Commit b2c58d02 authored by Gerald Combs's avatar Gerald Combs Committed by Pascal Quantin
Browse files

Be more strict about opening URLs.

In the proto tree, copy URLs instead of opening them.

In the export dialog, enable previews only if the advertised MIME type
*and* the contents of the file are plain text, GIF, JPEG, or PNG.

Add warnings to the wslua browser_open_url and browser_open_data_file
documentation.

Fixes #17232.


(cherry picked from commit e99c9afc)
parent 5e1db621
Pipeline #256623039 passed with stages
in 37 minutes and 26 seconds
......@@ -1103,7 +1103,16 @@ WSLUA_FUNCTION wslua_reload_lua_plugins(lua_State* L) { /* Reload all Lua plugin
}
WSLUA_FUNCTION wslua_browser_open_url(lua_State* L) { /* Opens an URL in a web browser. Requires a GUI. */
WSLUA_FUNCTION wslua_browser_open_url(lua_State* L) { /*
Opens an URL in a web browser. Requires a GUI.
[WARNING]
====
Do not pass an untrusted URL to this function.
It will be passed to the system's URL handler, which might execute malicious code, switch on your Bluetooth-connected foghorn, or any of a number of unexpected or harmful things.
====
*/
#define WSLUA_ARG_browser_open_url_URL 1 /* The url. */
const char* url = luaL_checkstring(L,WSLUA_ARG_browser_open_url_URL);
......@@ -1121,6 +1130,13 @@ WSLUA_FUNCTION wslua_browser_open_data_file(lua_State* L) { /*
Open a file located in the data directory (specified in the Wireshark preferences) in the web browser.
If the file does not exist, the function silently ignores the request.
Requires a GUI.
[WARNING]
====
Do not pass an untrusted URL to this function.
It will be passed to the system's URL handler, which might execute malicious code, switch on your Bluetooth-connected foghorn, or any of a number of unexpected or harmful things.
====
*/
#define WSLUA_ARG_browser_open_data_file_FILENAME 1 /* The file name. */
const char* file = luaL_checkstring(L,WSLUA_ARG_browser_open_data_file_FILENAME);
......
......@@ -17,9 +17,11 @@
#include "ui/qt/widgets/wireshark_file_dialog.h"
#include <ui/qt/widgets/export_objects_view.h>
#include <ui/qt/models/export_objects_model.h>
#include <ui/qt/utils/qt_ui_utils.h>
#include <QDialogButtonBox>
#include <QMessageBox>
#include <QMimeDatabase>
#include <QPushButton>
#include <QComboBox>
#include <QDir>
......@@ -95,14 +97,27 @@ void ExportObjectDialog::currentHasChanged(QModelIndex current)
QModelIndex sibl = current.sibling(current.row(), ExportObjectModel::colPacket);
if (eo_ui_->buttonBox->button(QDialogButtonBox::Open))
{
QString cont = sibl.sibling(current.row(), ExportObjectModel::colContent).data().toString();
/* For security reasons application and unknown are disabled */
eo_ui_->buttonBox->button(QDialogButtonBox::Open)->setEnabled(! cont.startsWith("application/") && ! cont.startsWith("unknown/"));
QString mime_type = sibl.sibling(current.row(), ExportObjectModel::colContent).data().toString();
eo_ui_->buttonBox->button(QDialogButtonBox::Open)->setEnabled(mimeTypeIsPreviewable(mime_type));
}
wsApp->gotoFrame(sibl.data().toInt());
}
}
bool ExportObjectDialog::mimeTypeIsPreviewable(QString mime_type)
{
// XXX This excludes everything except HTTP. Maybe that's a good thing?
// Take care when adding to this, e.g. text/html or image/svg might contain JavaScript.
QStringList previewable_mime_types = QStringList()
<< "text/plain"
<< "image/gif" << "image/jpeg" << "image/png";
if (previewable_mime_types.contains(mime_type)) {
return true;
}
return false;
}
void ExportObjectDialog::modelDataChanged(const QModelIndex&, int from, int to)
{
bool contentTypes_changed = false;
......@@ -203,8 +218,16 @@ void ExportObjectDialog::on_buttonBox_clicked(QAbstractButton *button)
QString temp;
saveCurrentEntry(&temp);
if (temp.length() > 0)
QDesktopServices::openUrl(QUrl(QString("file:///").append(temp), QUrl::TolerantMode));
if (temp.length() > 0) {
QMimeDatabase mime_db;
QMimeType mime_type = mime_db.mimeTypeForFile(temp, QMimeDatabase::MatchContent);
if (mimeTypeIsPreviewable(mime_type.name())) {
QDesktopServices::openUrl(QUrl(QString("file:///").append(temp), QUrl::TolerantMode));
} else {
desktop_show_in_folder(temp);
}
}
break;
}
default: // Help, Cancel
......
......@@ -55,6 +55,7 @@ private slots:
void currentHasChanged(QModelIndex current);
private:
bool mimeTypeIsPreviewable(QString mime_type);
void saveCurrentEntry(QString *tempFile = Q_NULLPTR);
void saveAllEntries();
......
......@@ -614,7 +614,9 @@ void ProtoTree::itemDoubleClicked(const QModelIndex &index)
} else {
QString url = finfo.url();
if (!url.isEmpty()) {
QDesktopServices::openUrl(QUrl(url));
QApplication::clipboard()->setText(url);
QString push_msg = tr("Copied ") + url;
wsApp->pushStatus(WiresharkApplication::TemporaryStatus, push_msg);
}
}
}
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment