Cairo-Dock Core

GMenu does not handle desktop file exec strings properly

Bug #526138 reported by Tristan Moody
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
Cairo-Dock Core
Fix Released
Undecided
Unassigned
Nominated for 2.1 by Tristan Moody

Bug Description

Using GMenu plugin on cairo-dock-2.1.2.4 on Fedora 12:

Applications in the main menu whose .desktop file exec string contains quotes (single or double) don't get launched.

Example: Launching the application Kst from GMenu
exec=kst -caption "%c" %i %m

cairo-dock -l debug output:
debug : (cairo-dock-callbacks.c:cairo_dock_launch_command_full:955)
  cairo_dock_launch_command_full (kst -caption " , (null))
sh: -c: line 0: unexpected EOF while looking for matching `"'
sh: -c: line 1: syntax error: unexpected end of file

by the time the exec string gets to cairo_dock_launch_command_full, any text appearing after quotes is truncated, causing the program to fail to launch.

workaround: modify .desktop files to remove quotes from exec strings

suggestion: GMenu/applet-utils.c:89 --> change g_key_file_get_string to g_key_file_get_value

Thoughts? Does this open up any security issues?

Reasoning:
g_key_file_parse_value_as_string, as called by g_key_file_get_string takes the result of g_key_file_get_value and processes some escape sequences. However, it does not, for some reason, handle escapes such as \' and \", which mangles the exec string, causing the program not to launch.

