[shutter] 03/05: add patch to secure system() calls
gregor herrmann
gregoa at debian.org
Sat May 20 20:40:17 UTC 2017
This is an automated email from the git hooks/post-receive script.
gregoa pushed a commit to branch jessie
in repository shutter.
commit 7a11ad24d841264f8dc4aa11f900abf12a4aca2a
Author: Dominique Dumont <dod at debian.org>
Date: Fri Jan 6 21:06:41 2017 +0100
add patch to secure system() calls
---
debian/patches/fix-perl-system-calls | 268 +++++++++++++++++++++++++++++++++++
debian/patches/series | 1 +
2 files changed, 269 insertions(+)
diff --git a/debian/patches/fix-perl-system-calls b/debian/patches/fix-perl-system-calls
new file mode 100644
index 0000000..8443952
--- /dev/null
+++ b/debian/patches/fix-perl-system-calls
@@ -0,0 +1,268 @@
+Author: dod
+Description: Fix perl system calls
+ This patch replaces all system("big string") calls to
+ system(@big_list) in all plugins to avoid problems similar to CVS-2016-10081.
+--- a/share/shutter/resources/system/plugins/perl/sppolaroid/sppolaroid
++++ b/share/shutter/resources/system/plugins/perl/sppolaroid/sppolaroid
+@@ -349,9 +349,6 @@
+
+ sub apply_effect {
+
+- #quote filename
+- my $qfilename = quotemeta $filename;
+-
+ if ( $use_caption ) {
+
+ my $text = $caption_entry->get_text;
+@@ -360,27 +357,32 @@
+ $text = quotemeta $text;
+
+ my $color = $stroke_color->get_color;
+-
+- system( "convert -caption "
+- . $text
+- . " -fill '"
+- . sprintf( "#%04x%04x%04x%04x", $color->red, $color->green, $color->blue, $stroke_color->get_alpha )
+- . "' $qfilename -pointsize "
+- . $pointsize_sbutton->get_value
+- . " -gravity "
+- . $gravity_combo->get_active_text
+- . " -bordercolor snow "
+- . " -background black "
+- . " -polaroid "
+- . $angle_sbutton->get_value
+- . " $tmpfilename" );
+-
++
++ system(
++ convert =>
++ -caption => $text,
++ -fill => sprintf( "#%04x%04x%04x%04x",
++ $color->red,
++ $color->green,
++ $color->blue,
++ $stroke_color->get_alpha
++ ),
++ $filename,
++ -pointsize => $pointsize_sbutton->get_value,
++ -gravity => $gravity_combo->get_active_text,
++ qw/-bordercolor snow -background black/,
++ -polaroid => $angle_sbutton->get_value,
++ $tmpfilename
++ );
+ } else {
+-
+- system( "convert $qfilename -bordercolor white -border 6 -bordercolor grey60 -border 1 -background none -rotate "
+- . $angle_sbutton->get_value
+- . " -background black \\( +clone -shadow 60x4+4+4 \\) +swap -background none -flatten $tmpfilename" );
+-
++ system(
++ convert => $filename,
++ qw/-bordercolor white -border 6 -bordercolor grey60 -border 1 -background none/,
++ -rotate => $angle_sbutton->get_value,
++ -background => 'black',
++ qw/( +clone -shadow 60x4+4+4 ) +swap -background none/,
++ -flatten => $tmpfilename
++ );
+ }
+
+ }
+--- a/share/shutter/resources/system/plugins/perl/spwatermark/spwatermark
++++ b/share/shutter/resources/system/plugins/perl/spwatermark/spwatermark
+@@ -342,33 +342,27 @@
+ $text = strftime $text, localtime;
+ $text = quotemeta $text;
+
+- #quote filename
+- my $qfilename = quotemeta $filename;
+-
+ my $psize = $pointsize_sbutton->get_value;
