From 03e45fb913f76478ef1d9f1d51260345bcdbc6de Mon Sep 17 00:00:00 2001
From: Benedikt Meurer <benny@xfce.org>
Date: Tue, 11 Apr 2006 23:07:02 +0000
Subject: [PATCH] 2006-04-11 Benedikt Meurer <benny@xfce.org>
* thunar-vfs/thunar-vfs-deep-count-job.c
(thunar_vfs_deep_count_job_status_ready): Be sure to use 64bit
unsigned integers for the time comparison. Fix another typo.
* plugins/thunar-uca/thunar-uca-plugin.c(thunar_extension_initialize):
Fix typo.
* thunar-vfs/thunar-vfs-info.c: Try to identify malicious .desktop
files that try to look like a regular document.
(Old svn revision: 20855)
---
ChangeLog | 10 ++++
plugins/thunar-uca/thunar-uca-plugin.c | 3 +-
thunar-vfs/thunar-vfs-deep-count-job.c | 5 +-
thunar-vfs/thunar-vfs-info.c | 82 +++++++++++++++++++-------
4 files changed, 75 insertions(+), 25 deletions(-)
diff --git a/ChangeLog b/ChangeLog
index 113b3ab8e..2b0147130 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,13 @@
+2006-04-11 Benedikt Meurer <benny@xfce.org>
+
+ * thunar-vfs/thunar-vfs-deep-count-job.c
+ (thunar_vfs_deep_count_job_status_ready): Be sure to use 64bit
+ unsigned integers for the time comparison. Fix another typo.
+ * plugins/thunar-uca/thunar-uca-plugin.c(thunar_extension_initialize):
+ Fix typo.
+ * thunar-vfs/thunar-vfs-info.c: Try to identify malicious .desktop
+ files that try to look like a regular document.
+
2006-04-09 Benedikt Meurer <benny@xfce.org>
* icons/Makefile.am: Be sure to run gtk-update-icon-cache after
diff --git a/plugins/thunar-uca/thunar-uca-plugin.c b/plugins/thunar-uca/thunar-uca-plugin.c
index 889375a34..3231321d2 100644
--- a/plugins/thunar-uca/thunar-uca-plugin.c
+++ b/plugins/thunar-uca/thunar-uca-plugin.c
@@ -39,7 +39,8 @@ thunar_extension_initialize (ThunarxProviderPlugin *plugin)
const gchar *mismatch;
/* verify that the thunarx versions are compatible */
- mismatch = thunarx_check_version (THUNARX_MAJOR_VERSION, THUNARX_MINOR_VERSION, THUNARX_MICRO_VERSION); if (G_UNLIKELY (mismatch != NULL))
+ mismatch = thunarx_check_version (THUNARX_MAJOR_VERSION, THUNARX_MINOR_VERSION, THUNARX_MICRO_VERSION);
+ if (G_UNLIKELY (mismatch != NULL))
{
g_warning ("Version mismatch: %s", mismatch);
return;
diff --git a/thunar-vfs/thunar-vfs-deep-count-job.c b/thunar-vfs/thunar-vfs-deep-count-job.c
index b4451e6f4..79e880d00 100644
--- a/thunar-vfs/thunar-vfs-deep-count-job.c
+++ b/thunar-vfs/thunar-vfs-deep-count-job.c
@@ -326,13 +326,14 @@ thunar_vfs_deep_count_job_status_ready (ThunarVfsDeepCountJob *deep_count_job)
GTimeVal current_time;
/* check if we should update (at most every 128 files, but not more than fourth per second) */
- if (((deep_count_job->unreadable_directory_count + deep_count_job->directory_count + deep_count_job->file_count)) % 128)
+ if (((deep_count_job->unreadable_directory_count + deep_count_job->directory_count + deep_count_job->file_count) % 128) == 0)
{
/* determine the current time */
g_get_current_time (¤t_time);
/* check if more than 250ms elapsed since the last "status-ready" */
- if (((current_time.tv_sec - deep_count_job->last_time.tv_sec) * 1000 + (current_time.tv_usec - deep_count_job->last_time.tv_usec) / 1000) >= 250)
+ if (((current_time.tv_sec - deep_count_job->last_time.tv_sec) * 1000ull
+ + (current_time.tv_usec - deep_count_job->last_time.tv_usec) / 1000ull) >= 250ull)
{
/* remember the current time */
deep_count_job->last_time = current_time;
diff --git a/thunar-vfs/thunar-vfs-info.c b/thunar-vfs/thunar-vfs-info.c
index abbb608bf..a4bad4f9b 100644
--- a/thunar-vfs/thunar-vfs-info.c
+++ b/thunar-vfs/thunar-vfs-info.c
@@ -81,6 +81,7 @@
static ThunarVfsMimeDatabase *mime_database;
+static ThunarVfsMimeInfo *mime_application_octet_stream;
static ThunarVfsMimeInfo *mime_application_x_shellscript;
static ThunarVfsMimeInfo *mime_application_x_executable;
static ThunarVfsMimeInfo *mime_application_x_desktop;
