk::Command *CommandParser::parseLine(const std::string &line) { | 65 | FbTk::Command *CommandParser::parseLine(const std::string &line, bool trusted) { |
| 66 | 66 | ||
| 67 | // parse arguments and command | 67 | // parse arguments and command |
| 68 | string command = line; | 68 | string command = line; |
| @@ -83,13 +83,14 @@ FbTk::Command *CommandParser::parseLine(const std::string &line) { | |||
| 83 | // we didn't find any matching command in default commands, | 83 | // we didn't find any matching command in default commands, |
| 84 | // so we search in the command creators modules for a | 84 | // so we search in the command creators modules for a |
| 85 | // matching command string | 85 | // matching command string |
| 86 | return toCommand(command, arguments); | 86 | return toCommand(command, arguments, trusted); |
| 87 | 87 | ||
| 88 | } | 88 | } |
| 89 | 89 | ||
| 90 | FbTk::Command *CommandParser::toCommand(const std::string &command_str, const std::string &arguments) { | 90 | FbTk::Command *CommandParser::toCommand(const std::string &command_str, |
| 91 | const std::string &arguments, bool trusted) { | ||
| 91 | if (m_commandfactorys[command_str] != 0) | 92 | if (m_commandfactorys[command_str] != 0) |
| 92 | return m_commandfactorys[command_str]->stringToCommand(command_str, arguments); | 93 | return m_commandfactorys[command_str]->stringToCommand(command_str, arguments, trusted); |
| 93 | 94 | ||
| 94 | return 0; | 95 | return 0; |
| 95 | } | 96 | } |
diff --git a/src/CommandParser.hh b/src/CommandParser.hh index 5501345..1bc3094 100644 --- a/src/CommandParser.hh +++ b/src/CommandParser.hh | |||
| @@ -41,7 +41,8 @@ public: | |||
| 41 | CommandFactory(); | 41 | CommandFactory(); |
| 42 | virtual ~CommandFactory(); | 42 | virtual ~CommandFactory(); |
| 43 | virtual FbTk::Command *stringToCommand(const std::string &command, | 43 | virtual FbTk::Command *stringToCommand(const std::string &command, |
| 44 | const std::string &arguments) = 0; | 44 | const std::string &arguments, |
| 45 | bool trusted) = 0; | ||
| 45 | protected: | 46 | protected: |
| 46 | void addCommand(const std::string &value); | 47 | void addCommand(const std::string &value); |
| 47 | }; | 48 | }; |
| @@ -52,7 +53,7 @@ public: | |||
| 52 | typedef std::map<std::string, CommandFactory *> CommandFactoryMap; | 53 | typedef std::map<std::string, CommandFactory *> CommandFactoryMap; |
| 53 | 54 | ||
| 54 | /// @return parses and returns a command matching the line | 55 | /// @return parses and returns a command matching the line |
| 55 | FbTk::Command *parseLine(const std::string &line); | 56 | FbTk::Command *parseLine(const std::string &line, bool trusted = true); |
| 56 | 57 | ||
| 57 | CommandParser(); | 58 | CommandParser(); |
| 58 | 59 | ||
| @@ -70,7 +71,7 @@ private: | |||
| 70 | 71 | ||
| 71 | /// search for a command in our command factory map | 72 | /// search for a command in our command factory map |
| 72 | FbTk::Command *toCommand(const std::string &command, | 73 | FbTk::Command *toCommand(const std::string &command, |
| 73 | const std::string &arguments); | 74 | const std::string &arguments, bool trusted); |
| 74 | 75 | ||
| 75 | CommandFactoryMap m_commandfactorys; ///< a string to factory map | 76 | CommandFactoryMap m_commandfactorys; ///< a string to factory map |
| 76 | 77 | ||
diff --git a/src/FbCommandFactory.cc b/src/FbCommandFactory.cc index 2e19700..bf008ad 100644 --- a/src/FbCommandFactory.cc +++ b/src/FbCommandFactory.cc | |||
| @@ -201,12 +201,12 @@ FbCommandFactory::FbCommandFactory() { | |||
| 201 | } | 201 | } |
| 202 | 202 | ||
| 203 | FbTk::Command *FbCommandFactory::stringToCommand(const std::string &command, | 203 | FbTk::Command *FbCommandFactory::stringToCommand(const std::string &command, |
