[neon/backports-focal/xdg-desktop-portal/Neon/unstable] src: open-uri: Reject more mismatched open requests
Bastien Nocera
null at kde.org
Wed Jan 13 06:32:42 GMT 2021
Git commit 7f11163236c02ef7ad0f3b48c705ad893c2b9f9b by Bastien Nocera.
Committed on 17/04/2020 at 22:00.
Pushed by ash into branch 'Neon/unstable'.
open-uri: Reject more mismatched open requests
Also reject non-writable requests that come with writable file
descriptors.
See https://github.com/flatpak/libportal/pull/26
M +2 -1 src/open-uri.c
https://invent.kde.org/neon/backports-focal/xdg-desktop-portal/commit/7f11163236c02ef7ad0f3b48c705ad893c2b9f9b
diff --git a/src/open-uri.c b/src/open-uri.c
index a8326ed..21d3954 100644
--- a/src/open-uri.c
+++ b/src/open-uri.c
@@ -596,7 +596,8 @@ handle_open_in_thread_func (GTask *task,
path = xdp_app_info_get_path_for_fd (request->app_info, fd, 0, NULL, &fd_is_writable);
if (path == NULL ||
- (writable && !fd_is_writable))
+ (writable && !fd_is_writable) ||
+ (!xdp_app_info_is_host (request->app_info) && !writable && fd_is_writable))
{
/* Reject the request */
if (request->exported)
More information about the Neon-commits
mailing list