[Libreoffice-commits] core.git: Branch 'distro/lhm/libreoffice-6-4+backports' - shell/source

Thu, 24 Feb 2022 05:21:48 -0800 

 shell/source/win32/SysShExec.cxx |    8 ++++++--
 1 file changed, 6 insertions(+), 2 deletions(-)

New commits:
commit bbfa09e77994d14e38148d50ac2a8f4487f0e01d
Author:     Caolán McNamara <caol...@redhat.com>
AuthorDate: Tue Feb 22 09:41:26 2022 +0000
Commit:     Michael Stahl <michael.st...@allotropia.de>
CommitDate: Thu Feb 24 14:21:04 2022 +0100

    add to suffix denylist
    
    mostly https: 
//support.google.com/mail/answer/6590?hl=en#zippy=%2Cmessages-that-have-attachments
    
    but see also:
    
https://www.howtogeek.com/137270/50-file-extensions-that-are-potentially-dangerous-on-windows
    
    Change-Id: Ibe3abbdcdb6f82a73d245318ef97d86789d00523
    Reviewed-on: https://gerrit.libreoffice.org/c/core/+/130394
    Tested-by: Jenkins
    Reviewed-by: Caolán McNamara <caol...@redhat.com>
    Reviewed-on: https://gerrit.libreoffice.org/c/core/+/130382
    Reviewed-by: Adolfo Jayme Barrientos <fit...@ubuntu.com>
    (cherry picked from commit 8b72ddb734e0f4457d0233ae9e56dd76526f1dc9)
    Reviewed-on: https://gerrit.libreoffice.org/c/core/+/130492
    Tested-by: Michael Stahl <michael.st...@allotropia.de>
    Reviewed-by: Michael Stahl <michael.st...@allotropia.de>

diff --git a/shell/source/win32/SysShExec.cxx b/shell/source/win32/SysShExec.cxx
index ec61e96f762b..8e8237dd12af 100644
--- a/shell/source/win32/SysShExec.cxx
+++ b/shell/source/win32/SysShExec.cxx
@@ -425,8 +425,12 @@ void SAL_CALL CSysShExec::execute( const OUString& 
aCommand, const OUString& aPa
                     if (!(checkExtension(ext, env)
                           && checkExtension(
                               ext,
-                              
".COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC;.MSI;.PY;.CLASS;"
-                                  ".JAR;.APPLICATION;.LNK;.SCR")))
+                              
".ADE;.ADP;.APK;.APPLICATION;.APPX;.APPXBUNDLE;.BAT;.CAB;.CHM;.CLASS;"
+                              
".CMD;.COM;.CPL;.DLL;.DMG;.EX;.EX_;.EXE;.GADGET;.HTA;.INF;.INS;.IPA;"
+                              
".ISO;.ISP;.JAR;.JS;.JSE;.LIB;.LNK;.MDE;.MSC;.MSH;.MSH1;.MSH2;.MSHXML;"
+                              
".MSH1XML;.MSH2XML;.MSI;.MSIX;.MSIXBUNDLE;.MSP;.MST;.NSH;.PIF;.PS1;"
+                              
".PS1XML;.PS2;.PS2XML;.PSC1;.PSC2;.PY;.REG;.SCF;.SCR;.SCT;.SHB;.SYS;"
+                              ".VB;.VBE;.VBS;.VXD;.WS;.WSC;.WSF;.WSH;")))
                     {
                         throw css::lang::IllegalArgumentException(
                             "XSystemShellExecute.execute, cannot process <" + 
aCommand + ">", {},

Reply via email to