Rietveld Code Review Tool
Help | Bug tracker | Discussion group | Source code | Sign in
(4799)

Issue 336240043: Fix security problem in lilypond-invoke-editor

Can't Edit
Can't Publish+Mail
Start Review
Created:
1 year, 11 months ago by knupero
Modified:
1 year, 11 months ago
Reviewers:
dak
CC:
lilypond-devel_gnu.org
Visibility:
Public.

Description

Fix security problem in lilypond-invoke-editor If lilypond-invoke-editor was installed as a general uri-helper it was easy to abuse it to execute arbitrary code on an attacked system for non-textedit URIs. This part of the problem was discovered and reported to our bug-lilypond mailing list by Gabriel Corona. But also pure textedit URIs were vulnerable, an example is the URI textedit:///:&xterm -e find ~/&:x: that executes "find ~/" in a xterm. With this patch lilypond-invoke-editor only handles textedit URIs, and it does no longer use the systems command processor but guiles system* procedure for those URIs. Also the script will abort if the line, char and column fields of a textedit URI contain anything but digits. We could have fixed URI passing to the browser, but it is not our job to provide a general URI helper. Other software (e.g. xdg-open and friends) should be used for that. The security problem fixed now was introduced into lilypond in the year 2005. Signed-off-by: Knut Petersen <knut_petersen@t-online.de>

Patch Set 1 #

Patch Set 2 : Also textedit links are vulnerable, attempt to fix this #

Patch Set 3 : Fixing a stupid mistake #

Total comments: 5

Patch Set 4 : Fix that stupid error in line 1, whitespace cleanup #

Unified diffs Side-by-side diffs Delta from patch set Stats (+99 lines, -95 lines) Patch
M Documentation/de/usage/external.itely View 2 chunks +6 lines, -6 lines 0 comments Download
M Documentation/usage/external.itely View 2 chunks +4 lines, -5 lines 0 comments Download
M scripts/lilypond-invoke-editor.scm View 1 2 3 5 chunks +89 lines, -84 lines 0 comments Download

Messages

Total messages: 6
knupero
This security problem was introduced in 2005.
1 year, 11 months ago (2017-11-23 08:48:59 UTC) #1
knupero
Also textedit links are vulnerable, attempt to fix this
1 year, 11 months ago (2017-11-24 12:35:05 UTC) #2
knupero
Fixing a stupid mistake
1 year, 11 months ago (2017-11-24 12:42:43 UTC) #3
dak
https://codereview.appspot.com/336240043/diff/40001/scripts/lilypond-invoke-editor.scm File scripts/lilypond-invoke-editor.scm (right): https://codereview.appspot.com/336240043/diff/40001/scripts/lilypond-invoke-editor.scm#newcode1 scripts/lilypond-invoke-editor.scm:1: #!/home/knut/sources/lilybuilt/share/lilypond/bin/guile -s This line is not going to work. ...
1 year, 11 months ago (2017-11-24 12:57:21 UTC) #4
knupero
https://codereview.appspot.com/336240043/diff/40001/scripts/lilypond-invoke-editor.scm File scripts/lilypond-invoke-editor.scm (right): https://codereview.appspot.com/336240043/diff/40001/scripts/lilypond-invoke-editor.scm#newcode1 scripts/lilypond-invoke-editor.scm:1: #!/home/knut/sources/lilybuilt/share/lilypond/bin/guile -s On 2017/11/24 12:57:21, dak wrote: > This ...
1 year, 11 months ago (2017-11-24 13:16:40 UTC) #5
knupero
1 year, 11 months ago (2017-11-24 17:26:09 UTC) #6
Fix that stupid error in line 1, whitespace cleanup
Sign in to reply to this message.

Powered by Google App Engine
RSS Feeds Recent Issues | This issue
This is Rietveld f62528b