From 79da3393ee2fe7d5ad4d914a28c9ad5b91833280 Mon Sep 17 00:00:00 2001
From: Joey Hess <joey@gnu.kitenet.net>
Date: Sun, 30 Aug 2009 15:08:13 -0400
Subject: [PATCH] teximg: Make TeX handle preventing unsafe things; remove
 insufficient blacklist

TeX has configuration options that prevent unsafe things like shell
escapes and insecure file reads/writes.  Turn all of them on.

teximg's regex-based blacklist does not suffice.  For instance:

[[!teximg code="""
\catcode`\%=0
%input{/etc/passwd}
"""]]

Remove the blacklist, since the TeX configuration options seal off the
underlying mechanisms more safely, and the blacklist blocks other TeX
commands that can prove useful.
(cherry picked from commit 9f75d3b1f3c43820cff9ce554601f64c60d72b14)

Conflicts:

	IkiWiki/Plugin/teximg.pm
	debian/changelog
---
 IkiWiki/Plugin/teximg.pm | 40 ++--------------------------------------
 debian/changelog         |  2 ++
 2 files changed, 4 insertions(+), 38 deletions(-)

diff --git a/IkiWiki/Plugin/teximg.pm b/IkiWiki/Plugin/teximg.pm
index 8c3e88c69..90bf615d9 100644
--- a/IkiWiki/Plugin/teximg.pm
+++ b/IkiWiki/Plugin/teximg.pm
@@ -29,13 +29,7 @@ sub preprocess (@) { #{{{
 	if (! defined $code && ! length $code) {
 		return "[[teximg ".gettext("missing tex code"). "]]";
 	}
-
-	if (check($code)) {
-		return create($code, check_height($height), \%params);
-	}
-	else {
-		return "[[teximg ".gettext("code includes disallowed latex commands"). "]]";
-	}
+	return create($code, check_height($height), \%params);
 } #}}}
 
 sub check_height ($) { #{{{
@@ -110,7 +104,7 @@ sub gen_image ($$$$) { #{{{
 	my $tmp = eval { create_tmp_dir($digest) };
 	if (! $@ &&
 	    writefile("$digest.tex", $tmp, $tex) &&
-	    system("cd $tmp; latex --interaction=nonstopmode $tmp/$digest.tex > /dev/null") == 0 &&
+	    system("cd $tmp; shell_escape=f openout_any=p openin_any=p latex --interaction=nonstopmode $digest.tex < /dev/null > /dev/null") == 0 &&
 	    system("dvips -E $tmp/$digest.dvi -o $tmp/$digest.ps 2> $tmp/$digest.log") == 0 &&
 	    # ensure destination directory exists
 	    writefile("$imagedir/$digest.png", $config{destdir}, "") &&
@@ -142,34 +136,4 @@ sub create_tmp_dir ($) { #{{{
 	return $tmpdir;
 } #}}}
 
-sub check ($) { #{{{
-	# Check if the code is ok
-	my $code = shift;
-
-	my @badthings = (
-		qr/\$\$/,
-		qr/\\include/,
-		qr/\\includegraphic/,
-		qr/\\usepackage/,
-		qr/\\newcommand/, 
-		qr/\\renewcommand/,
-		qr/\\def/,
-		qr/\\input/,
-		qr/\\open/,
-		qr/\\loop/,
-		qr/\\errorstopmode/,
-		qr/\\scrollmode/,
-		qr/\\batchmode/,
-		qr/\\read/,
-		qr/\\write/,
-	);
-	
-	foreach my $thing (@badthings) {
-		if ($code =~ m/$thing/ ) {
-			return 0;
-		}
-	}
-	return 1;
-} #}}}
-
 1
diff --git a/debian/changelog b/debian/changelog
index 72650f199..fdbcfd7f4 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,5 +1,7 @@
 ikiwiki (2.53.4) UNRELEASED; urgency=low
 
+  * teximg: Replace the insufficient blacklist with the built-in security
+    mechanisms of TeX.
   * img: Don't generate new verison of image if it is scaled to be
     larger in either dimension. 
 
-- 
2.39.2