mirror/kimageformats
1
0
Fork 0
mirror of https://invent.kde.org/frameworks/kimageformats.git synced 2025-06-03 17:08:08 -04:00
Code Issues Packages Projects Releases Wiki Activity

Check executables exist in PATH before passing them to QProcess

Browse Source 
See:
https://kde.org/info/security/advisory-20220131-1.txt
https://mail.kde.org/pipermail/kde-devel/2022-January/000943.html
This commit is contained in:
Ahmad Samir 2022-02-03 11:28:41 +02:00
parent 96836e849f
commit 0a02458560
1 changed files with 8 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
src/imageformats/eps.cpp
View File

@ -15,6 +15,7 @@
#include <QPainter> #include <QPainter>
#include <QPrinter> #include <QPrinter>
#include <QProcess> #include <QProcess>
#include <QStandardPaths>
#include <QTemporaryFile> #include <QTemporaryFile>
// logging category for this framework, default: log stuff >= warning // logging category for this framework, default: log stuff >= warning
@ -176,6 +177,12 @@ bool EPSHandler::read(QImage *image)
// create GS command line // create GS command line
const QString gsExec = QStandardPaths::findExecutable(QStringLiteral("gs"));
if (gsExec.isEmpty()) {
qWarning(EPSPLUGIN) << "Couldn't find gs exectuable (from GhostScript) in PATH.";
return false;
}
QStringList gsArgs; QStringList gsArgs;
gsArgs << QLatin1String("-sOutputFile=") + tmpFile.fileName() << QStringLiteral("-q") << QStringLiteral("-g%1x%2").arg(wantedWidth).arg(wantedHeight) gsArgs << QLatin1String("-sOutputFile=") + tmpFile.fileName() << QStringLiteral("-q") << QStringLiteral("-g%1x%2").arg(wantedWidth).arg(wantedHeight)
<< QStringLiteral("-dSAFER") << QStringLiteral("-dPARANOIDSAFER") << QStringLiteral("-dNOPAUSE") << QStringLiteral("-sDEVICE=ppm") << QStringLiteral("-dSAFER") << QStringLiteral("-dPARANOIDSAFER") << QStringLiteral("-dNOPAUSE") << QStringLiteral("-sDEVICE=ppm")
@ -192,7 +199,7 @@ bool EPSHandler::read(QImage *image)
QProcess converter; QProcess converter;
converter.setProcessChannelMode(QProcess::ForwardedErrorChannel); converter.setProcessChannelMode(QProcess::ForwardedErrorChannel);
converter.start(QStringLiteral("gs"), gsArgs); converter.start(gsExec, gsArgs);
if (!converter.waitForStarted(3000)) { if (!converter.waitForStarted(3000)) {
qCWarning(EPSPLUGIN) << "Reading EPS files requires gs (from GhostScript)"; qCWarning(EPSPLUGIN) << "Reading EPS files requires gs (from GhostScript)";
return false; return false;