From d667fcc887fa997bed7c54f1ef24ac9a363d2ace Mon Sep 17 00:00:00 2001 From: markt Date: Tue, 3 Jul 2007 22:57:05 +0000 Subject: some security fixes for fluxbox-remote, and some minor changes for the gvim fix --- src/CommandParser.cc | 9 +++++---- src/CommandParser.hh | 7 ++++--- src/FbCommandFactory.cc | 19 ++++++++++--------- src/FbCommandFactory.hh | 2 +- src/Screen.cc | 7 ++++--- src/Screen.hh | 2 ++ src/Window.cc | 19 ++++++++++++------- util/fluxbox-remote.cc | 2 +- 8 files changed, 39 insertions(+), 28 deletions(-) diff --git a/src/CommandParser.cc b/src/CommandParser.cc index 95630d0..a1e52e5 100644 --- a/src/CommandParser.cc +++ b/src/CommandParser.cc @@ -62,7 +62,7 @@ CommandParser &CommandParser::instance() { return *s_singleton; } -FbTk::Command *CommandParser::parseLine(const std::string &line) { +FbTk::Command *CommandParser::parseLine(const std::string &line, bool trusted) { // parse arguments and command string command = line; @@ -83,13 +83,14 @@ FbTk::Command *CommandParser::parseLine(const std::string &line) { // we didn't find any matching command in default commands, // so we search in the command creators modules for a // matching command string - return toCommand(command, arguments); + return toCommand(command, arguments, trusted); } -FbTk::Command *CommandParser::toCommand(const std::string &command_str, const std::string &arguments) { +FbTk::Command *CommandParser::toCommand(const std::string &command_str, + const std::string &arguments, bool trusted) { if (m_commandfactorys[command_str] != 0) - return m_commandfactorys[command_str]->stringToCommand(command_str, arguments); + return m_commandfactorys[command_str]->stringToCommand(command_str, arguments, trusted); return 0; } diff --git a/src/CommandParser.hh b/src/CommandParser.hh index 5501345..1bc3094 100644 --- a/src/CommandParser.hh +++ b/src/CommandParser.hh @@ -41,7 +41,8 @@ public: CommandFactory(); virtual ~CommandFactory(); virtual FbTk::Command *stringToCommand(const std::string &command, - const std::string &arguments) = 0; + const std::string &arguments, + bool trusted) = 0; protected: void addCommand(const std::string &value); }; @@ -52,7 +53,7 @@ public: typedef std::map CommandFactoryMap; /// @return parses and returns a command matching the line - FbTk::Command *parseLine(const std::string &line); + FbTk::Command *parseLine(const std::string &line, bool trusted = true); CommandParser(); @@ -70,7 +71,7 @@ private: /// search for a command in our command factory map FbTk::Command *toCommand(const std::string &command, - const std::string &arguments); + const std::string &arguments, bool trusted); CommandFactoryMap m_commandfactorys; ///< a string to factory map diff --git a/src/FbCommandFactory.cc b/src/FbCommandFactory.cc index 2e19700..bf008ad 100644 --- a/src/FbCommandFactory.cc +++ b/src/FbCommandFactory.cc @@ -201,12 +201,12 @@ FbCommandFactory::FbCommandFactory() { } FbTk::Command *FbCommandFactory::stringToCommand(const std::string &command, - const std::string &arguments) { + const std::string &arguments, bool trusted) { using namespace FbCommands; // // WM commands // - if (command == "restart") + if (command == "restart" && trusted) return new RestartFluxboxCmd(arguments); else if (command == "reconfigure" || command == "reconfig") return new ReconfigureFluxboxCmd(); @@ -218,11 +218,12 @@ FbTk::Command *FbCommandFactory::stringToCommand(const std::string &command, return new KeyModeCmd(arguments); else if (command == "saverc") return new SaveResources(); - else if (command == "execcommand" || command == "execute" || command == "exec") + else if (command == "execcommand" || command == "execute" || command == "exec") { + if (!trusted) return 0; return new ExecuteCmd(arguments); // execute command on key screen - else if (command == "exit" || command == "quit") + } else if (command == "exit" || command == "quit") return new ExitFluxboxCmd(); - else if (command == "setenv" || command == "export") { + else if ((command == "setenv" || command == "export") && trusted) { string name = arguments; FbTk::StringUtil::removeFirstWhitespace(name); @@ -244,9 +245,9 @@ FbTk::Command *FbCommandFactory::stringToCommand(const std::string &command, } else if (command == "commanddialog") // run specified fluxbox command return new CommandDialogCmd(); - else if (command == "bindkey") + else if (command == "bindkey" && trusted) return new BindKeyCmd(arguments); - else if (command == "setresourcevalue") { + else if (command == "setresourcevalue" && trusted) { // we need to parse arguments as: // string name = arguments; @@ -628,7 +629,7 @@ FbTk::Command *FbCommandFactory::stringToCommand(const std::string &command, } c= FbTk::StringUtil::toLower(cmd); - FbTk::Command* fbcmd= stringToCommand(c,a); + FbTk::Command* fbcmd= stringToCommand(c,a,trusted); if (fbcmd) { FbTk::RefCount rfbcmd(fbcmd); macro->add(rfbcmd); @@ -665,7 +666,7 @@ FbTk::Command *FbCommandFactory::stringToCommand(const std::string &command, } c= FbTk::StringUtil::toLower(cmd); - FbTk::Command* fbcmd= stringToCommand(c,a); + FbTk::Command* fbcmd= stringToCommand(c,a,trusted); if (fbcmd) { FbTk::RefCount rfbcmd(fbcmd); macro->add(rfbcmd); diff --git a/src/FbCommandFactory.hh b/src/FbCommandFactory.hh index dfee559..4b68499 100644 --- a/src/FbCommandFactory.hh +++ b/src/FbCommandFactory.hh @@ -27,7 +27,7 @@ class FbCommandFactory: public CommandFactory { public: FbTk::Command *stringToCommand(const std::string &command, - const std::string &arguments); + const std::string &arguments, bool trusted); private: FbCommandFactory(); diff --git a/src/Screen.cc b/src/Screen.cc index 55b74e1..4d3944c 100644 --- a/src/Screen.cc +++ b/src/Screen.cc @@ -328,6 +328,7 @@ BScreen::ScreenResource::ScreenResource(FbTk::ResourceManager &rm, altscrname+".overlay.CapStyle"), scroll_action(rm, "", scrname+".windowScrollAction", altscrname+".WindowScrollAction"), scroll_reverse(rm, false, scrname+".windowScrollReverse", altscrname+".WindowScrollReverse"), + allow_remote_actions(rm, false, scrname+".allowRemoteActions", altscrname+".AllowRemoteActions"), clientmenu_use_pixmap(rm, true, scrname+".clientMenu.usePixmap", altscrname+".ClientMenu.UsePixmap"), tabs_use_pixmap(rm, true, scrname+".tabs.usePixmap", altscrname+".Tabs.UsePixmap"), max_over_tabs(rm, false, scrname+".tabs.maxOver", altscrname+".Tabs.MaxOver"), @@ -798,8 +799,8 @@ void BScreen::update(FbTk::Subject *subj) { void BScreen::propertyNotify(Atom atom) { static Atom fbcmd_atom = XInternAtom(FbTk::App::instance()->display(), - "_FLUXBOX_COMMAND", False); - if (atom == fbcmd_atom) { + "_FLUXBOX_ACTION", False); + if (allowRemoteActions() && atom == fbcmd_atom) { Atom xa_ret_type; int ret_format; unsigned long ret_nitems, ret_bytes_after; @@ -816,7 +817,7 @@ void BScreen::propertyNotify(Atom atom) { &ret_bytes_after, (unsigned char **)&str); } - FbTk::RefCount cmd(CommandParser::instance().parseLine(str)); + FbTk::RefCount cmd(CommandParser::instance().parseLine(str, false)); if (cmd.get()) cmd->execute(); XFree(str); diff --git a/src/Screen.hh b/src/Screen.hh index ce24ca7..9e5b7a8 100644 --- a/src/Screen.hh +++ b/src/Screen.hh @@ -151,6 +151,7 @@ public: inline const std::string &getScrollAction() const { return *resource.scroll_action; } inline const bool getScrollReverse() const { return *resource.scroll_reverse; } + inline const bool allowRemoteActions() const { return *resource.allow_remote_actions; } inline const bool clientMenuUsePixmap() const { return *resource.clientmenu_use_pixmap; } inline const bool getDefaultInternalTabs() const { return *resource.default_internal_tabs; } inline const bool getTabsUsePixmap() const { return *resource.tabs_use_pixmap; } @@ -591,6 +592,7 @@ private: FbTk::Resource gc_cap_style; FbTk::Resource scroll_action; FbTk::Resource scroll_reverse; + FbTk::Resource allow_remote_actions; FbTk::Resource clientmenu_use_pixmap; FbTk::Resource tabs_use_pixmap; FbTk::Resource max_over_tabs; diff --git a/src/Window.cc b/src/Window.cc index 632c1e7..eb2f398 100644 --- a/src/Window.cc +++ b/src/Window.cc @@ -2570,13 +2570,18 @@ void FluxboxWindow::configureRequestEvent(XConfigureRequestEvent &cr) { int cx = frame().x(), cy = frame().y(), ignore = 0; unsigned int cw = frame().width(), ch = frame().height(); - // if this is not m_client and m_client has resize_inc, make sure the new - // size would be ok with m_client - if (client != m_client && cr.value_mask & CWWidth && - cr.value_mask & CWHeight && - !m_client->checkSizeHints(cr.width, cr.height)) { - sendConfigureNotify(); - return; + // make sure the new width/height would be ok with all clients, or else they + // could try to resize the window back and forth + if (client != m_client && + cr.value_mask & CWWidth && cr.value_mask & CWHeight) { + ClientList::iterator it = clientList().begin(); + ClientList::iterator it_end = clientList().end(); + for (; it != it_end; ++it) { + if (!m_client->checkSizeHints(cr.width, cr.height)) { + sendConfigureNotify(); + return; + } + } } if (cr.value_mask & CWBorderWidth) diff --git a/util/fluxbox-remote.cc b/util/fluxbox-remote.cc index 67c2193..56ba8ad 100644 --- a/util/fluxbox-remote.cc +++ b/util/fluxbox-remote.cc @@ -40,7 +40,7 @@ int main(int argc, char **argv) { return EXIT_FAILURE; } - Atom fbcmd_atom = XInternAtom(disp, "_FLUXBOX_COMMAND", False); + Atom fbcmd_atom = XInternAtom(disp, "_FLUXBOX_ACTION", False); Window root = DefaultRootWindow(disp); char *str = argv[1]; -- cgit v0.11.2