diff options
Diffstat (limited to 'src/firecfg')
-rw-r--r-- | src/firecfg/desktop_files.c | 39 | ||||
-rw-r--r-- | src/firecfg/firecfg.config | 2 |
2 files changed, 24 insertions, 17 deletions
diff --git a/src/firecfg/desktop_files.c b/src/firecfg/desktop_files.c index 49e58528c..eb3794d3f 100644 --- a/src/firecfg/desktop_files.c +++ b/src/firecfg/desktop_files.c | |||
@@ -163,8 +163,6 @@ void fix_desktop_files(char *homedir) { | |||
163 | // skip links | 163 | // skip links |
164 | if (is_link(filename)) | 164 | if (is_link(filename)) |
165 | continue; | 165 | continue; |
166 | if (stat(filename, &sb) == -1) | ||
167 | errExit("stat"); | ||
168 | 166 | ||
169 | // no profile in /etc/firejail, no desktop file fixing | 167 | // no profile in /etc/firejail, no desktop file fixing |
170 | if (!have_profile(filename, homedir)) | 168 | if (!have_profile(filename, homedir)) |
@@ -173,23 +171,33 @@ void fix_desktop_files(char *homedir) { | |||
173 | //**************************************************** | 171 | //**************************************************** |
174 | // load the file in memory and do some basic checking | 172 | // load the file in memory and do some basic checking |
175 | //**************************************************** | 173 | //**************************************************** |
176 | /* coverity[toctou] */ | 174 | FILE *fp = fopen(filename, "r"); |
177 | int fd = open(filename, O_RDONLY); | 175 | if (!fp) { |
178 | if (fd == -1) { | ||
179 | fprintf(stderr, "Warning: cannot open /usr/share/applications/%s\n", filename); | 176 | fprintf(stderr, "Warning: cannot open /usr/share/applications/%s\n", filename); |
180 | continue; | 177 | continue; |
181 | } | 178 | } |
182 | 179 | ||
183 | char *buf = mmap(NULL, sb.st_size + 1, PROT_READ | PROT_WRITE, MAP_PRIVATE, fd, 0); | 180 | fseek(fp, 0, SEEK_END); |
184 | if (buf == MAP_FAILED) | 181 | size_t size = ftell(fp); |
185 | errExit("mmap"); | 182 | fseek(fp, 0, SEEK_SET); |
186 | close(fd); | 183 | char *buf = malloc(size + 1); |
184 | if (!buf) | ||
185 | errExit("malloc"); | ||
186 | |||
187 | size_t loaded = fread(buf, size, 1, fp); | ||
188 | fclose(fp); | ||
189 | if (loaded != 1) { | ||
190 | fprintf(stderr, "Warning: cannot read /usr/share/applications/%s\n", filename); | ||
191 | free(buf); | ||
192 | continue; | ||
193 | } | ||
194 | buf[size] = '\0'; | ||
187 | 195 | ||
188 | // check format | 196 | // check format |
189 | if (strstr(buf, "[Desktop Entry]\n") == NULL) { | 197 | if (strstr(buf, "[Desktop Entry]\n") == NULL) { |
190 | if (arg_debug) | 198 | if (arg_debug) |
191 | printf(" %s - skipped: wrong format?\n", filename); | 199 | printf(" %s - skipped: wrong format?\n", filename); |
192 | munmap(buf, sb.st_size + 1); | 200 | free(buf); |
193 | continue; | 201 | continue; |
194 | } | 202 | } |
195 | 203 | ||
@@ -198,7 +206,7 @@ void fix_desktop_files(char *homedir) { | |||
198 | if (!ptr || strlen(ptr) < 7) { | 206 | if (!ptr || strlen(ptr) < 7) { |
199 | if (arg_debug) | 207 | if (arg_debug) |
200 | printf(" %s - skipped: wrong format?\n", filename); | 208 | printf(" %s - skipped: wrong format?\n", filename); |
201 | munmap(buf, sb.st_size + 1); | 209 | free(buf); |
202 | continue; | 210 | continue; |
203 | } | 211 | } |
204 | 212 | ||
@@ -207,7 +215,7 @@ void fix_desktop_files(char *homedir) { | |||
207 | if (execname[0] == '"') { | 215 | if (execname[0] == '"') { |
208 | if (arg_debug) | 216 | if (arg_debug) |
209 | printf(" %s - skipped: path quoting unsupported\n", filename); | 217 | printf(" %s - skipped: path quoting unsupported\n", filename); |
210 | munmap(buf, sb.st_size + 1); | 218 | free(buf); |
211 | continue; | 219 | continue; |
212 | } | 220 | } |
213 | 221 | ||
@@ -241,12 +249,9 @@ void fix_desktop_files(char *homedir) { | |||
241 | } | 249 | } |
242 | } | 250 | } |
243 | 251 | ||
244 | if (change_exec == NULL && change_dbus == 0) { | 252 | free(buf); |
245 | munmap(buf, sb.st_size + 1); | 253 | if (change_exec == NULL && change_dbus == 0) |
246 | continue; | 254 | continue; |
247 | } | ||
248 | |||
249 | munmap(buf, sb.st_size + 1); | ||
250 | 255 | ||
251 | //**************************************************** | 256 | //**************************************************** |
252 | // generate output file | 257 | // generate output file |
diff --git a/src/firecfg/firecfg.config b/src/firecfg/firecfg.config index e34ac786c..1835502a4 100644 --- a/src/firecfg/firecfg.config +++ b/src/firecfg/firecfg.config | |||
@@ -40,6 +40,7 @@ audacious | |||
40 | audacity | 40 | audacity |
41 | aweather | 41 | aweather |
42 | baloo_file | 42 | baloo_file |
43 | baloo_filemetadata_temp_extractor | ||
43 | baobab | 44 | baobab |
44 | basilisk | 45 | basilisk |
45 | bibletime | 46 | bibletime |
@@ -306,6 +307,7 @@ pix | |||
306 | playonlinux | 307 | playonlinux |
307 | pluma | 308 | pluma |
308 | polari | 309 | polari |
310 | ppsspp | ||
309 | psi-plus | 311 | psi-plus |
310 | # pycharm-community - FB note: may enable later | 312 | # pycharm-community - FB note: may enable later |
311 | # pycharm-professional | 313 | # pycharm-professional |