'[kde-cli-tools/Plasma/5.7] kdesu: Make sure people are not trying to sneak invisible characters on t'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       kde-i18n-doc
Subject:    [kde-cli-tools/Plasma/5.7] kdesu: Make sure people are not trying to sneak invisible characters on t
From:       Albert Astals Cid <aacid () kde ! org>
Date:       2016-09-09 7:09:46
Message-ID: E1biFwY-0003nl-Il () code ! kde ! org
[Download RAW message or body]

Git commit 5eda179a099ba68a20dc21dc0da63e85a565a171 by Albert Astals Cid, on behalf \
of Martin Sandsmark. Committed on 09/09/2016 at 07:09.
Pushed by aacid into branch 'Plasma/5.7'.

Make sure people are not trying to sneak invisible characters on the kdesu label

i18n: Sorry for the new string

CCMAIL: kde-i18n-doc@kde.org

M  +10   -0    kdesu/kdesu.cpp

http://commits.kde.org/kde-cli-tools/5eda179a099ba68a20dc21dc0da63e85a565a171

diff --git a/kdesu/kdesu.cpp b/kdesu/kdesu.cpp
index b7a66a2..b0efbc7 100644
--- a/kdesu/kdesu.cpp
+++ b/kdesu/kdesu.cpp
@@ -162,6 +162,10 @@ int main(int argc, char *argv[])
     {
         KMessageBox::sorry(0, i18n("Cannot execute command '%1'.", \
QString::fromLocal8Bit(command)));  }
+    if (result == -2)
+    {
+        KMessageBox::sorry(0, i18n("Cannot execute command '%1'. It contains invalid \
characters.", QString::fromLocal8Bit(command))); +    }
 
     return result;
 }
@@ -387,6 +391,12 @@ static int startApp(QCommandLineParser& p)
         qDebug() << "Don't need password!!\n";
     }
 
+    for (const QChar character : QString::fromLocal8Bit(command)) {
+        if (!character.isPrint() && character.category() != QChar::Other_Surrogate) \
{ +            return -2;
+        }
+    }
+
     // Start the dialog
     QString password;
     if (needpw)


[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic