diff options
author | markt <markt> | 2007-07-03 22:56:46 (GMT) |
---|---|---|
committer | markt <markt> | 2007-07-03 22:56:46 (GMT) |
commit | ae3c30423925960fe70262d1d7e4079b73531c37 (patch) | |
tree | 5fed3c090d9fd1af3833cfd6e81828781373e7be /src | |
parent | 823ce0d0175b9b14a549117a303cc9e36e81c1a2 (diff) | |
download | fluxbox_paul-ae3c30423925960fe70262d1d7e4079b73531c37.zip fluxbox_paul-ae3c30423925960fe70262d1d7e4079b73531c37.tar.bz2 |
some security fixes for fluxbox-remote, and a minor change for the gvim fix
Diffstat (limited to 'src')
-rw-r--r-- | src/CommandParser.cc | 9 | ||||
-rw-r--r-- | src/CommandParser.hh | 7 | ||||
-rw-r--r-- | src/FbCommandFactory.cc | 19 | ||||
-rw-r--r-- | src/FbCommandFactory.hh | 2 | ||||
-rw-r--r-- | src/Screen.cc | 7 | ||||
-rw-r--r-- | src/Screen.hh | 2 | ||||
-rw-r--r-- | src/Window.cc | 19 |
7 files changed, 38 insertions, 27 deletions
diff --git a/src/CommandParser.cc b/src/CommandParser.cc index 95630d0..a1e52e5 100644 --- a/src/CommandParser.cc +++ b/src/CommandParser.cc | |||
@@ -62,7 +62,7 @@ CommandParser &CommandParser::instance() { | |||
62 | return *s_singleton; | 62 | return *s_singleton; |
63 | } | 63 | } |
64 | 64 | ||
65 | FbTk::Command *CommandParser::parseLine(const std::string &line) { | 65 | FbTk::Command *CommandParser::parseLine(const std::string &line, bool trusted) { |
66 | 66 | ||
67 | // parse arguments and command | 67 | // parse arguments and command |
68 | string command = line; | 68 | string command = line; |
@@ -83,13 +83,14 @@ FbTk::Command *CommandParser::parseLine(const std::string &line) { | |||
83 | // we didn't find any matching command in default commands, | 83 | // we didn't find any matching command in default commands, |
84 | // so we search in the command creators modules for a | 84 | // so we search in the command creators modules for a |
85 | // matching command string | 85 | // matching command string |
86 | return toCommand(command, arguments); | 86 | return toCommand(command, arguments, trusted); |
87 | 87 | ||
88 | } | 88 | } |
89 | 89 | ||
90 | FbTk::Command *CommandParser::toCommand(const std::string &command_str, const std::string &arguments) { | 90 | FbTk::Command *CommandParser::toCommand(const std::string &command_str, |
91 | const std::string &arguments, bool trusted) { | ||
91 | if (m_commandfactorys[command_str] != 0) | 92 | if (m_commandfactorys[command_str] != 0) |
92 | return m_commandfactorys[command_str]->stringToCommand(command_str, arguments); | 93 | return m_commandfactorys[command_str]->stringToCommand(command_str, arguments, trusted); |
93 | 94 | ||
94 | return 0; | 95 | return 0; |
95 | } | 96 | } |
diff --git a/src/CommandParser.hh b/src/CommandParser.hh index 5501345..1bc3094 100644 --- a/src/CommandParser.hh +++ b/src/CommandParser.hh | |||
@@ -41,7 +41,8 @@ public: | |||
41 | CommandFactory(); | 41 | CommandFactory(); |
42 | virtual ~CommandFactory(); | 42 | virtual ~CommandFactory(); |
43 | virtual FbTk::Command *stringToCommand(const std::string &command, | 43 | virtual FbTk::Command *stringToCommand(const std::string &command, |
44 | const std::string &arguments) = 0; | 44 | const std::string &arguments, |
45 | bool trusted) = 0; | ||
45 | protected: | 46 | protected: |
46 | void addCommand(const std::string &value); | 47 | void addCommand(const std::string &value); |
47 | }; | 48 | }; |
@@ -52,7 +53,7 @@ public: | |||
52 | typedef std::map<std::string, CommandFactory *> CommandFactoryMap; | 53 | typedef std::map<std::string, CommandFactory *> CommandFactoryMap; |
53 | 54 | ||
54 | /// @return parses and returns a command matching the line | 55 | /// @return parses and returns a command matching the line |