| 204 | const std::string &arguments) { | 204 | const std::string &arguments, bool trusted) { |
| 205 | using namespace FbCommands; | 205 | using namespace FbCommands; |
| 206 | // | 206 | // |
| 207 | // WM commands | 207 | // WM commands |
| 208 | // | 208 | // |
| 209 | if (command == "restart") | 209 | if (command == "restart" && trusted) |
| 210 | return new RestartFluxboxCmd(arguments); | 210 | return new RestartFluxboxCmd(arguments); |
| 211 | else if (command == "reconfigure" || command == "reconfig") | 211 | else if (command == "reconfigure" || command == "reconfig") |
| 212 | return new ReconfigureFluxboxCmd(); | 212 | return new ReconfigureFluxboxCmd(); |
| @@ -218,11 +218,12 @@ FbTk::Command *FbCommandFactory::stringToCommand(const std::string &command, | |||
| 218 | return new KeyModeCmd(arguments); | 218 | return new KeyModeCmd(arguments); |
| 219 | else if (command == "saverc") | 219 | else if (command == "saverc") |
| 220 | return new SaveResources(); | 220 | return new SaveResources(); |
| 221 | else if (command == "execcommand" || command == "execute" || command == "exec") | 221 | else if (command == "execcommand" || command == "execute" || command == "exec") { |
| 222 | if (!trusted) return 0; | ||
| 222 | return new ExecuteCmd(arguments); // execute command on key screen | 223 | return new ExecuteCmd(arguments); // execute command on key screen |
| 223 | else if (command == "exit" || command == "quit") | 224 | } else if (command == "exit" || command == "quit") |
| 224 | return new ExitFluxboxCmd(); | 225 | return new ExitFluxboxCmd(); |
| 225 | else if (command == "setenv" || command == "export") { | 226 | else if ((command == "setenv" || command == "export") && trusted) { |
| 226 | 227 | ||
| 227 | string name = arguments; | 228 | string name = arguments; |
| 228 | FbTk::StringUtil::removeFirstWhitespace(name); | 229 | FbTk::StringUtil::removeFirstWhitespace(name); |
| @@ -244,9 +245,9 @@ FbTk::Command *FbCommandFactory::stringToCommand(const std::string &command, | |||
| 244 | } | 245 | } |
| 245 | else if (command == "commanddialog") // run specified fluxbox command | 246 | else if (command == "commanddialog") // run specified fluxbox command |
| 246 | return new CommandDialogCmd(); | 247 | return new CommandDialogCmd(); |
| 247 | else if (command == "bindkey") | 248 | else if (command == "bindkey" && trusted) |
| 248 | return new BindKeyCmd(arguments); | 249 | return new BindKeyCmd(arguments); |
| 249 | else if (command == "setresourcevalue") { | 250 | else if (command == "setresourcevalue" && trusted) { |
| 250 | // we need to parse arguments as: | 251 | // we need to parse arguments as: |
| 251 | // <remove whitespace here><resname><one whitespace><value> | 252 | // <remove whitespace here><resname><one whitespace><value> |
| 252 | string name = arguments; | 253 | string name = arguments; |
| @@ -628,7 +629,7 @@ FbTk::Command *FbCommandFactory::stringToCommand(const std::string &command, | |||
| 628 | } | 629 | } |
| 629 | c= FbTk::StringUtil::toLower(cmd); | 630 | c= FbTk::StringUtil::toLower(cmd); |
| 630 | 631 | ||
| 631 | FbTk::Command* fbcmd= stringToCommand(c,a); | 632 | FbTk::Command* fbcmd= stringToCommand(c,a,trusted); |
| 632 | if (fbcmd) { | 633 | if (fbcmd) { |
| 633 | FbTk::RefCount<FbTk::Command> rfbcmd(fbcmd); | 634 | FbTk::RefCount<FbTk::Command> rfbcmd(fbcmd); |
| 634 | macro->add(rfbcmd); | 635 | macro->add(rfbcmd); |
| @@ -665,7 +666,7 @@ FbTk::Command *FbCommandFactory::stringToCommand(const std::string &command, | |||
| 665 | } | 666 | } |
| 666 | c= FbTk::StringUtil::toLower(cmd); | 667 | c= FbTk::StringUtil::toLower(cmd); |
| 667 | 668 | ||
| 668 | FbTk::Command* fbcmd= stringToCommand(c,a); | 669 | FbTk::Command* fbcmd= stringToCommand(c,a,trusted); |
| 669 | if (fbcmd) { | 670 | if (fbcmd) { |
