diff options
Diffstat (limited to 'meta-xfce/recipes-xfce/thunar/thunar/CVE-2021-32563-2.patch')
-rw-r--r-- | meta-xfce/recipes-xfce/thunar/thunar/CVE-2021-32563-2.patch | 208 |
1 files changed, 208 insertions, 0 deletions
diff --git a/meta-xfce/recipes-xfce/thunar/thunar/CVE-2021-32563-2.patch b/meta-xfce/recipes-xfce/thunar/thunar/CVE-2021-32563-2.patch new file mode 100644 index 0000000000..a22cdc6d8d --- /dev/null +++ b/meta-xfce/recipes-xfce/thunar/thunar/CVE-2021-32563-2.patch @@ -0,0 +1,208 @@ +From 3b54d9d7dbd7fd16235e2141c43a7f18718f5664 Mon Sep 17 00:00:00 2001 +From: Alexander Schwinn <alexxcons@xfce.org> +Date: Fri, 7 May 2021 15:21:27 +0200 +Subject: [PATCH 2/2] Regression: Activating Desktop Icon does not Use Default + Application (Issue #575) + +- Introduced by 9165a61f (Dont execute files, passed via command line +due to security risks) +- Now via DBus files are executed, and via CLI, files are just selected + +Fixes #575 + +Upstream-Status: Backport +CVE: CVE-2021-32563 + +Reference to upstream patch: +[https://gitlab.xfce.org/xfce/thunar/-/commit/3b54d9d7dbd7fd16235e2141c43a7f18718f5664] + +Signed-off-by: Stefan Ghinea <stefan.ghinea@windriver.com> +--- + thunar/thunar-application.c | 68 +++++++++++++++++++++--------------- + thunar/thunar-application.h | 9 ++++- + thunar/thunar-dbus-service.c | 2 +- + 3 files changed, 49 insertions(+), 30 deletions(-) + +diff --git a/thunar/thunar-application.c b/thunar/thunar-application.c +index 1243940..53d0b23 100644 +--- a/thunar/thunar-application.c ++++ b/thunar/thunar-application.c +@@ -182,37 +182,38 @@ struct _ThunarApplicationClass + + struct _ThunarApplication + { +- GtkApplication __parent__; ++ GtkApplication __parent__; + +- ThunarSessionClient *session_client; ++ ThunarSessionClient *session_client; + +- ThunarPreferences *preferences; +- GtkWidget *progress_dialog; ++ ThunarPreferences *preferences; ++ GtkWidget *progress_dialog; + +- ThunarThumbnailCache *thumbnail_cache; +- ThunarThumbnailer *thumbnailer; ++ ThunarThumbnailCache *thumbnail_cache; ++ ThunarThumbnailer *thumbnailer; + +- ThunarDBusService *dbus_service; ++ ThunarDBusService *dbus_service; + +- gboolean daemon; ++ gboolean daemon; + +- guint accel_map_save_id; +- GtkAccelMap *accel_map; ++ guint accel_map_save_id; ++ GtkAccelMap *accel_map; + +- guint show_dialogs_timer_id; ++ guint show_dialogs_timer_id; + + #ifdef HAVE_GUDEV +- GUdevClient *udev_client; ++ GUdevClient *udev_client; + +- GSList *volman_udis; +- guint volman_idle_id; +- guint volman_watch_id; ++ GSList *volman_udis; ++ guint volman_idle_id; ++ guint volman_watch_id; + #endif + +- GList *files_to_launch; ++ GList *files_to_launch; ++ ThunarApplicationProcessAction process_file_action; + +- guint dbus_owner_id_xfce; +- guint dbus_owner_id_fdo; ++ guint dbus_owner_id_xfce; ++ guint dbus_owner_id_fdo; + }; + + +@@ -279,6 +280,7 @@ thunar_application_init (ThunarApplication *application) + * in the primary instance anyways */ + + application->files_to_launch = NULL; ++ application->process_file_action = THUNAR_APPLICATION_SELECT_FILES; + application->progress_dialog = NULL; + application->preferences = NULL; + +@@ -531,7 +533,7 @@ thunar_application_command_line (GApplication *gapp, + } + else if (filenames != NULL) + { +- if (!thunar_application_process_filenames (application, cwd, filenames, NULL, NULL, &error)) ++ if (!thunar_application_process_filenames (application, cwd, filenames, NULL, NULL, &error, THUNAR_APPLICATION_SELECT_FILES)) + { + /* we failed to process the filenames or the bulk rename failed */ + g_application_command_line_printerr (command_line, "Thunar: %s\n", error->message); +@@ -539,7 +541,7 @@ thunar_application_command_line (GApplication *gapp, + } + else if (!daemon) + { +- if (!thunar_application_process_filenames (application, cwd, cwd_list, NULL, NULL, &error)) ++ if (!thunar_application_process_filenames (application, cwd, cwd_list, NULL, NULL, &error, THUNAR_APPLICATION_SELECT_FILES)) + { + /* we failed to process the filenames or the bulk rename failed */ + g_application_command_line_printerr (command_line, "Thunar: %s\n", error->message); +@@ -1512,7 +1514,12 @@ thunar_application_process_files_finish (ThunarBrowser *browser, + } + else + { +- if (thunar_file_is_directory (file)) ++ if (application->process_file_action == THUNAR_APPLICATION_LAUNCH_FILES) ++ { ++ /* try to launch the file / open the directory */ ++ thunar_file_launch (target_file, screen, startup_id, &error); ++ } ++ else if (thunar_file_is_directory (file)) + { + thunar_application_open_window (application, file, screen, startup_id, FALSE); + } +@@ -1603,18 +1610,20 @@ thunar_application_process_files (ThunarApplication *application) + * @startup_id : startup id to finish startup notification and properly focus the + * window when focus stealing is enabled or %NULL. + * @error : return location for errors or %NULL. ++ * @action : action to invoke on the files + * + * Tells @application to process the given @filenames and launch them appropriately. + * + * Return value: %TRUE on success, %FALSE if @error is set. + **/ + gboolean +-thunar_application_process_filenames (ThunarApplication *application, +- const gchar *working_directory, +- gchar **filenames, +- GdkScreen *screen, +- const gchar *startup_id, +- GError **error) ++thunar_application_process_filenames (ThunarApplication *application, ++ const gchar *working_directory, ++ gchar **filenames, ++ GdkScreen *screen, ++ const gchar *startup_id, ++ GError **error, ++ ThunarApplicationProcessAction action) + { + ThunarFile *file; + GError *derror = NULL; +@@ -1686,7 +1695,10 @@ thunar_application_process_filenames (ThunarApplication *application, + + /* start processing files if we have any to launch */ + if (application->files_to_launch != NULL) +- thunar_application_process_files (application); ++ { ++ application->process_file_action = action; ++ thunar_application_process_files (application); ++ } + + /* free the file list */ + g_list_free (file_list); +diff --git a/thunar/thunar-application.h b/thunar/thunar-application.h +index 547cb70..8c180e8 100644 +--- a/thunar/thunar-application.h ++++ b/thunar/thunar-application.h +@@ -31,6 +31,12 @@ G_BEGIN_DECLS; + typedef struct _ThunarApplicationClass ThunarApplicationClass; + typedef struct _ThunarApplication ThunarApplication; + ++typedef enum ++{ ++ THUNAR_APPLICATION_LAUNCH_FILES, ++ THUNAR_APPLICATION_SELECT_FILES ++} ThunarApplicationProcessAction; ++ + #define THUNAR_TYPE_APPLICATION (thunar_application_get_type ()) + #define THUNAR_APPLICATION(obj) (G_TYPE_CHECK_INSTANCE_CAST ((obj), THUNAR_TYPE_APPLICATION, ThunarApplication)) + #define THUNAR_APPLICATION_CLASS(klass) (G_TYPE_CHECK_CLASS_CAST ((klass), THUNAR_TYPE_APPLICATION, ThunarApplicationClass)) +@@ -74,7 +80,8 @@ gboolean thunar_application_process_filenames (ThunarAppli + gchar **filenames, + GdkScreen *screen, + const gchar *startup_id, +- GError **error); ++ GError **error, ++ ThunarApplicationProcessAction action); + + void thunar_application_rename_file (ThunarApplication *application, + ThunarFile *file, +diff --git a/thunar/thunar-dbus-service.c b/thunar/thunar-dbus-service.c +index 2d27642..4205a2b 100644 +--- a/thunar/thunar-dbus-service.c ++++ b/thunar/thunar-dbus-service.c +@@ -991,7 +991,7 @@ thunar_dbus_service_launch_files (ThunarDBusFileManager *object, + { + /* let the application process the filenames */ + application = thunar_application_get (); +- thunar_application_process_filenames (application, working_directory, filenames, screen, startup_id, &error); ++ thunar_application_process_filenames (application, working_directory, filenames, screen, startup_id, &error, THUNAR_APPLICATION_LAUNCH_FILES); + g_object_unref (G_OBJECT (application)); + + /* release the screen */ +-- +2.17.1 + |