Related branches

lp:~cairo-dock-team/cairo-dock-plug-ins/ubuntu
Matthieu Baerts: Approve
Diff: 216785 lines (+102141/-48611)
442 files modified
Animated-icons/src/applet-config.c (+1/-1)
Animated-icons/src/applet-init.c (+56/-20)
Animated-icons/src/applet-notifications.c (+7/-8)
Animated-icons/src/applet-rotation.c (+4/-4)
Animated-icons/src/applet-spot.c (+7/-7)
Animated-icons/src/applet-struct.h (+2/-2)
Animated-icons/src/applet-unfold.c (+9/-86)
Animated-icons/src/applet-wave.c (+6/-6)
Animated-icons/src/applet-wobbly.c (+11/-8)
Applets.stable (+6/-0)
CMakeLists.txt (+334/-110)
Cairo-Penguin/data/Cairo-Penguin.conf.in (+16/-7)
Cairo-Penguin/src/applet-animation.c (+10/-10)
Cairo-Penguin/src/applet-animation.h (+3/-3)
Cairo-Penguin/src/applet-init.c (+32/-8)
Cairo-Penguin/src/applet-notifications.c (+12/-5)
Cairo-Penguin/src/applet-notifications.h (+2/-2)
Clipper/data/Clipper.conf.in (+14/-7)
Clipper/src/applet-clipboard.c (+1/-1)
Clipper/src/applet-notifications.c (+3/-2)
Dbus/CMakeLists.txt (+2/-12)
Dbus/data/Dbus.conf.in (+0/-5)
Dbus/demos/demo_bash/demo_bash (+16/-99)
Dbus/demos/demo_bash/demo_bash.sh (+106/-163)
Dbus/demos/demo_mono/demo_mono.conf (+101/-0)
Dbus/demos/demo_mono/demo_mono.cs (+128/-152)
Dbus/demos/demo_python/auto-load.conf (+6/-0)
Dbus/demos/demo_python/demo_python (+109/-134)
Dbus/demos/demo_ruby/README (+19/-0)
Dbus/demos/demo_ruby/auto-load.conf (+19/-0)
Dbus/demos/demo_ruby/demo_ruby (+127/-0)
Dbus/demos/demo_ruby/demo_ruby.conf (+101/-0)
Dbus/demos/demo_vala/demo_vala.vala (+101/-116)
Dbus/interfaces/CMakeLists.txt (+14/-0)
Dbus/interfaces/bash/BashInstall.cmake.in (+15/-0)
Dbus/interfaces/bash/CDBashApplet.py (+83/-0)
Dbus/interfaces/bash/CDBashApplet.sh (+178/-0)
Dbus/interfaces/bash/CMakeLists.txt (+19/-0)
Dbus/interfaces/bash/setup.py (+25/-0)
Dbus/interfaces/mono/CDApplet.cs (+273/-0)
Dbus/interfaces/mono/CMakeLists.txt (+13/-0)
Dbus/interfaces/mono/IApplet.cs (+91/-0)
Dbus/interfaces/mono/ISubApplet.cs (+43/-0)
Dbus/interfaces/python/CDApplet.py (+246/-0)
Dbus/interfaces/python/CMakeLists.txt (+13/-0)
Dbus/interfaces/python/PythonInstall.cmake.in (+15/-0)
Dbus/interfaces/python/setup.py (+25/-0)
Dbus/interfaces/ruby/CDApplet.rb (+291/-0)
Dbus/interfaces/ruby/CMakeLists.txt (+5/-0)
Dbus/interfaces/vala/CDApplet.deps (+1/-0)
Dbus/interfaces/vala/CDApplet.pc.in (+11/-0)
Dbus/interfaces/vala/CDApplet.vala (+328/-0)
Dbus/interfaces/vala/CMakeLists.txt (+51/-0)
Dbus/interfaces/vala/ValaVapiPath.txt.in (+1/-0)
Dbus/interfaces/vala/src/CDApplet.c (+3530/-0)
Dbus/interfaces/vala/src/CDApplet.h (+215/-0)
Dbus/interfaces/vala/src/CDApplet.vapi (+116/-0)
Dbus/interfaces/vala/src/CMakeLists.txt (+30/-0)
Dbus/interfaces/vala/src/ValaVapiPath.txt (+1/-0)
Dbus/src/CMakeLists.txt (+0/-55)
Dbus/src/applet-config.c (+0/-15)
Dbus/src/applet-dbus.c (+255/-219)
Dbus/src/applet-dbus.h (+2/-8)
Dbus/src/applet-init.c (+28/-22)
Dbus/src/applet-marshallers.c (+230/-0)
Dbus/src/applet-marshallers.h (+72/-0)
Dbus/src/applet-struct.h (+4/-5)
Dbus/src/dbus-applet-spec.h (+3/-2)
Dbus/src/dbus-main-spec.h (+3/-2)
Dbus/src/dbus-sub-applet-spec.h (+4/-3)
Dbus/src/dbus_sub_applet_introspectable.xml (+0/-8)
Dbus/src/interface-applet-methods.c (+100/-38)
Dbus/src/interface-applet-object.c (+102/-157)
Dbus/src/interface-applet-object.h (+2/-4)
Dbus/src/interface-applet-signals.c (+52/-102)
Dbus/src/interface-main-methods.c (+42/-11)
Disks/CMakeLists.txt (+3/-0)
Disks/data/CMakeLists.txt (+7/-0)
Disks/data/Disks.conf.in (+187/-0)
Disks/src/CMakeLists.txt (+40/-0)
Disks/src/applet-config.c (+98/-0)
Disks/src/applet-config.h (+31/-0)
Disks/src/applet-disks.c (+264/-0)
Disks/src/applet-disks.h (+29/-0)
Disks/src/applet-init.c (+181/-0)
Disks/src/applet-init.h (+31/-0)
Disks/src/applet-notifications.c (+111/-0)
Disks/src/applet-notifications.h (+35/-0)
Disks/src/applet-struct.h (+84/-0)
Doncky/data/Doncky.conf.in (+11/-5)
Doncky/data/default.xml (+13/-1)
Doncky/src/applet-config.c (+9/-12)
Doncky/src/applet-draw.c (+16/-153)
Doncky/src/applet-init.c (+7/-14)
Doncky/src/applet-notifications.c (+344/-0)
Doncky/src/applet-notifications.h (+2/-1)
Doncky/src/applet-struct.h (+22/-96)
Doncky/src/applet-xml.c (+2/-2)
Folders/data/Folders.conf.in (+16/-8)
Folders/src/applet-config.c (+6/-2)
Folders/src/applet-init.c (+39/-14)
Folders/src/applet-load-icons.c (+15/-6)
Folders/src/applet-notifications.c (+31/-12)
Folders/src/applet-struct.h (+1/-0)
GMenu/data/GMenu.conf.in (+12/-5)
GMenu/src/applet-notifications.c (+13/-9)
GMenu/src/applet-run-dialog.c (+1/-1)
GMenu/src/applet-util.c (+1/-1)
Indicator-applet/CMakeLists.txt (+3/-0)
Indicator-applet/indicator-applet.c (+31/-8)
MeMenu/data/MeMenu.conf.in (+13/-6)
MeMenu/src/CMakeLists.txt (+3/-0)
MeMenu/src/applet-me.c (+7/-9)
MeMenu/src/applet-menu.c (+316/-6)
MeMenu/src/applet-menu.h (+2/-1)
MeMenu/src/dbus-shared-names.h (+1/-0)
Messaging-Menu/data/Messaging-Menu.conf.in (+14/-8)
Messaging-Menu/src/CMakeLists.txt (+3/-0)
Messaging-Menu/src/applet-init.c (+2/-2)
Messaging-Menu/src/applet-menu.c (+152/-20)
Messaging-Menu/src/applet-messaging.c (+3/-3)
Messaging-Menu/src/dbus-data.h (+7/-5)
Network-Monitor/data/Network-Monitor.conf.in (+16/-8)
Network-Monitor/src/applet-config.c (+1/-1)
Network-Monitor/src/applet-draw.c (+1/-1)
Network-Monitor/src/applet-notifications.c (+4/-3)
RSSreader/data/RSSreader.conf.in (+11/-5)
RSSreader/src/applet-draw.c (+1/-0)
RSSreader/src/applet-notifications.c (+22/-12)
RSSreader/src/applet-rss.c (+47/-35)
RSSreader/src/applet-struct.h (+1/-1)
Recent-Events/CMakeLists.txt (+2/-0)
Recent-Events/data/CMakeLists.txt (+10/-0)
Recent-Events/data/Recent-Events.conf.in (+111/-0)
Recent-Events/data/icon.svg (+694/-0)
Recent-Events/src/CMakeLists.txt (+43/-0)
Recent-Events/src/applet-config.c (+50/-0)
Recent-Events/src/applet-config.h (+30/-0)
Recent-Events/src/applet-dialog.c (+478/-0)
Recent-Events/src/applet-dialog.h (+33/-0)
Recent-Events/src/applet-init.c (+83/-0)
Recent-Events/src/applet-init.h (+31/-0)
Recent-Events/src/applet-notifications.c (+174/-0)
Recent-Events/src/applet-notifications.h (+40/-0)
Recent-Events/src/applet-search.c (+464/-0)
Recent-Events/src/applet-search.h (+41/-0)
Recent-Events/src/applet-struct.h (+73/-0)
Remote-Control/CMakeLists.txt (+2/-0)
Remote-Control/data/CMakeLists.txt (+11/-0)
Remote-Control/data/Remote-Control.conf.in (+14/-0)
Remote-Control/data/arrows.svg (+348/-0)
Remote-Control/src/CMakeLists.txt (+40/-0)
Remote-Control/src/applet-config.c (+51/-0)
Remote-Control/src/applet-config.h (+30/-0)
Remote-Control/src/applet-icon-finder.c (+257/-0)
Remote-Control/src/applet-icon-finder.h (+40/-0)
Remote-Control/src/applet-init.c (+66/-0)
Remote-Control/src/applet-init.h (+31/-0)
Remote-Control/src/applet-notifications.c (+480/-0)
Remote-Control/src/applet-notifications.h (+45/-0)
Remote-Control/src/applet-session.c (+150/-0)
Remote-Control/src/applet-session.h (+38/-0)
Remote-Control/src/applet-struct.h (+51/-0)
Scooby-Do/data/CMakeLists.txt (+0/-1)
Scooby-Do/data/Scooby-Do.conf.in (+0/-3)
Scooby-Do/data/arrows.svg (+0/-289)
Scooby-Do/src/applet-appli-finder.h (+0/-2)
Scooby-Do/src/applet-backend-files.c (+4/-4)
Scooby-Do/src/applet-backend-firefox.c (+1/-1)
Scooby-Do/src/applet-backend-recent.c (+3/-3)
Scooby-Do/src/applet-backend-web.c (+2/-2)
Scooby-Do/src/applet-config.c (+0/-9)
Scooby-Do/src/applet-draw.c (+4/-51)
Scooby-Do/src/applet-icon-finder.c (+9/-209)
