From 2c3762feddf7e66cf6b64d9058f625a715694a00 Mon Sep 17 00:00:00 2001 From: Kai Uwe Broulik Date: Wed, 7 Aug 2019 09:47:46 +0200 Subject: Security: remove support for $(...) in config keys with [$e] marker. It is very unclear at this point what a valid use case for this feature would possibly be. The old documentation only mentions $(hostname) as an example, which can be done with $HOSTNAME instead. Note that $(...) is still supported in Exec lines of desktop files, this does not require [$e] anyway (and actually works better without it, otherwise the $ signs need to be doubled to obey kconfig $e escaping rules...). Thanks to Fabian Vogt for testing. (This is a backport of KDE Frameworks 5 kconfig patch to kdelibs) Differential Revision: https://phabricator.kde.org/D22989 --- kdecore/config/kconfig.cpp | 32 +------------------------------- kdecore/doc/README.kiosk | 12 ------------ kdecore/tests/kconfigtest.cpp | 6 +----- 3 files changed, 2 insertions(+), 48 deletions(-) diff --git a/kdecore/config/kconfig.cpp b/kdecore/config/kconfig.cpp index 7ea26a5..b30584b 100644 --- a/kdecore/config/kconfig.cpp +++ b/kdecore/config/kconfig.cpp @@ -160,37 +160,7 @@ QString KConfigPrivate::expandString(const QString& value) int nDollarPos = aValue.indexOf( QLatin1Char('$') ); while( nDollarPos != -1 && nDollarPos+1 < aValue.length()) { // there is at least one $ - if( aValue[nDollarPos+1] == QLatin1Char('(') ) { - int nEndPos = nDollarPos+1; - // the next character is not $ - while ( (nEndPos <= aValue.length()) && (aValue[nEndPos]!=QLatin1Char(')')) ) - nEndPos++; - nEndPos++; - QString cmd = aValue.mid( nDollarPos+2, nEndPos-nDollarPos-3 ); - - QString result; - QByteArray oldpath = qgetenv( "PATH" ); - QByteArray newpath; - if (KGlobal::hasMainComponent()) { - newpath = QFile::encodeName(KGlobal::dirs()->resourceDirs("exe").join(QChar::fromLatin1(KPATH_SEPARATOR))); - if (!newpath.isEmpty() && !oldpath.isEmpty()) - newpath += KPATH_SEPARATOR; - } - newpath += oldpath; - setenv( "PATH", newpath, 1/*overwrite*/ ); -// FIXME: wince does not have pipes -#ifndef _WIN32_WCE - FILE *fs = popen(QFile::encodeName(cmd).data(), "r"); - if (fs) { - QTextStream ts(fs, QIODevice::ReadOnly); - result = ts.readAll().trimmed(); - pclose(fs); - } -#endif - setenv( "PATH", oldpath, 1/*overwrite*/ ); - aValue.replace( nDollarPos, nEndPos-nDollarPos, result ); - nDollarPos += result.length(); - } else if( aValue[nDollarPos+1] != QLatin1Char('$') ) { + if( aValue[nDollarPos+1] != QLatin1Char('$') ) { int nEndPos = nDollarPos+1; // the next character is not $ QString aVarName; diff --git a/kdecore/doc/README.kiosk b/kdecore/doc/README.kiosk index b95002d..d902c61 100644 --- a/kdecore/doc/README.kiosk +++ b/kdecore/doc/README.kiosk @@ -640,18 +640,6 @@ The following syntax is also supported: Name[$ei]=${USER} -Shell Commands in KDE config files. -=================================== - -Since KDE-3.1 arbitrary entries in configuration files can contain shell -commands. This way the value of a configuration entry can be determined -dynamically at runtime. In order to use this the entry must be marked -with [$e]. - -Example: -Host[$e]=$(hostname) - - KDE Kiosk Application API ========================== diff --git a/kdecore/tests/kconfigtest.cpp b/kdecore/tests/kconfigtest.cpp index 78e6ad1..37ea3c2 100644 --- a/kdecore/tests/kconfigtest.cpp +++ b/kdecore/tests/kconfigtest.cpp @@ -479,12 +479,8 @@ void KConfigTest::testPath() QCOMPARE(group.readPathEntry("withBraces", QString()), QString("file://" + HOMEPATH) ); QVERIFY(group.hasKey("URL")); QCOMPARE(group.readEntry("URL", QString()), QString("file://" + HOMEPATH) ); -#if !defined(Q_OS_WIN32) && !defined(Q_OS_MAC) - // I don't know if this will work on windows - // This test hangs on OS X QVERIFY(group.hasKey("hostname")); - QCOMPARE(group.readEntry("hostname", QString()), QHostInfo::localHostName()); -#endif + QCOMPARE(group.readEntry("hostname", QString()), QString("(hostname)")); // the $ got removed because empty var name QVERIFY(group.hasKey("noeol")); QCOMPARE(group.readEntry("noeol", QString()), QString("foo")); } -- cgit v1.1