From: Joey Hess Date: Sun, 30 Aug 2009 19:08:13 +0000 (-0400) Subject: teximg: Make TeX handle preventing unsafe things; remove insufficient blacklist X-Git-Tag: 2.53.4~2 X-Git-Url: http://git.vanrenterghem.biz/git.ikiwiki.info.git/commitdiff_plain/79da3393ee2fe7d5ad4d914a28c9ad5b91833280 teximg: Make TeX handle preventing unsafe things; remove insufficient blacklist TeX has configuration options that prevent unsafe things like shell escapes and insecure file reads/writes. Turn all of them on. teximg's regex-based blacklist does not suffice. For instance: [[!teximg code=""" \catcode`\%=0 %input{/etc/passwd} """]] Remove the blacklist, since the TeX configuration options seal off the underlying mechanisms more safely, and the blacklist blocks other TeX commands that can prove useful. (cherry picked from commit 9f75d3b1f3c43820cff9ce554601f64c60d72b14) Conflicts: IkiWiki/Plugin/teximg.pm debian/changelog --- diff --git a/IkiWiki/Plugin/teximg.pm b/IkiWiki/Plugin/teximg.pm index 8c3e88c69..90bf615d9 100644 --- a/IkiWiki/Plugin/teximg.pm +++ b/IkiWiki/Plugin/teximg.pm @@ -29,13 +29,7 @@ sub preprocess (@) { #{{{ if (! defined $code && ! length $code) { return "[[teximg ".gettext("missing tex code"). "]]"; } - - if (check($code)) { - return create($code, check_height($height), \%params); - } - else { - return "[[teximg ".gettext("code includes disallowed latex commands"). "]]"; - } + return create($code, check_height($height), \%params); } #}}} sub check_height ($) { #{{{ @@ -110,7 +104,7 @@ sub gen_image ($$$$) { #{{{ my $tmp = eval { create_tmp_dir($digest) }; if (! $@ && writefile("$digest.tex", $tmp, $tex) && - system("cd $tmp; latex --interaction=nonstopmode $tmp/$digest.tex > /dev/null") == 0 && + system("cd $tmp; shell_escape=f openout_any=p openin_any=p latex --interaction=nonstopmode $digest.tex < /dev/null > /dev/null") == 0 && system("dvips -E $tmp/$digest.dvi -o $tmp/$digest.ps 2> $tmp/$digest.log") == 0 && # ensure destination directory exists writefile("$imagedir/$digest.png", $config{destdir}, "") && @@ -142,34 +136,4 @@ sub create_tmp_dir ($) { #{{{ return $tmpdir; } #}}} -sub check ($) { #{{{ - # Check if the code is ok - my $code = shift; - - my @badthings = ( - qr/\$\$/, - qr/\\include/, - qr/\\includegraphic/, - qr/\\usepackage/, - qr/\\newcommand/, - qr/\\renewcommand/, - qr/\\def/, - qr/\\input/, - qr/\\open/, - qr/\\loop/, - qr/\\errorstopmode/, - qr/\\scrollmode/, - qr/\\batchmode/, - qr/\\read/, - qr/\\write/, - ); - - foreach my $thing (@badthings) { - if ($code =~ m/$thing/ ) { - return 0; - } - } - return 1; -} #}}} - 1 diff --git a/debian/changelog b/debian/changelog index 72650f199..fdbcfd7f4 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,5 +1,7 @@ ikiwiki (2.53.4) UNRELEASED; urgency=low + * teximg: Replace the insufficient blacklist with the built-in security + mechanisms of TeX. * img: Don't generate new verison of image if it is scaled to be larger in either dimension.