Scooby-Do/src/applet-icon-finder.h (+0/-1)
Scooby-Do/src/applet-init.c (+17/-18)
Scooby-Do/src/applet-listing.c (+37/-37)
Scooby-Do/src/applet-notifications.c (+85/-364)
Scooby-Do/src/applet-notifications.h (+0/-4)
Scooby-Do/src/applet-search.c (+3/-3)
Scooby-Do/src/applet-session.c (+63/-55)
Scooby-Do/src/applet-session.h (+3/-5)
Scooby-Do/src/applet-struct.h (+2/-33)
Status-Notifier/data/Status-Notifier.conf.in (+13/-7)
Status-Notifier/src/CMakeLists.txt (+3/-3)
Status-Notifier/src/applet-draw.c (+13/-12)
Status-Notifier/src/applet-host.c (+19/-19)
Status-Notifier/src/applet-init.c (+10/-4)
Status-Notifier/src/applet-item.c (+32/-38)
Status-Notifier/src/applet-notifications.c (+7/-8)
System-Monitor/data/System-Monitor.conf.in (+35/-15)
System-Monitor/data/nvidia-config (+1/-1)
System-Monitor/src/CMakeLists.txt (+21/-65)
System-Monitor/src/applet-config.c (+5/-8)
System-Monitor/src/applet-cpusage.c (+21/-5)
System-Monitor/src/applet-cpusage.h (+2/-2)
System-Monitor/src/applet-init.c (+35/-32)
System-Monitor/src/applet-monitor.c (+69/-7)
System-Monitor/src/applet-notifications.c (+41/-44)
System-Monitor/src/applet-nvidia.c (+22/-2)
System-Monitor/src/applet-nvidia.h (+1/-1)
System-Monitor/src/applet-rame.c (+18/-0)
System-Monitor/src/applet-rame.h (+2/-0)
System-Monitor/src/applet-sensors.c (+433/-0)
System-Monitor/src/applet-sensors.h (+39/-0)
System-Monitor/src/applet-struct.h (+23/-3)
Toons/data/Toons.conf.in (+15/-9)
Xgamma/data/Xgamma.conf.in (+16/-8)
Xgamma/src/applet-config.c (+3/-2)
Xgamma/src/applet-notifications.c (+2/-33)
Xgamma/src/applet-struct.h (+3/-2)
Xgamma/src/applet-xgamma.c (+101/-4)
Xgamma/src/applet-xgamma.h (+5/-2)
alsaMixer/data/AlsaMixer.conf.in (+17/-9)
alsaMixer/src/applet-config.c (+4/-4)
alsaMixer/src/applet-mixer.c (+8/-6)
alsaMixer/src/applet-notifications.c (+7/-2)
clock/data/clock.conf.in (+17/-9)
clock/src/CMakeLists.txt (+2/-1)
clock/src/applet-backend-default.c (+34/-6)
clock/src/applet-backend-ical.c (+5/-3)
clock/src/applet-calendar.c (+91/-0)
clock/src/applet-calendar.h (+2/-0)
clock/src/applet-config.c (+4/-3)
clock/src/applet-draw.c (+36/-398)
clock/src/applet-draw.h (+0/-12)
clock/src/applet-init.c (+1/-6)
clock/src/applet-notifications.c (+4/-4)
clock/src/applet-struct.h (+3/-0)
clock/src/applet-timer.c (+507/-0)
clock/src/applet-timer.h (+35/-0)
cmake_modules/FindSensors.cmake (+23/-0)
compiz-icon/data/compiz-icon.conf.in (+16/-8)
compiz-icon/src/applet-load-icon.c (+1/-1)
copyright (+1/-1)
debian/cairo-dock-plug-ins.install (+5/-0)
debian/changelog (+81/-0)
debian/control (+14/-4)
debian/rules (+3/-2)
debian/source/format (+1/-0)
debian/watch (+1/-1)
desklet-rendering/src/rendering-desklet-caroussel.c (+23/-23)
desklet-rendering/src/rendering-desklet-controler.c (+17/-17)
desklet-rendering/src/rendering-desklet-mediaplayer.c (+13/-13)
desklet-rendering/src/rendering-desklet-slide.c (+18/-18)
desklet-rendering/src/rendering-desklet-viewport.c (+19/-19)
desklet-rendering/src/rendering-init.c (+1/-3)
dialog-rendering/data/dialog-rendering.conf.in (+1/-17)
dialog-rendering/src/applet-config.c (+2/-2)
dialog-rendering/src/applet-decorator-3Dplane.c (+15/-1)
dialog-rendering/src/applet-decorator-comics.c (+78/-60)
dialog-rendering/src/applet-decorator-curly.c (+41/-22)
dialog-rendering/src/applet-decorator-modern.c (+1/-1)
dialog-rendering/src/applet-decorator-tooltip.c (+39/-46)
dialog-rendering/src/applet-init.c (+3/-8)
dnd2share/data/dnd2share.conf.in (+17/-7)
dnd2share/src/CMakeLists.txt (+8/-61)
dnd2share/src/applet-backend-codepad.c (+78/-0)
dnd2share/src/applet-backend-codepad.h (+30/-0)
dnd2share/src/applet-backend-dropbox.c (+76/-76)
dnd2share/src/applet-backend-free.c (+46/-46)
dnd2share/src/applet-backend-imagebin.c (+75/-75)
dnd2share/src/applet-backend-imageshack.c (+87/-87)
dnd2share/src/applet-backend-paste-ubuntu.c (+84/-0)
dnd2share/src/applet-backend-paste-ubuntu.h (+30/-0)
dnd2share/src/applet-backend-pastebin-mozilla.c (+91/-0)
dnd2share/src/applet-backend-pastebin-mozilla.h (+30/-0)
dnd2share/src/applet-backend-pastebin.c (+51/-85)
dnd2share/src/applet-backend-pastebin.h (+11/-11)
dnd2share/src/applet-backend-ubuntuone.c (+95/-0)
dnd2share/src/applet-backend-ubuntuone.h (+30/-0)
dnd2share/src/applet-backend-uppix.c (+109/-109)
dnd2share/src/applet-backend-videobin.c (+42/-42)
dnd2share/src/applet-config.c (+1/-0)
dnd2share/src/applet-dnd2share.c (+23/-16)
dnd2share/src/applet-init.c (+13/-4)
dnd2share/src/applet-notifications.c (+3/-3)
dnd2share/src/applet-struct.h (+1/-0)
dock-rendering/data/CMakeLists.txt (+9/-15)
dock-rendering/data/rendering.conf.in (+6/-5)
dock-rendering/src/rendering-3D-plane.c (+58/-58)
dock-rendering/src/rendering-caroussel.c (+24/-24)
dock-rendering/src/rendering-commons.c (+18/-18)
dock-rendering/src/rendering-config.c (+28/-33)
dock-rendering/src/rendering-curve.c (+60/-60)
dock-rendering/src/rendering-diapo-simple.c (+233/-134)
dock-rendering/src/rendering-diapo.c (+2/-2)
dock-rendering/src/rendering-init.c (+29/-10)
dock-rendering/src/rendering-panel.c (+62/-62)
dock-rendering/src/rendering-parabole.c (+10/-9)
dock-rendering/src/rendering-rainbow.c (+27/-27)
drop-indicator/src/applet-init.c (+31/-11)
drop-indicator/src/applet-notifications.c (+5/-3)
dustbin/data/dustbin.conf.in (+15/-7)
dustbin/data/themes/default/CMakeLists.txt (+6/-13)
dustbin/data/themes/default/preview (+545/-0)
dustbin/src/applet-notifications.c (+3/-1)
gnome-integration-old/src/applet-gnome-vfs.c (+1/-1)
gvfs-integration/cairo-dock-gio-vfs.c (+115/-54)
icon-effect/src/applet-config.c (+1/-1)
icon-effect/src/applet-fire.c (+2/-2)
icon-effect/src/applet-firework.c (+4/-5)
icon-effect/src/applet-init.c (+49/-18)
icon-effect/src/applet-notifications.c (+9/-11)
icon-effect/src/applet-rain.c (+2/-2)
icon-effect/src/applet-snow.c (+2/-2)
icon-effect/src/applet-star.c (+2/-2)
icon-effect/src/applet-storm.c (+2/-2)
icon-effect/src/applet-struct.h (+1/-1)
illusion/src/applet-evaporate.c (+6/-6)
illusion/src/applet-init.c (+37/-13)
illusion/src/applet-lightning.c (+3/-2)
illusion/src/applet-notifications.c (+7/-4)
kde-integration/src/applet-vfs.c (+4/-3)
keyboard-indicator/data/keyboard-indicator.conf.in (+15/-8)
keyboard-indicator/src/applet-draw.c (+8/-5)
keyboard-indicator/src/applet-init.c (+4/-2)
keyboard-indicator/src/applet-notifications.c (+7/-1)
keyboard-indicator/src/applet-xklavier.c (+3/-2)
logout/data/CMakeLists.txt (+1/-0)
logout/data/logout.conf.in (+24/-10)
logout/src/applet-config.c (+4/-2)
logout/src/applet-init.c (+8/-2)
logout/src/applet-notifications.c (+117/-16)
logout/src/applet-notifications.h (+5/-2)
logout/src/applet-struct.h (+13/-1)
mail/data/mail.conf.in (+56/-31)
mail/src/cd-mail-applet-accounts.c (+698/-480)
mail/src/cd-mail-applet-accounts.h (+16/-0)
mail/src/cd-mail-applet-config.c (+42/-18)
mail/src/cd-mail-applet-etpan.c (+29/-14)
mail/src/cd-mail-applet-notifications.c (+36/-11)
mail/src/cd-mail-applet-struct.h (+2/-0)
motion-blur/src/applet-init.c (+48/-13)
motion-blur/src/applet-notifications.c (+11/-0)
motion-blur/src/applet-notifications.h (+2/-3)
musicPlayer/data/musicPlayer.conf.in (+16/-8)
musicPlayer/src/applet-banshee.c (+1/-1)
musicPlayer/src/applet-draw.c (+12/-9)
musicPlayer/src/applet-exaile3.c (+1/-1)
musicPlayer/src/applet-init.c (+8/-8)
musicPlayer/src/applet-mpris.c (+16/-18)
musicPlayer/src/applet-notifications.c (+15/-3)
musicPlayer/src/applet-rhythmbox.c (+1/-1)
