mirror of
https://github.com/debauchee/barrier.git
synced 2026-07-03 10:26:48 +08:00
fixed: exploit, \Program.exe is launched instead of synergy binaries.
This commit is contained in:
@@ -485,6 +485,9 @@ bool MainWindow::clientArgs(QStringList& args, QString& app)
|
||||
return false;
|
||||
}
|
||||
|
||||
// wrap in quotes so a malicious user can't start \Program.exe as admin.
|
||||
app = QString("\"%1\"").arg(app);
|
||||
|
||||
if (m_pLineEditHostname->text().isEmpty())
|
||||
{
|
||||
show();
|
||||
@@ -560,6 +563,9 @@ bool MainWindow::serverArgs(QStringList& args, QString& app)
|
||||
return false;
|
||||
}
|
||||
|
||||
// wrap in quotes so a malicious user can't start \Program.exe as admin.
|
||||
app = QString("\"%1\"").arg(app);
|
||||
|
||||
if (appConfig().logToFile())
|
||||
{
|
||||
appConfig().persistLogDir();
|
||||
|
||||
Reference in New Issue
Block a user