This is an automated email from the git hooks/post-receive script. x2go pushed a commit to branch bugfix/1100 in repository x2goclient. commit a7ed6868825c111f8d0fa4a64aa82115b8dab039 Author: Mike DePaulo <mikedep333@gmail.com> Date: Sun Mar 26 12:09:11 2017 -0400 Don't override PATH for the actual session or application command. Fixes: #1100 --- debian/changelog | 3 ++ src/onmainwindow.cpp | 67 ++++++++++++++++++++++++++++----------------- src/onmainwindow.h | 1 + src/sshmasterconnection.cpp | 4 +-- src/sshmasterconnection.h | 2 +- src/sshprocess.cpp | 15 ++++++++-- src/sshprocess.h | 2 +- 7 files changed, 62 insertions(+), 32 deletions(-) diff --git a/debian/changelog b/debian/changelog index 42c1e52..8e71aeb 100644 --- a/debian/changelog +++ b/debian/changelog @@ -180,6 +180,9 @@ x2goclient (4.1.0.1-0x2go1) UNRELEASED; urgency=medium default because the installation dir is not writeable by users) + CVE-2017-6542 was fixed + - Don't override PATH for the actual session or application + command. + Fixes: #1100 [ Seth Galitzer ] * New upstream version (4.1.0.1): diff --git a/src/onmainwindow.cpp b/src/onmainwindow.cpp index 5dd3906..0b15649 100644 --- a/src/onmainwindow.cpp +++ b/src/onmainwindow.cpp @@ -6291,7 +6291,7 @@ void ONMainWindow::slotProxyStderr() { xmodExecuted=true; QTimer::singleShot ( - 2000, this, + 4000, this, SLOT ( slotExecXmodmap() ) ); } } @@ -6700,6 +6700,39 @@ void ONMainWindow::slotAppDialog() void ONMainWindow::runCommand() { + + if ( runRemoteCommand ) + { + /* 1st override PATH and determine the base path to x2goruncommand. + * Then in SlotRunCommand, call x2goruncommand without overriding PATH. + * This ensures that the PATH is never overriden with for the actual + * user session. + * Fixes: #1100 + */ + sshConnection->executeCommand ( "x2gobasepath", this, + SLOT ( SlotRunCommand ( bool, + QString, + int )), true); + } +#ifdef Q_WS_HILDON + //wait 5 seconds and execute xkbcomp + QTimer::singleShot ( 5000, this, SLOT ( slotExecXmodmap() ) ); +#endif +} + + +void ONMainWindow::runApplication(QString exec) +{ + QString cmd = "PULSE_CLIENTCONFIG=\"${HOME}/.x2go/C-" + + resumingSession.sessionId+"/.pulse-client.conf\" DISPLAY=:" + + resumingSession.display + + " setsid " + exec + " 1> /dev/null 2>/dev/null & exit"; + + sshConnection->executeCommand (cmd, 0, 0, false); +} + +void ONMainWindow::SlotRunCommand(bool, QString output, int) +{ QString passwd=getCurrentPass(); QString user=getCurrentUname(); QString host=resumingSession.server; @@ -6853,7 +6886,8 @@ void ONMainWindow::runCommand() if ( !startSessSound || startSessSndSystem==PULSE ) { - cmd=krbFwString+"setsid x2goruncommand "+resumingSession.display+" "+ + cmd=krbFwString+"setsid " + output + "/bin/x2goruncommand "+ + resumingSession.display+" "+ resumingSession.agentPid + " " + resumingSession.sessionId+" "+ resumingSession.sndPort+ " "+ command+" nosnd "+ @@ -6870,7 +6904,7 @@ void ONMainWindow::runCommand() switch ( startSessSndSystem ) { case ESD: - cmd=krbFwString+"setsid x2goruncommand "+ + cmd=krbFwString+"setsid " + output + "/bin/x2goruncommand "+ resumingSession.display+" "+ resumingSession.agentPid + " " + resumingSession.sessionId+" "+ @@ -6879,7 +6913,7 @@ void ONMainWindow::runCommand() sessionType +" 1> /dev/null 2>/dev/null & exit"; break; case ARTS: - cmd=krbFwString+"setsid x2goruncommand "+ + cmd=krbFwString+"setsid " + output + "/bin/x2goruncommand "+ resumingSession.display+" "+ resumingSession.agentPid + " " + resumingSession.sessionId+" "+ @@ -6891,27 +6925,10 @@ void ONMainWindow::runCommand() } } - if ( runRemoteCommand ) - { - sshConnection->executeCommand ( cmd, this, SLOT ( slotRetRunCommand ( bool, - QString, - int ) )); - } -#ifdef Q_WS_HILDON - //wait 5 seconds and execute xkbcomp - QTimer::singleShot ( 5000, this, SLOT ( slotExecXmodmap() ) ); -#endif -} - - -void ONMainWindow::runApplication(QString exec) -{ - QString cmd = "PULSE_CLIENTCONFIG=\"${HOME}/.x2go/C-" - + resumingSession.sessionId+"/.pulse-client.conf\" DISPLAY=:" - + resumingSession.display - + " setsid " + exec + " 1> /dev/null 2>/dev/null & exit"; - - sshConnection->executeCommand (cmd); + sshConnection->executeCommand ( cmd, this, + SLOT ( slotRetRunCommand ( bool, + QString, + int )), false); } void ONMainWindow::slotRetRunCommand ( bool result, QString output, diff --git a/src/onmainwindow.h b/src/onmainwindow.h index 37b454c..d2e5399 100644 --- a/src/onmainwindow.h +++ b/src/onmainwindow.h @@ -1080,6 +1080,7 @@ private slots: void slotShowAdvancedStat(); void slotRestartProxy(); void slotTestSessionStatus(); + void SlotRunCommand(bool, QString output, int); void slotRetRunCommand ( bool result, QString output, int ); void slotGetServers ( bool result, QString output, diff --git a/src/sshmasterconnection.cpp b/src/sshmasterconnection.cpp index 8e620c2..f2db295 100644 --- a/src/sshmasterconnection.cpp +++ b/src/sshmasterconnection.cpp @@ -290,14 +290,14 @@ int SshMasterConnection::copyFile(const QString& src, const QString dst, QObject return proc->pid; } -int SshMasterConnection::executeCommand(const QString& command, QObject* receiver, const char* slotFinished) +int SshMasterConnection::executeCommand(const QString& command, QObject* receiver, const char* slotFinished, bool overridePath) { SshProcess* proc=new SshProcess(this, nextPid++); if(receiver && slotFinished) { connect(proc, SIGNAL(sshFinished(bool,QString,int)), receiver, slotFinished); } - proc->startNormal(command); + proc->startNormal(command, overridePath); processes<<proc; return proc->pid; diff --git a/src/sshmasterconnection.h b/src/sshmasterconnection.h index 4cc1f82..13499e6 100644 --- a/src/sshmasterconnection.h +++ b/src/sshmasterconnection.h @@ -89,7 +89,7 @@ public: void writeKnownHosts(bool); void setKeyPhrase(QString); - int executeCommand(const QString& command, QObject* receiver=0, const char* slotFinished=0); + int executeCommand(const QString& command, QObject* receiver=0, const char* slotFinished=0, bool overridePath=true); int startTunnel(const QString& forwardHost, uint forwardPort, const QString& localHost, uint localPort, bool reverse=false, QObject* receiver=0, const char* slotTunnelOk=0, const char* slotFinished=0); int copyFile(const QString& src, const QString dst, QObject* receiver=0, const char* slotFinished=0); diff --git a/src/sshprocess.cpp b/src/sshprocess.cpp index d921806..a5bb5cf 100644 --- a/src/sshprocess.cpp +++ b/src/sshprocess.cpp @@ -188,7 +188,7 @@ void SshProcess::rmPuttyReg(QString uuidStr) } #endif -void SshProcess::startNormal(const QString& cmd) +void SshProcess::startNormal(const QString& cmd, bool overridePath) { QUuid uuid = QUuid::createUuid(); QString uuidStr = uuid.toString().mid(1, 36).toLower(); @@ -198,9 +198,18 @@ void SshProcess::startNormal(const QString& cmd) // ONLY UNCOMMENT FOR TESTING, MIGHT REVEAL PASSWORD WHEN command=RDP x2goDebug<<"Executing remote command via SshProcess object "<<pid<<": "<<cmd; // #endif + QString pathString; + if (overridePath) + { + pathString = "export PATH=\"/usr/local/bin:/usr/bin:/bin\";"; + } + else + { + pathString= ""; + } if(!masterCon->useKerberos()) { - QString shcmd = "bash -l -c 'echo \"X2GODATABEGIN:" + uuidStr + "\"; export PATH=\"/usr/local/bin:/usr/bin:/bin\"; export TERM=\"dumb\"; "+cmd+"; echo \"X2GODATAEND:" + uuidStr + "\";'"; + QString shcmd = "bash -l -c 'echo \"X2GODATABEGIN:" + uuidStr + "\"; " + pathString + "export TERM=\"dumb\"; "+cmd+"; echo \"X2GODATAEND:" + uuidStr + "\";'"; x2goDebug << "this="<<this<<" Running masterCon->addChannelConnection(this, '" << uuidStr << "', '" << shcmd.left (200) << "');"; masterCon->addChannelConnection(this, uuidStr, shcmd); connect(masterCon,SIGNAL(stdOut(SshProcess*,QByteArray)),this,SLOT(slotStdOut(SshProcess*,QByteArray))); @@ -222,7 +231,7 @@ void SshProcess::startNormal(const QString& cmd) * as there is no preceding "outer double quote" the whole argument * is wrapped in. */ - shcmd = "bash -l -c 'echo \"X2GODATABEGIN:" + uuidStr + "\"; export PATH=\"/usr/local/bin:/usr/bin:/bin\"; export TERM=\"dumb\"; "+cmd+"; echo \"X2GODATAEND:" + uuidStr + "\";'"; + shcmd = "bash -l -c 'echo \"X2GODATABEGIN:" + uuidStr + "\";" + pathString + "export TERM=\"dumb\"; "+cmd+"; echo \"X2GODATAEND:" + uuidStr + "\";'"; proc=new QProcess(this); QString local_cmd = ""; diff --git a/src/sshprocess.h b/src/sshprocess.h index c9c3733..e8df1ea 100644 --- a/src/sshprocess.h +++ b/src/sshprocess.h @@ -36,7 +36,7 @@ private: SshProcess(SshMasterConnection* master, int pid); ~SshProcess(); - void startNormal(const QString& cmd); + void startNormal(const QString& cmd, bool overridePath); void startTunnel(const QString& forwardHost, uint forwardPort, const QString& localHost, uint localPort, bool reverse=false); void start_cp(QString src, QString dst); -- Alioth's /srv/git/code.x2go.org/x2goclient.git//..//_hooks_/post-receive-email on /srv/git/code.x2go.org/x2goclient.git