netspeed/data/netspeed (+1/-1)
netspeed/data/netspeed.conf.in (+15/-7)
netspeed/src/applet-notifications.c (+38/-33)
po/ar.po (+1639/-1331)
po/cairo-dock.pot (+1653/-1457)
po/cs.po (+1713/-1513)
po/de.po (+2167/-1834)
po/el.po (+8450/-0)
po/en.po (+0/-8567)
po/en_GB.po (+8906/-0)
po/es.po (+1968/-1609)
po/et.po (+1821/-1557)
po/eu.po (+7737/-0)
po/fr.po (+1981/-1587)
po/hu.po (+1721/-1541)
po/id.po (+7711/-0)
po/it.po (+2058/-1676)
po/ja.po (+1901/-1562)
po/nl.po (+1986/-1601)
po/pl.po (+7705/-0)
po/pt.po (+1857/-1642)
po/pt_BR.po (+2090/-1715)
po/ru.po (+1979/-1590)
po/sk.po (+1862/-1566)
po/sr.po (+1666/-1295)
po/sv.po (+1748/-1536)
po/tr.po (+1693/-1506)
po/uk.po (+1995/-1607)
po/zh_CN.po (+2332/-1943)
po/zh_TW.po (+1911/-1562)
powermanager/data/powermanager.conf.in (+16/-9)
powermanager/src/powermanager-config.c (+0/-2)
powermanager/src/powermanager-dbus.c (+6/-6)
powermanager/src/powermanager-draw.c (+2/-2)
powermanager/src/powermanager-struct.h (+0/-2)
quick-browser/data/quick-browser.conf.in (+12/-6)
quick-browser/src/applet-init.c (+0/-1)
quick-browser/src/applet-menu.c (+1/-1)
quick-browser/src/applet-notifications.c (+10/-1)
shortcuts/data/shortcuts.conf.in (+12/-5)
shortcuts/src/applet-bookmarks.c (+7/-7)
shortcuts/src/applet-disk-usage.c (+2/-2)
shortcuts/src/applet-drives.c (+14/-14)
shortcuts/src/applet-init.c (+11/-3)
shortcuts/src/applet-load-icons.c (+15/-11)
shortcuts/src/applet-notifications.c (+17/-8)
show-mouse/data/show_mouse.conf.in (+2/-2)
show-mouse/src/applet-init.c (+16/-16)
show-mouse/src/applet-notifications.c (+3/-2)
showDesktop/data/showDesktop.conf.in (+12/-8)
showDesktop/src/applet-init.c (+4/-2)
showDesktop/src/applet-notifications.c (+36/-2)
slider/data/slider.conf.in (+49/-16)
slider/src/applet-config.c (+13/-5)
slider/src/applet-init.c (+66/-30)
slider/src/applet-notifications.c (+161/-55)
slider/src/applet-notifications.h (+2/-1)
slider/src/applet-slider.c (+96/-48)
slider/src/applet-slider.h (+1/-0)
slider/src/applet-struct.h (+16/-3)
slider/src/applet-transitions.c (+82/-22)
slider/src/applet-transitions.h (+2/-0)
stack/data/stack.conf.in (+12/-5)
stack/src/applet-init.c (+7/-2)
stack/src/applet-load-icons.c (+44/-6)
stack/src/applet-notifications.c (+5/-2)
stack/src/applet-stack.c (+206/-0)
stack/src/applet-struct.h (+11/-0)
switcher/data/switcher.conf.in (+13/-6)
switcher/src/applet-desktops.c (+24/-32)
switcher/src/applet-draw.c (+60/-55)
switcher/src/applet-init.c (+45/-31)
switcher/src/applet-notifications.c (+34/-20)
switcher/src/applet-struct.h (+9/-2)
systray/data/systray.conf.in (+12/-5)
systray/src/systray-init.c (+3/-4)
template/data/template.conf.in (+11/-5)
terminal/data/terminal.conf.in (+12/-5)
terminal/src/terminal-init.c (+1/-1)
terminal/src/terminal-widget.c (+73/-22)
tomboy/data/tomboy.conf.in (+13/-6)
tomboy/src/tomboy-dbus.c (+12/-3)
tomboy/src/tomboy-init.c (+8/-2)
tomboy/src/tomboy-notifications.c (+18/-4)
weather/data/themes/Classic/readme (+2/-1)
weather/data/weather.conf.in (+13/-5)
weather/src/applet-config.c (+38/-17)
weather/src/applet-init.c (+2/-0)
weather/src/applet-load-icons.c (+11/-2)
weather/src/applet-notifications.c (+69/-31)
weather/src/applet-notifications.h (+2/-3)
weather/src/applet-struct.h (+3/-1)
weblets/data/weblets.conf.in (+12/-5)
weblets/src/applet-notifications.c (+1/-1)
wifi/data/wifi.conf.in (+15/-7)
wifi/src/applet-notifications.c (+5/-9)
xfce-integration/src/applet-thunar-vfs.c (+2/-2)
xfce-integration/src/applet-utils.c (+1/-1)
lp:ubuntu/maverick/cairo-dock-plug-ins
Revision history for this message
Fabounet (fabounet03) wrote : Re: [Cairo-dock-team] [Bug 526138] [NEW] GMenu does not handle desktop file exec strings properly
Download full text (3.4 KiB)

