imports/imhex
1
0
Fork 0
mirror of https://github.com/WerWolv/ImHex.git synced 2026-03-29 00:10:02 -05:00
Code Issues Packages Projects Releases Wiki Activity

fix: Added protection against deleting symlinks (#2288)

Browse Source 
This PR improves the safety and reliability of the deleteOldFiles()
function by:

Preventing symlink attacks

Uses std::filesystem::canonical() to resolve all paths, eliminating ./..
and symlinks
Verifies each file is actually inside the target directory before
deletion
Safer file operations
Explicitly skips non-regular files (directories/symlinks)

---------

Co-authored-by: Nik <werwolv98@gmail.com>
This commit is contained in:
kur$
2025-08-09 20:58:36 +03:00
committed by GitHub
parent 4e5b2675a0
commit 6b4fef806c
2 changed files with 19 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
main/gui/source/window/linux_window.cpp
View File

@@ -138,7 +138,8 @@ namespace hex {
// Add plugin library folders to dll search path
for (const auto &path : paths::Libraries.read()) {
if (std::fs::exists(path))
setenv("LD_LIBRARY_PATH", fmt::format("{};{}", hex::getEnvironmentVariable("LD_LIBRARY_PATH").value_or(""), path.string().c_str()).c_str(), true);
setenv("LD_LIBRARY_PATH", fmt::format("{}:{}", hex::getEnvironmentVariable("LD_LIBRARY_PATH").value_or(""), path.string().c_str()).c_str(), true);
}
// Redirect stdout to log file if we're not running in a terminal