[Bf-blender-cvs] SVN commit: /data/svn/bf-blender [53739] trunk/blender/source/blender/ blenkernel/intern/packedFile.c: Security fix:
Ton Roosendaal
ton at blender.org
Sat Jan 12 12:59:24 CET 2013
Revision: 53739
http://projects.blender.org/scm/viewvc.php?view=rev&root=bf-blender&revision=53739
Author: ton
Date: 2013-01-12 11:59:22 +0000 (Sat, 12 Jan 2013)
Log Message:
-----------
Security fix:
"Pack Blender Libraries" now first does a check if the .blend files are all used
with relative paths. This to prevent bad things happen on unpacking.
Modified Paths:
--------------
trunk/blender/source/blender/blenkernel/intern/packedFile.c
Modified: trunk/blender/source/blender/blenkernel/intern/packedFile.c
===================================================================
--- trunk/blender/source/blender/blenkernel/intern/packedFile.c 2013-01-12 11:00:27 UTC (rev 53738)
+++ trunk/blender/source/blender/blenkernel/intern/packedFile.c 2013-01-12 11:59:22 UTC (rev 53739)
@@ -553,7 +553,7 @@
if (newname != NULL) {
ret_value = RET_OK;
- printf("Saved .blend library: %s\n", newname);
+ printf("Unpacked .blend library: %s\n", newname);
freePackedFile(lib->packedfile);
lib->packedfile = NULL;
@@ -570,7 +570,17 @@
{
Library *lib;
+ /* test for relativenss */
for (lib = bmain->library.first; lib; lib = lib->id.next)
+ if (0 == BLI_path_is_rel(lib->name))
+ break;
+
+ if (lib) {
+ BKE_reportf(reports, RPT_ERROR, "Cannot pack absolute file: '%s'", lib->name);
+ return;
+ }
+
+ for (lib = bmain->library.first; lib; lib = lib->id.next)
if (lib->packedfile == NULL)
lib->packedfile = newPackedFile(reports, lib->name, bmain->name);
}
More information about the Bf-blender-cvs
mailing list