Hi,
thanks for the information.
Do you know what %c, %i and %m are for ?
When we click on the menu entry, shouldn't we expect the program to just
launch itself, without taking any argument ?

2010/2/23 Tristan Moody <email address hidden>

> Public bug reported:
>
> Using GMenu plugin on cairo-dock-2.1.2.4 on Fedora 12:
>
> Applications in the main menu whose .desktop file exec string contains
> quotes (single or double) don't get launched.
>
> Example: Launching the application Kst from GMenu
> exec=kst -caption "%c" %i %m
>
> cairo-dock -l debug output:
> debug : (cairo-dock-callbacks.c:cairo_dock_launch_command_full:955)
> cairo_dock_launch_command_full (kst -caption " , (null))
> sh: -c: line 0: unexpected EOF while looking for matching `"'
> sh: -c: line 1: syntax error: unexpected end of file
>
> by the time the exec string gets to cairo_dock_launch_command_full, any
> text appearing after quotes is truncated, causing the program to fail to
> launch.
>
> workaround: modify .desktop files to remove quotes from exec strings
>
> suggestion: GMenu/applet-utils.c:89 --> change g_key_file_get_string to
> g_key_file_get_value
>
> Thoughts? Does this open up any security issues?
>
> Reasoning:
> g_key_file_parse_value_as_string, as called by g_key_file_get_string takes
> the result of g_key_file_get_value and processes some escape sequences.
> However, it does not, for some reason, handle escapes such as \' and \",
> which mangles the exec string, causing the program not to launch.
>
> ** Affects: cairo-dock-core
> Importance: Undecided
> Status: New
>
> --
> GMenu does not handle desktop file exec strings properly
> https://bugs.launchpad.net/bugs/526138
> You received this bug notification because you are a member of Cairo-
> Dock Team, which is subscribed to Cairo-Dock Core.
>
> Status in Cairo-Dock : Core: New
>
> Bug description:
> Using GMenu plugin on cairo-dock-2.1.2.4 on Fedora 12:
>
> Applications in the main menu whose .desktop file exec string contains
> quotes (single or double) don't get launched.
>
> Example: Launching the application Kst from GMenu
> exec=kst -caption "%c" %i %m
>
> cairo-dock -l debug output:
> debug : (cairo-dock-callbacks.c:cairo_dock_launch_command_full:955)
> cairo_dock_launch_command_full (kst -caption " , (null))
> sh: -c: line 0: unexpected EOF while looking for matching `"'
> sh: -c: line 1: syntax error: unexpected end of file
>
> by the time the exec string gets to cairo_dock_launch_command_full, any
> text appearing after quotes is truncated, causing the program to fail to
> launch.
>
> workaround: modify .desktop files to remove quotes from exec strings
>
> suggestion: GMenu/applet-utils.c:89 --> change g_key_file_get_string to
> g_key_file_get_value
>
> Thoughts? Does this open up any security issues?
>
> Reasoning:
> g_key_file_parse_value_as_string, as called by g_key_file_get_string takes
> the result of g_key_file_get_value and processes some escape sequences.
> However, it does not, for some reason, handle escapes such as \' and \",
> which mangles the exec string, causing the program not to launch.
>
>
>
> _______________________________________________
> Mailing list: https:...

Read more...

Revision history for this message
Tristan Moody (tmoody) wrote :

The arguments have to do with the window decorator and are found in most KDE launchers.

Per http://standards.freedesktop.org/desktop-entry-spec/latest/ ...
%c expands to the Name key appropriate to the localization. Starting an app with the argument -caption "<thecaption>" tells the window decorator to replace the default window title with <thecaption>.

%i expands to the icon key, and %m is deprecated, but used to refer to the miniicon key.

Now, as to why g_key_file_get_string doesn't handle quotes properly, I really don't know why. My guess is it is a bug in that library, as I can't think of a reason for that to be deliberate, but running through a gdb session using ..._get_value instead seems to solve the problem.

Revision history for this message
Tristan Moody (tmoody) wrote :

Actually....

looking further into the Desktop file spec: http://standards.freedesktop.org/desktop-entry-spec/latest/ar01s06.html

>>>Quoting must be done by enclosing the argument between double quotes and escaping the double quote character, backtick character ("`"), dollar sign ("$") and backslash character ("\") by preceding it with an additional backslash character. Implementations must undo quoting before expanding field codes and before passing the argument to the executable program. Reserved characters are space (" "), tab, newline, double quote, single quote ("'"), backslash character ("\"), greater-than sign (">"), less-than sign ("<"), tilde ("~"), vertical bar ("|"), ampersand ("&"), semicolon (";"), dollar sign ("$"), asterisk ("*"), question mark ("?"), hash mark ("#"), parenthesis ("(") and (")") and backtick character ("`"). <<<

-----------------------

Double checking, when quotes are replaced by escaped quotes, the application opens normally. So technically, I suppose GMenu does in fact follow the spec properly. Interestingly, the menu associated with gnome-panel does not care whether quotes are properly escaped, so strictly speaking, the bug is in the gnome-panel menu and in the installation files for the applications that use the quotes improperly. However, it does not get noticed except when a program actually adheres to the spec, so the "bug" here is actually a strict adherence to the freedesktop spec.

I will look further into gnome-panel and file a report with gnome if necessary.

Revision history for this message
Fabounet (fabounet03) wrote :

ok thanks for you help !
well if g_key_file_get_string doesn't do its job but g_key_file_get_value does, I see no objection to use it.
So if you confirm that everything works fine this way, I'll make the replacement.

Revision history for this message
Tristan Moody (tmoody) wrote :

Ok, so using a rebuilt version that uses ..._get_value:

cCommand now fills with the entire command value, BUT...
in _launch_from_file:
107 if (cCommand != NULL)
108 {
109 gchar *str = strchr (cCommand, '%');
110 if (str != NULL)
111 *str = '\0';

This sequence truncates the string "kst -caption \"%c\" %i %m" to just "kst -caption \"".
Since there is no code to handle the freedesktop field codes, the function cairo_dock_launch_command_full() is fed an invalid command that chokes with a "no EOF" error when fed to system(). So, long story short, using g_key_file_get_value is a step in the right direction, but we're not there yet.

I did compare it to the gnome-panel code that performs the equivalent task, and gnome-panel handles the launchers in a completely different way. I think I can come up with a patch for this function that will get the right functionality in there without too big a change--only adding a few lines to applet-util.c to handle the various freedesktop field codes.

I'll let you know what I come up with.

Revision history for this message
Tristan Moody (tmoody) wrote :

Ok, I modified applet-util.c to parse the field codes and am attaching it to this post. It seems to work for me. Let me know what you think.

Tristan

Revision history for this message
Fabounet (fabounet03) wrote :

Thanks a lot, the patch is applied now.

Changed in cairo-dock-core:
status: New → Fix Committed
Matthieu Baerts (matttbe)
Changed in cairo-dock-core:
status: Fix Committed → Fix Released
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.