@@ -697,6 +698,7 @@ _thunar_vfs_info_init (void)
mime_application_x_desktop = thunar_vfs_mime_database_get_info (mime_database, "application/x-desktop");
mime_application_x_executable = thunar_vfs_mime_database_get_info (mime_database, "application/x-executable");
mime_application_x_shellscript = thunar_vfs_mime_database_get_info (mime_database, "application/x-shellscript");
+ mime_application_octet_stream = thunar_vfs_mime_database_get_info (mime_database, "application/octet-stream");
}
@@ -711,6 +713,7 @@ void
_thunar_vfs_info_shutdown (void)
{
/* release the mime type references */
+ thunar_vfs_mime_info_unref (mime_application_octet_stream);
thunar_vfs_mime_info_unref (mime_application_x_shellscript);
thunar_vfs_mime_info_unref (mime_application_x_executable);
thunar_vfs_mime_info_unref (mime_application_x_desktop);
@@ -737,16 +740,17 @@ _thunar_vfs_info_new_internal (ThunarVfsPath *path,
const gchar *absolute_path,
GError **error)
{
- ThunarVfsInfo *info;
- const guchar *s;
- const gchar *name;
- const gchar *str;
- struct stat lsb;
- struct stat sb;
- XfceRc *rc;
- GList *mime_infos;
- GList *lp;
- gchar *p;
+ ThunarVfsMimeInfo *fake_mime_info;
+ ThunarVfsInfo *info;
+ const guchar *s;
+ const gchar *name;
+ const gchar *str;
+ struct stat lsb;
+ struct stat sb;
+ XfceRc *rc;
+ GList *mime_infos;
+ GList *lp;
+ gchar *p;
g_return_val_if_fail (g_path_is_absolute (absolute_path), NULL);
g_return_val_if_fail (error == NULL || *error == NULL, NULL);
@@ -921,18 +925,6 @@ _thunar_vfs_info_new_internal (ThunarVfsPath *path,
}
}
- /* check if we have a valid name info */
- str = xfce_rc_read_entry (rc, "Name", NULL);
- if (G_LIKELY (str != NULL && *str != '\0'))
- {
- /* release the previous display name */
- if (G_UNLIKELY (info->display_name != thunar_vfs_path_get_name (info->path)))
- g_free (info->display_name);
-
- /* use the name specified by the .desktop file as display name */
- info->display_name = g_strdup (str);
- }
-
/* determine the type of the .desktop file */
str = xfce_rc_read_entry_untranslated (rc, "Type", "Application");
@@ -951,6 +943,52 @@ _thunar_vfs_info_new_internal (ThunarVfsPath *path,
info->flags |= THUNAR_VFS_FILE_FLAGS_EXECUTABLE;
}
+ /* check if we have a valid name info */
+ str = xfce_rc_read_entry (rc, "Name", NULL);
+ if (G_LIKELY (str != NULL && *str != '\0' && g_utf8_validate (str, -1, NULL)))
+ {
+ /* check if we declared the file as executable */
+ if ((info->flags & THUNAR_VFS_FILE_FLAGS_EXECUTABLE) != 0)
+ {
+ /* check if the file tries to look like a regular document (i.e.
+ * a display name of 'file.png'), maybe a virus or other malware.
+ */
+ fake_mime_info = thunar_vfs_mime_database_get_info_for_name (mime_database, str);
+ if (fake_mime_info != mime_application_octet_stream && fake_mime_info != info->mime_info)
+ {
+ /* release the previous mime info */
+ thunar_vfs_mime_info_unref (info->mime_info);
+
+ /* set the MIME type of the file to 'x-thunar/suspected-malware' to indicate that
+ * it's not safe to trust the file content and execute it or otherwise operate on it.
+ */
+ info->mime_info = thunar_vfs_mime_database_get_info (mime_database, "x-thunar/suspected-malware");
+
+ /* reset the executable flag */
+ info->flags &= ~THUNAR_VFS_FILE_FLAGS_EXECUTABLE;
+
+ /* reset the custom icon */
+ g_free (info->custom_icon);
+ info->custom_icon = NULL;
+
+ /* reset the name str, so we display the real file name */
+ str = NULL;
+ }
+ thunar_vfs_mime_info_unref (fake_mime_info);
+ }
+
+ /* check if the name str wasn't reset */
+ if (G_LIKELY (str != NULL))
+ {
+ /* release the previous display name */
+ if (G_UNLIKELY (info->display_name != thunar_vfs_path_get_name (info->path)))
+ g_free (info->display_name);
+
+ /* use the name specified by the .desktop file as display name */
+ info->display_name = g_strdup (str);
+ }
+ }
+
/* close the file */
xfce_rc_close (rc);
}
--
GitLab