Address bug #10741

(filter executables and prevent them from going on addon server)
2008-01-11 21:32:41 +00:00 · 2008-01-11 21:32:41 +00:00 · c5e9d097a8
commit c5e9d097a8
parent a09812165e
2 changed files with 14 additions and 1 deletions
--- a/data/tools/wesnoth/campaignserver_client.py
+++ b/data/tools/wesnoth/campaignserver_client.py
@ -314,7 +314,9 @@ class CampaignClient:
            for fn in glob.glob(path + "/*"):
                if os.path.isdir(fn):
                    sub = put_dir(os.path.basename(fn), fn)
-                elif fn.endswith("~") or fn.endswith("-bak") or ".pbl" in fn:
+                elif fn.endswith("~") or fn.endswith("-bak") or \
+                     ".pbl" in fn or ".exe" in fn or ".com" in fn or \
+                     ".bat" in fn or ".scr" in fn or ".sh":
                    continue
                else:
                    sub = put_file(os.path.basename(fn), file(fn))
--- a/src/publish_campaign.cpp
+++ b/src/publish_campaign.cpp
@ -181,6 +181,17 @@ static std::pair<std::vector<std::string>, std::vector<std::string> > read_ignor
 		patterns.first.push_back("*-bak");
 		patterns.first.push_back("*.pbl");
 		patterns.first.push_back("*.ign");
+		/* 
+		 * Prevent certain potential security compromises.
+		 * The idea is to stop bad guys from uploading things
+		 * that could become trojans if an unsuspoecting user 
+		 * downloads them.
+		 */
+		patterns.first.push_back("*.exe");
+		patterns.first.push_back("*.bat");
+		patterns.first.push_back("*.com");
+		patterns.first.push_back("*.scr");
+		patterns.first.push_back("*.sh");
 		return patterns;
 	}
 	std::istream *stream = istream_file(ign_file);