| 670 | FbTk::RefCount<FbTk::Command> rfbcmd(fbcmd); | 671 | FbTk::RefCount<FbTk::Command> rfbcmd(fbcmd); |
| 671 | macro->add(rfbcmd); | 672 | macro->add(rfbcmd); |
diff --git a/src/FbCommandFactory.hh b/src/FbCommandFactory.hh index dfee559..4b68499 100644 --- a/src/FbCommandFactory.hh +++ b/src/FbCommandFactory.hh | |||
| @@ -27,7 +27,7 @@ | |||
| 27 | class FbCommandFactory: public CommandFactory { | 27 | class FbCommandFactory: public CommandFactory { |
| 28 | public: | 28 | public: |
| 29 | FbTk::Command *stringToCommand(const std::string &command, | 29 | FbTk::Command *stringToCommand(const std::string &command, |
| 30 | const std::string &arguments); | 30 | const std::string &arguments, bool trusted); |
| 31 | 31 | ||
| 32 | private: | 32 | private: |
| 33 | FbCommandFactory(); | 33 | FbCommandFactory(); |
diff --git a/src/Screen.cc b/src/Screen.cc index 55b74e1..4d3944c 100644 --- a/src/Screen.cc +++ b/src/Screen.cc | |||
| @@ -328,6 +328,7 @@ BScreen::ScreenResource::ScreenResource(FbTk::ResourceManager &rm, | |||
| 328 | altscrname+".overlay.CapStyle"), | 328 | altscrname+".overlay.CapStyle"), |
| 329 | scroll_action(rm, "", scrname+".windowScrollAction", altscrname+".WindowScrollAction"), | 329 | scroll_action(rm, "", scrname+".windowScrollAction", altscrname+".WindowScrollAction"), |
| 330 | scroll_reverse(rm, false, scrname+".windowScrollReverse", altscrname+".WindowScrollReverse"), | 330 | scroll_reverse(rm, false, scrname+".windowScrollReverse", altscrname+".WindowScrollReverse"), |
| 331 | allow_remote_actions(rm, false, scrname+".allowRemoteActions", altscrname+".AllowRemoteActions"), | ||
| 331 | clientmenu_use_pixmap(rm, true, scrname+".clientMenu.usePixmap", altscrname+".ClientMenu.UsePixmap"), | 332 | clientmenu_use_pixmap(rm, true, scrname+".clientMenu.usePixmap", altscrname+".ClientMenu.UsePixmap"), |
| 332 | tabs_use_pixmap(rm, true, scrname+".tabs.usePixmap", altscrname+".Tabs.UsePixmap"), | 333 | tabs_use_pixmap(rm, true, scrname+".tabs.usePixmap", altscrname+".Tabs.UsePixmap"), |
| 333 | max_over_tabs(rm, false, scrname+".tabs.maxOver", altscrname+".Tabs.MaxOver"), | 334 | max_over_tabs(rm, false, scrname+".tabs.maxOver", altscrname+".Tabs.MaxOver"), |
| @@ -798,8 +799,8 @@ void BScreen::update(FbTk::Subject *subj) { | |||
| 798 | 799 | ||
| 799 | void BScreen::propertyNotify(Atom atom) { | 800 | void BScreen::propertyNotify(Atom atom) { |
| 800 | static Atom fbcmd_atom = XInternAtom(FbTk::App::instance()->display(), | 801 | static Atom fbcmd_atom = XInternAtom(FbTk::App::instance()->display(), |
| 801 | "_FLUXBOX_COMMAND", False); | 802 | "_FLUXBOX_ACTION", False); |
| 802 | if (atom == fbcmd_atom) { | 803 | if (allowRemoteActions() && atom == fbcmd_atom) { |
| 803 | Atom xa_ret_type; | 804 | Atom xa_ret_type; |
| 804 | int ret_format; | 805 | int ret_format; |
| 805 | unsigned long ret_nitems, ret_bytes_after; | 806 | unsigned long ret_nitems, ret_bytes_after; |
| @@ -816,7 +817,7 @@ void BScreen::propertyNotify(Atom atom) { | |||
| 816 | &ret_bytes_after, (unsigned char **)&str); | 817 | &ret_bytes_after, (unsigned char **)&str); |
| 817 | } | 818 | } |
| 818 | 819 | ||
| 819 | FbTk::RefCount<FbTk::Command> cmd(CommandParser::instance().parseLine(str)); | 820 | FbTk::RefCount<FbTk::Command> cmd(CommandParser::instance().parseLine(str, false)); |
| 820 | if (cmd.get()) | 821 | if (cmd.get()) |
| 821 | cmd->execute(); | 822 | cmd->execute(); |
| 822 | XFree(str); | 823 | XFree(str); |
diff --git a/src/Screen.hh b/src/Screen.hh index ce24ca7..9e5b7a8 100644 --- a/src/Screen.hh +++ b/src/Screen.hh | |||
| @@ -151,6 +151,7 @@ public: | |||
| 151 | 151 | ||
| 152 | inline const std::string &getScrollAction() const { return *resource.scroll_action; } | 152 | inline const std::string &getScrollAction() const { return *resource.scroll_action; } |
