Refuse non-string parameters to Polkit.spawn()

Using integers or floating-point numbers could have resulted in a crash. Use JSVAL_IS_STRING() instead of implicit conversion through JS_ValueToString(); hopefully this will nudge the rule writer toward thinking more about the string conversion and the format of the resulting string. https://bugs.freedesktop.org/show_bug.cgi?id=63575
author: Miloslav Trmač <mitr@redhat.com> 2013-04-18 20:32:05 +0200
committer: Miloslav Trmač <mitr@redhat.com> 2013-05-06 20:05:27 +0200
commit: 18f9d2608b145a3cc39e88b3e8aa74c742d47190 (patch)
tree: 5597f1ff8627c732d1eabbc0ff913461d8dff7c9
parent: 8085a29c67c4a6e1f58f8975e0f7426d09d0fa99 (diff)
download: polkit-18f9d2608b145a3cc39e88b3e8aa74c742d47190.tar.gz
1 files changed, 6 insertions, 0 deletions
diff --git a/src/polkitbackend/polkitbackendjsauthority.c b/src/polkitbackend/polkitbackendjsauthority.c
index 0dd9548..bc2fe22 100644
--- a/src/polkitbackend/polkitbackendjsauthority.c
+++ b/src/polkitbackend/polkitbackendjsauthority.c
@@ -1357,6 +1357,12 @@ js_polkit_spawn (JSContext  *cx,
           JS_ReportError (cx, "Failed to get element %d", n);
           goto out;
         }
+      if (!JSVAL_IS_STRING (elem_val))
+	{
+          JS_ReportError (cx, "Element %d is not a string", n);
+          goto out;
+	}
+      s = JS_EncodeString (cx, JSVAL_TO_STRING (elem_val));
       s = JS_EncodeString (cx, JSVAL_TO_STRING (elem_val));
       argv[n] = g_strdup (s);
       JS_free (cx, s);
author	Miloslav Trmač <mitr@redhat.com>	2013-04-18 20:32:05 +0200
committer	Miloslav Trmač <mitr@redhat.com>	2013-05-06 20:05:27 +0200
commit	18f9d2608b145a3cc39e88b3e8aa74c742d47190 (patch)
tree	5597f1ff8627c732d1eabbc0ff913461d8dff7c9
parent	8085a29c67c4a6e1f58f8975e0f7426d09d0fa99 (diff)
download	polkit-18f9d2608b145a3cc39e88b3e8aa74c742d47190.tar.gz