55 | FbTk::Command *parseLine(const std::string &line); | 56 | FbTk::Command *parseLine(const std::string &line, bool trusted = true); |
56 | 57 | ||
57 | CommandParser(); | 58 | CommandParser(); |
58 | 59 | ||
@@ -70,7 +71,7 @@ private: | |||
70 | 71 | ||
71 | /// search for a command in our command factory map | 72 | /// search for a command in our command factory map |
72 | FbTk::Command *toCommand(const std::string &command, | 73 | FbTk::Command *toCommand(const std::string &command, |
73 | const std::string &arguments); | 74 | const std::string &arguments, bool trusted); |
74 | 75 | ||
75 | CommandFactoryMap m_commandfactorys; ///< a string to factory map | 76 | CommandFactoryMap m_commandfactorys; ///< a string to factory map |
76 | 77 | ||
diff --git a/src/FbCommandFactory.cc b/src/FbCommandFactory.cc index 1382c89..0257374 100644 --- a/src/FbCommandFactory.cc +++ b/src/FbCommandFactory.cc | |||
@@ -173,12 +173,12 @@ FbCommandFactory::FbCommandFactory() { | |||
173 | } | 173 | } |
174 | 174 | ||
175 | FbTk::Command *FbCommandFactory::stringToCommand(const std::string &command, | 175 | FbTk::Command *FbCommandFactory::stringToCommand(const std::string &command, |
176 | const std::string &arguments) { | 176 | const std::string &arguments, bool trusted) { |
177 | using namespace FbCommands; | 177 | using namespace FbCommands; |
178 | // | 178 | // |
179 | // WM commands | 179 | // WM commands |
180 | // | 180 | // |
181 | if (command == "restart") | 181 | if (command == "restart" && trusted) |
182 | return new RestartFluxboxCmd(arguments); | 182 | return new RestartFluxboxCmd(arguments); |
183 | else if (command == "reconfigure" || command == "reconfig") | 183 | else if (command == "reconfigure" || command == "reconfig") |
184 | return new ReconfigureFluxboxCmd(); | 184 | return new ReconfigureFluxboxCmd(); |
@@ -190,11 +190,12 @@ FbTk::Command *FbCommandFactory::stringToCommand(const std::string &command, | |||
190 | return new KeyModeCmd(arguments); | 190 | return new KeyModeCmd(arguments); |
191 | else if (command == "saverc") | 191 | else if (command == "saverc") |
192 | return new SaveResources(); | 192 | return new SaveResources(); |
193 | else if (command == "execcommand" || command == "execute" || command == "exec") | 193 | else if (command == "execcommand" || command == "execute" || command == "exec") { |
194 | if (!trusted) return 0; | ||
194 | return new ExecuteCmd(arguments); // execute command on key screen | 195 | return new ExecuteCmd(arguments); // execute command on key screen |
195 | else if (command == "exit" || command == "quit") | 196 | } else if (command == "exit" || command == "quit") |
196 | return new ExitFluxboxCmd(); | 197 | return new ExitFluxboxCmd(); |
197 | else if (command == "setenv" || command == "export") { | 198 | else if ((command == "setenv" || command == "export") && trusted) { |
198 | 199 | ||
199 | string name = arguments; | 200 | string name = arguments; |
200 | FbTk::StringUtil::removeFirstWhitespace(name); | 201 | FbTk::StringUtil::removeFirstWhitespace(name); |
@@ -216,9 +217,9 @@ FbTk::Command *FbCommandFactory::stringToCommand(const std::string &command, | |||
216 | } | 217 | } |
217 | else if (command == "commanddialog") // run specified fluxbox command | 218 | else if (command == "commanddialog") // run specified fluxbox command |
218 | return new CommandDialogCmd(); | 219 | return new CommandDialogCmd(); |
219 | else if (command == "bindkey") | 220 | else if (command == "bindkey" && trusted) |
220 | return new BindKeyCmd(arguments); | 221 | return new BindKeyCmd(arguments); |
221 | else if (command == "setresourcevalue") { | 222 | else if (command == "setresourcevalue" && trusted) { |
222 | // we need to parse arguments as: | 223 | // we need to parse arguments as: |
