[vlc-commits] qt: playlist_controller: Ensure the path points to a directory

[Lukas Euler]

vlc/vlc-3.0 | branch: master | Lukas Euler <lukas at positive.security> | Fri Feb 12 11:55:14 2021 +0100| [7e92daadfa0723d1b423d2caeee6929bb6880374] | committer: Hugo Beauzée-Luyssen

qt: playlist_controller: Ensure the path points to a directory

Not doing so could end up opening a file with the default application
associated with it, instead of opening a folder, leading to a potential
remote code execution.

Reported-by: Fabian Bräunlein <fabian at positive.security>
Reported-by: Lukas Euler <lukas at positive.security>
Signed-off-by: Hugo Beauzée-Luyssen <hugo at beauzee.fr>

> http://git.videolan.org/gitweb.cgi/vlc/vlc-3.0.git/?a=commit;h=7e92daadfa0723d1b423d2caeee6929bb6880374
---

 modules/gui/qt/components/playlist/standardpanel.cpp | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/modules/gui/qt/components/playlist/standardpanel.cpp b/modules/gui/qt/components/playlist/standardpanel.cpp
index 3d6fe6e6a8..6e7ba66cca 100644
--- a/modules/gui/qt/components/playlist/standardpanel.cpp
+++ b/modules/gui/qt/components/playlist/standardpanel.cpp
@@ -322,8 +322,10 @@ void StandardPLPanel::popupAction( QAction *action )
         temp = model->getURI( index );
         if( ! temp.isEmpty() ) path = vlc_uri2path( temp.toLatin1().constData() );
         if( path == NULL ) return;
+        temp = QFileInfo( qfu( path ) ).absolutePath();
+        if( !QFileInfo( temp ).isDir() ) return;
         QDesktopServices::openUrl(
-                    QUrl::fromLocalFile( QFileInfo( qfu( path ) ).absolutePath() ) );
+                    QUrl::fromLocalFile( temp ) );
         free( path );
         break;