jessikitty/jadx
1
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity

Prevents command injections when opening links

Browse Source
This commit is contained in:
Sergey Toshin
2018-04-07 22:28:58 +03:00
committed by Skylot
parent 2e5d73a7e4
commit d5cfdfb50d
1 changed files with 9 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files
jadx-gui/src/main/java/jadx/gui/utils/Link.java
+9 -3
View File
@@ -66,16 +66,22 @@ public class Link extends JLabel implements MouseListener {
try {
String os = System.getProperty("os.name").toLowerCase();
if (os.contains("win")) {
Runtime.getRuntime().exec("rundll32 url.dll,FileProtocolHandler " + url);
new ProcessBuilder()
.command(new String[] {"rundll32", "url.dll,FileProtocolHandler", url})
.start();
return;
}
if (os.contains("mac")) {
Runtime.getRuntime().exec("open " + url);
new ProcessBuilder()
.command(new String[] {"open", url})
.start();
return;
}
Map<String, String> env = System.getenv();
if (env.get("BROWSER") != null) {
Runtime.getRuntime().exec(env.get("BROWSER") + " " + url);
new ProcessBuilder()
.command(new String[] {env.get("BROWSER"), url})
.start();
return;
}
} catch (Exception e) {