223 | // <remove whitespace here><resname><one whitespace><value> | 224 | // <remove whitespace here><resname><one whitespace><value> |
224 | string name = arguments; | 225 | string name = arguments; |
@@ -517,7 +518,7 @@ FbTk::Command *FbCommandFactory::stringToCommand(const std::string &command, | |||
517 | } | 518 | } |
518 | c= FbTk::StringUtil::toLower(cmd); | 519 | c= FbTk::StringUtil::toLower(cmd); |
519 | 520 | ||
520 | FbTk::Command* fbcmd= stringToCommand(c,a); | 521 | FbTk::Command* fbcmd= stringToCommand(c,a,trusted); |
521 | if (fbcmd) { | 522 | if (fbcmd) { |
522 | FbTk::RefCount<FbTk::Command> rfbcmd(fbcmd); | 523 | FbTk::RefCount<FbTk::Command> rfbcmd(fbcmd); |
523 | macro->add(rfbcmd); | 524 | macro->add(rfbcmd); |
@@ -554,7 +555,7 @@ FbTk::Command *FbCommandFactory::stringToCommand(const std::string &command, | |||
554 | } | 555 | } |
555 | c= FbTk::StringUtil::toLower(cmd); | 556 | c= FbTk::StringUtil::toLower(cmd); |
556 | 557 | ||
557 | FbTk::Command* fbcmd= stringToCommand(c,a); | 558 | FbTk::Command* fbcmd= stringToCommand(c,a,trusted); |
558 | if (fbcmd) { | 559 | if (fbcmd) { |
559 | FbTk::RefCount<FbTk::Command> rfbcmd(fbcmd); | 560 | FbTk::RefCount<FbTk::Command> rfbcmd(fbcmd); |
560 | macro->add(rfbcmd); | 561 | macro->add(rfbcmd); |
diff --git a/src/FbCommandFactory.hh b/src/FbCommandFactory.hh index dfee559..4b68499 100644 --- a/src/FbCommandFactory.hh +++ b/src/FbCommandFactory.hh | |||
@@ -27,7 +27,7 @@ | |||
27 | class FbCommandFactory: public CommandFactory { | 27 | class FbCommandFactory: public CommandFactory { |
28 | public: | 28 | public: |
29 | FbTk::Command *stringToCommand(const std::string &command, | 29 | FbTk::Command *stringToCommand(const std::string &command, |
30 | const std::string &arguments); | 30 | const std::string &arguments, bool trusted); |
31 | 31 | ||
32 | private: | 32 | private: |
33 | FbCommandFactory(); | 33 | FbCommandFactory(); |
diff --git a/src/Screen.cc b/src/Screen.cc index 68f928b..dfa986e 100644 --- a/src/Screen.cc +++ b/src/Screen.cc | |||
@@ -326,6 +326,7 @@ BScreen::ScreenResource::ScreenResource(FbTk::ResourceManager &rm, | |||
326 | altscrname+".overlay.CapStyle"), | 326 | altscrname+".overlay.CapStyle"), |
327 | scroll_action(rm, "", scrname+".windowScrollAction", altscrname+".WindowScrollAction"), | 327 | scroll_action(rm, "", scrname+".windowScrollAction", altscrname+".WindowScrollAction"), |
328 | scroll_reverse(rm, false, scrname+".windowScrollReverse", altscrname+".WindowScrollReverse"), | 328 | scroll_reverse(rm, false, scrname+".windowScrollReverse", altscrname+".WindowScrollReverse"), |
329 | allow_remote_actions(rm, false, scrname+".allowRemoteActions", altscrname+".AllowRemoteActions"), | ||
329 | max_over_tabs(rm, false, scrname+".tabs.maxOver", altscrname+".Tabs.MaxOver"), | 330 | max_over_tabs(rm, false, scrname+".tabs.maxOver", altscrname+".Tabs.MaxOver"), |
330 | default_internal_tabs(rm, true /* TODO: autoconf option? */ , scrname+".tabs.intitlebar", altscrname+".Tabs.InTitlebar") { | 331 | default_internal_tabs(rm, true /* TODO: autoconf option? */ , scrname+".tabs.intitlebar", altscrname+".Tabs.InTitlebar") { |
331 | 332 | ||
@@ -785,8 +786,8 @@ void BScreen::update(FbTk::Subject *subj) { | |||
785 | 786 | ||
786 | void BScreen::propertyNotify(Atom atom) { | 787 | void BScreen::propertyNotify(Atom atom) { |
787 | static Atom fbcmd_atom = XInternAtom(FbTk::App::instance()->display(), | 788 | static Atom fbcmd_atom = XInternAtom(FbTk::App::instance()->display(), |
788 | "_FLUXBOX_COMMAND", False); | 789 | "_FLUXBOX_ACTION", False); |
789 | if (atom == fbcmd_atom) { | 790 | if (allowRemoteActions() && atom == fbcmd_atom) { |
790 | Atom xa_ret_type; | 791 | Atom xa_ret_type; |
791 | int ret_format; | 792 | int ret_format; |