| 153 | inline const bool getScrollReverse() const { return *resource.scroll_reverse; } | 153 | inline const bool getScrollReverse() const { return *resource.scroll_reverse; } |
| 154 | inline const bool allowRemoteActions() const { return *resource.allow_remote_actions; } | ||
| 154 | inline const bool clientMenuUsePixmap() const { return *resource.clientmenu_use_pixmap; } | 155 | inline const bool clientMenuUsePixmap() const { return *resource.clientmenu_use_pixmap; } |
| 155 | inline const bool getDefaultInternalTabs() const { return *resource.default_internal_tabs; } | 156 | inline const bool getDefaultInternalTabs() const { return *resource.default_internal_tabs; } |
| 156 | inline const bool getTabsUsePixmap() const { return *resource.tabs_use_pixmap; } | 157 | inline const bool getTabsUsePixmap() const { return *resource.tabs_use_pixmap; } |
| @@ -591,6 +592,7 @@ private: | |||
| 591 | FbTk::Resource<FbTk::GContext::CapStyle> gc_cap_style; | 592 | FbTk::Resource<FbTk::GContext::CapStyle> gc_cap_style; |
| 592 | FbTk::Resource<std::string> scroll_action; | 593 | FbTk::Resource<std::string> scroll_action; |
| 593 | FbTk::Resource<bool> scroll_reverse; | 594 | FbTk::Resource<bool> scroll_reverse; |
| 595 | FbTk::Resource<bool> allow_remote_actions; | ||
| 594 | FbTk::Resource<bool> clientmenu_use_pixmap; | 596 | FbTk::Resource<bool> clientmenu_use_pixmap; |
| 595 | FbTk::Resource<bool> tabs_use_pixmap; | 597 | FbTk::Resource<bool> tabs_use_pixmap; |
| 596 | FbTk::Resource<bool> max_over_tabs; | 598 | FbTk::Resource<bool> max_over_tabs; |
diff --git a/src/Window.cc b/src/Window.cc index 632c1e7..eb2f398 100644 --- a/src/Window.cc +++ b/src/Window.cc | |||
| @@ -2570,13 +2570,18 @@ void FluxboxWindow::configureRequestEvent(XConfigureRequestEvent &cr) { | |||
| 2570 | int cx = frame().x(), cy = frame().y(), ignore = 0; | 2570 | int cx = frame().x(), cy = frame().y(), ignore = 0; |
| 2571 | unsigned int cw = frame().width(), ch = frame().height(); | 2571 | unsigned int cw = frame().width(), ch = frame().height(); |
| 2572 | 2572 | ||
| 2573 | // if this is not m_client and m_client has resize_inc, make sure the new | 2573 | // make sure the new width/height would be ok with all clients, or else they |
| 2574 | // size would be ok with m_client | 2574 | // could try to resize the window back and forth |
| 2575 | if (client != m_client && cr.value_mask & CWWidth && | 2575 | if (client != m_client && |
| 2576 | cr.value_mask & CWHeight && | 2576 | cr.value_mask & CWWidth && cr.value_mask & CWHeight) { |
| 2577 | !m_client->checkSizeHints(cr.width, cr.height)) { | 2577 | ClientList::iterator it = clientList().begin(); |
| 2578 | sendConfigureNotify(); | 2578 | ClientList::iterator it_end = clientList().end(); |
| 2579 | return; | 2579 | for (; it != it_end; ++it) { |
| 2580 | if (!m_client->checkSizeHints(cr.width, cr.height)) { | ||
| 2581 | sendConfigureNotify(); | ||
| 2582 | return; | ||
| 2583 | } | ||
| 2584 | } | ||
| 2580 | } | 2585 | } |
| 2581 | 2586 | ||
| 2582 | if (cr.value_mask & CWBorderWidth) | 2587 | if (cr.value_mask & CWBorderWidth) |
diff --git a/util/fluxbox-remote.cc b/util/fluxbox-remote.cc index 67c2193..56ba8ad 100644 --- a/util/fluxbox-remote.cc +++ b/util/fluxbox-remote.cc | |||
| @@ -40,7 +40,7 @@ int main(int argc, char **argv) { | |||
| 40 | return EXIT_FAILURE; | 40 | return EXIT_FAILURE; |
| 41 | } | 41 | } |
| 42 | 42 | ||
| 43 | Atom fbcmd_atom = XInternAtom(disp, "_FLUXBOX_COMMAND", False); | 43 | Atom fbcmd_atom = XInternAtom(disp, "_FLUXBOX_ACTION", False); |
| 44 | Window root = DefaultRootWindow(disp); | 44 | Window root = DefaultRootWindow(disp); |
| 45 | 45 | ||
| 46 | char *str = argv[1]; | 46 | char *str = argv[1]; |