Begin to check for injectible commands

2025-05-05 12:18:45 +02:00 · 2025-04-24 16:30:40 +01:00 · 2025-04-24 16:30:40 +01:00 · b6a9d3074b
commit b6a9d3074b
parent 505eb56e74
2 changed files with 10 additions and 1 deletions
--- a/6
+++ b/6
@ -9,6 +9,12 @@ Extended features:
 o -thinlines can ensure maximum as well as minimum thickness
 o New -decompress-just-content for easier content stream debugging

+Fixes:
+
+* Sanitizes inputs to prevent command injection attacks
+
+* = Supported by a grant from NLnet
+
 2.8.1 (April 2025)

 New features:
--- a/cpdfcommand.ml
+++ b/cpdfcommand.ml
@ -1637,12 +1637,15 @@ let setimageresolution f =
  args.op <- Some (ImageResolution f)

 let setimpath p =
+  Cpdfutil.check_injectible p;
  args.path_to_im <- p

 let setjbig2encpath p =
+  Cpdfutil.check_injectible p;
  args.path_to_jbig2enc <- p

 let setp2ppath p =
+  Cpdfutil.check_injectible p;
  args.path_to_p2p <- p

 let setfrombox s =
@ -2804,7 +2807,7 @@ let specs =
    Arg.String setpostpend,
    " Postpend content to page");
   ("-gs",
-    Arg.String (fun s ->  args.path_to_ghostscript <- s),
+    Arg.String (fun s -> Cpdfutil.check_injectible s; args.path_to_ghostscript <- s),
    " Path to gs executable");
   ("-gs-malformed",
    Arg.Unit setgsmalformed,