792 | unsigned long ret_nitems, ret_bytes_after; | 793 | unsigned long ret_nitems, ret_bytes_after; |
@@ -803,7 +804,7 @@ void BScreen::propertyNotify(Atom atom) { | |||
803 | &ret_bytes_after, (unsigned char **)&str); | 804 | &ret_bytes_after, (unsigned char **)&str); |
804 | } | 805 | } |
805 | 806 | ||
806 | FbTk::RefCount<FbTk::Command> cmd(CommandParser::instance().parseLine(str)); | 807 | FbTk::RefCount<FbTk::Command> cmd(CommandParser::instance().parseLine(str, false)); |
807 | if (cmd.get()) | 808 | if (cmd.get()) |
808 | cmd->execute(); | 809 | cmd->execute(); |
809 | XFree(str); | 810 | XFree(str); |
diff --git a/src/Screen.hh b/src/Screen.hh index 7ea6f53..77a5169 100644 --- a/src/Screen.hh +++ b/src/Screen.hh | |||
@@ -149,6 +149,7 @@ public: | |||
149 | 149 | ||
150 | inline const std::string &getScrollAction() const { return *resource.scroll_action; } | 150 | inline const std::string &getScrollAction() const { return *resource.scroll_action; } |
151 | inline const bool getScrollReverse() const { return *resource.scroll_reverse; } | 151 | inline const bool getScrollReverse() const { return *resource.scroll_reverse; } |
152 | inline const bool allowRemoteActions() const { return *resource.allow_remote_actions; } | ||
152 | inline const bool getDefaultInternalTabs() const { return *resource.default_internal_tabs; } | 153 | inline const bool getDefaultInternalTabs() const { return *resource.default_internal_tabs; } |
153 | inline const bool getMaxOverTabs() const { return *resource.max_over_tabs; } | 154 | inline const bool getMaxOverTabs() const { return *resource.max_over_tabs; } |
154 | 155 | ||
@@ -582,6 +583,7 @@ private: | |||
582 | FbTk::Resource<FbTk::GContext::CapStyle> gc_cap_style; | 583 | FbTk::Resource<FbTk::GContext::CapStyle> gc_cap_style; |
583 | FbTk::Resource<std::string> scroll_action; | 584 | FbTk::Resource<std::string> scroll_action; |
584 | FbTk::Resource<bool> scroll_reverse; | 585 | FbTk::Resource<bool> scroll_reverse; |
586 | FbTk::Resource<bool> allow_remote_actions; | ||
585 | FbTk::Resource<bool> max_over_tabs; | 587 | FbTk::Resource<bool> max_over_tabs; |
586 | FbTk::Resource<bool> default_internal_tabs; | 588 | FbTk::Resource<bool> default_internal_tabs; |
587 | 589 | ||
diff --git a/src/Window.cc b/src/Window.cc index f6fe225..1bfab7f 100644 --- a/src/Window.cc +++ b/src/Window.cc | |||
@@ -2564,13 +2564,18 @@ void FluxboxWindow::configureRequestEvent(XConfigureRequestEvent &cr) { | |||
2564 | int cx = frame().x(), cy = frame().y(), ignore = 0; | 2564 | int cx = frame().x(), cy = frame().y(), ignore = 0; |
2565 | unsigned int cw = frame().width(), ch = frame().height(); | 2565 | unsigned int cw = frame().width(), ch = frame().height(); |
2566 | 2566 | ||
2567 | // if this is not m_client and m_client has resize_inc, make sure the new | 2567 | // make sure the new width/height would be ok with all clients, or else they |
2568 | // size would be ok with m_client | 2568 | // could try to resize the window back and forth |
2569 | if (client != m_client && cr.value_mask & CWWidth && | 2569 | if (client != m_client && |
2570 | cr.value_mask & CWHeight && | 2570 | cr.value_mask & CWWidth && cr.value_mask & CWHeight) { |
2571 | !m_client->checkSizeHints(cr.width, cr.height)) { | 2571 | ClientList::iterator it = clientList().begin(); |
2572 | sendConfigureNotify(); | 2572 | ClientList::iterator it_end = clientList().end(); |
2573 | return; | 2573 | for (; it != it_end; ++it) { |
2574 | if (!m_client->checkSizeHints(cr.width, cr.height)) { | ||
2575 | sendConfigureNotify(); | ||
2576 | return; | ||
2577 | } | ||
2578 | } | ||
2574 | } | 2579 | } |
2575 | 2580 | ||
2576 | if (cr.value_mask & CWBorderWidth) | 2581 | if (cr.value_mask & CWBorderWidth) |