+
+ my $color = $stroke_color->get_color;
+
+- #execute imagemagick command
+- system( "convert "
+- . "-background '#00000000'"
+- . " -fill '"
+- . sprintf( "#%04x%04x%04x%04x", $color->red, $color->green, $color->blue, $stroke_color->get_alpha )
+- . "' -pointsize "
+- . $psize
+- . " -gravity "
+- . $gravity_combo->get_active_text
+- . " -rotate "
+- . $angle_sbutton->get_value
+- . " label:"
+- . $text
+- . " $tmpfilename" );
+-
+- system("composite $tmpfilename"
+- . " -gravity "
+- . $gravity_combo->get_active_text
+- . " $qfilename"
+- . " $tmpfilename2" );
++ #execute imagemagick command
++ system(
++ convert =>
++ -background => '#00000000',
++ -fill => sprintf( "#%04x%04x%04x%04x", $color->red, $color->green, $color->blue, $stroke_color->get_alpha ),
++ -pointsize => $psize,
++ -gravity => $gravity_combo->get_active_text,
++ -rotate => $angle_sbutton->get_value,
++ "label:$text",
++ $tmpfilename
++ );
++
++ system(
++ composite => $tmpfilename,
++ -gravity => $gravity_combo->get_active_text,
++ $filename => $tmpfilename2
++ );
+
+ }
+
+--- a/share/shutter/resources/system/plugins/perl/spshadow/spshadow
++++ b/share/shutter/resources/system/plugins/perl/spshadow/spshadow
+@@ -368,24 +368,22 @@
+ $direction2 = "80x3-1-1";
+ }
+
+- #quote filename
+- my $qfilename = quotemeta $filename;
+-
+- #execute imagemagick command
+- system( "convert"
+- . " $qfilename"
+- . " -gravity northwest -background 'rgba(255,255,255,0)' -splice 10x10"
+- . " \\( +clone -background '"
+- . sprintf( "#%04x%04x%04x%04x", $scolor->red, $scolor->green, $scolor->blue, $shadow_color->get_alpha )
+- . "' -shadow "
+- . $direction2
+- . " \\) +swap -background none -mosaic +repage"
+- . " \\( +clone -background '"
+- . sprintf( "#%04x%04x%04x%04x", $scolor->red, $scolor->green, $scolor->blue, $shadow_color->get_alpha )
+- . "' -shadow "
+- . $direction1
+- . " \\) +swap -background none -mosaic +repage"
+- . " $tmpfilename" );
++ #execute imagemagick command
++ system(
++ convert => $filename,
++ -gravity => 'northwest',
++ -background => 'rgba(255,255,255,0)',
++ -splice => '10x10',
++ qw/( +clone/,
++ -background => sprintf( "#%04x%04x%04x%04x", $scolor->red, $scolor->green, $scolor->blue, $shadow_color->get_alpha ),
++ -shadow => $direction2,
++ qw/) +swap -background none -mosaic +repage/,
++ qw/( +clone/,
++ -background => sprintf( "#%04x%04x%04x%04x", $scolor->red, $scolor->green, $scolor->blue, $shadow_color->get_alpha ),
++ -shadow => $direction1,
++ qw/) +swap -background none -mosaic +repage/,
++ $tmpfilename
++ );
+
+ }
+
+--- a/share/shutter/resources/system/plugins/perl/spbardistortion/spbardistortion
++++ b/share/shutter/resources/system/plugins/perl/spbardistortion/spbardistortion
+@@ -386,24 +386,13 @@
+
+ my $color = $back_color->get_color;
+
+- #quote filename
+- my $qfilename = quotemeta $filename;
+-
+ #execute imagemagick command
+- system( "convert"
+- . " -virtual-pixel Background -background '"
+- . sprintf( "#%04x%04x%04x%04x", $color->red, $color->green, $color->blue, $back_color->get_alpha )
+- . "' -distort Barrel '"
+- . $c1_sbutton->get_value
+- . " "
+- . $c2_sbutton->get_value
+- . " "
+- . $c3_sbutton->get_value
+- . " "
+- . $c4_sbutton->get_value
+- . "' $qfilename"
+- . " $tmpfilename" );
+-
++ system (
++ qw/convert -virtual-pixel Background/,
++ -background => sprintf( "#%04x%04x%04x%04x", $color->red, $color->green, $color->blue, $back_color->get_alpha ),
++ -distort => Barrel => join(' ',$c1_sbutton->get_value, $c2_sbutton->get_value, $c3_sbutton->get_value, $c4_sbutton->get_value),
++ $filename, $tmpfilename
++ );
+ }
+
+ sub fct_update_gui {
+--- a/share/shutter/resources/modules/Shutter/Screenshot/Web.pm
++++ b/share/shutter/resources/modules/Shutter/Screenshot/Web.pm
+@@ -69,7 +69,13 @@
+ $self->{_url} = "http://".$self->{_url};
+ }
+
+- system("gnome-web-photo --timeout=$self->{_timeout} --mode=photo --width=$self->{_width} '$self->{_url}' '$self->{_dest_filename}'");
++ system(
++ 'gnome-web-photo',
++ '--timeout='.$self->{_timeout},
++ '--mode=photo',
++ '--width='.$self->{_width},
++ $self->{_url}, $self->{_dest_filename}
++ );
+
+ return TRUE;
+ }
+--- a/share/shutter/resources/modules/Shutter/App/HelperFunctions.pm
++++ b/share/shutter/resources/modules/Shutter/App/HelperFunctions.pm
+@@ -53,8 +53,7 @@
+
+ sub xdg_open {
+ my ( $self, $dialog, $link, $user_data ) = @_;
+- my @args = ("xdg-open", $link);
+- system(@args);
++ system("xdg-open", $link);
+ if($?){
+ my $response = $self->{_dialogs}->dlg_error_message(
+ sprintf( $self->{_d}->get("Error while executing %s."), "'xdg-open'"),
+@@ -67,8 +66,12 @@
+ }
+
+ sub xdg_open_mail {
+- my ( $self, $dialog, $mail, $user_data ) = @_;
+- system("xdg-email $mail $user_data");
++ my ( $self, $dialog, $mail, @user_data ) = @_;
++
++ my @cmd = 'xdg-email';
++ push @cmd, $mail if $mail;
++ system(@cmd, @user_data);
++
+ if($?){
+ my $response = $self->{_dialogs}->dlg_error_message(
+ sprintf( $self->{_d}->get("Error while executing %s."), "'xdg-email'"),
+@@ -82,7 +85,7 @@
+
+ sub nautilus_sendto {
+ my ( $self, $user_data ) = @_;
+- system("nautilus-sendto $user_data &");
++ system('nautilus-sendto', $user_data);
+ if($?){
+ my $response = $self->{_dialogs}->dlg_error_message(
+ sprintf( $self->{_d}->get("Error while executing %s."), "'nautilus-sendto'"),
+--- a/bin/shutter
++++ b/bin/shutter
+@@ -6972,12 +6972,9 @@
+ push( @files_to_email, $session_screens{$key}->{'long'} );
+ }
+
+- my $mail_string = undef;
+- foreach my $email_filename (@files_to_email) {
+- $mail_string .= "--attach '$email_filename' ";
+- }
++ my @mail_args = map { ( '--attach' => $_ ) } @files_to_email;
+
+- $shf->xdg_open_mail( undef, undef, $mail_string );
++ $shf->xdg_open_mail( undef, undef, @mail_args );
+
+ return TRUE;
+ }
diff --git a/debian/patches/series b/debian/patches/series
index 1eb7d84..cc5108b 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -1,2 +1,3 @@
CVE-2015-0854.patch
CVE-2016-10081.patch
+fix-perl-system-calls
--
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-perl/packages/shutter.git
More information about the Pkg-perl-cvs-commits
mailing list