don't run the help browser from a property that a user could have

changed to something evil, but rather make sure that the browser string can be trusted. (TODO: change system() to vfork()/execvp() ?)
2008-07-09 19:35:53 +00:00 · 2008-07-09 19:35:53 +00:00 · 1ace68e836
commit 1ace68e836
parent 1b062a1cf0
3 changed files with 13 additions and 9 deletions
--- a/src/GUI/gui_funcs.cxx
+++ b/src/GUI/gui_funcs.cxx
@ -101,9 +101,6 @@ extern void fgUpdateHUD( GLfloat x_start, GLfloat y_start,


 const __fg_gui_fn_t __fg_gui_fn[] = {
-
-        // File
-        {"reInit", reInit},
 #ifdef TR_HIRES_SNAP
        {"dumpHiResSnapShot", fgHiResDumpWrapper},
 #endif
@ -214,13 +211,13 @@ void helpCb ()
 	
 #if !defined(WIN32)

-    string help_app = fgGetString("/sim/startup/browser-app");
+    command = globals->get_browser();
+    string::size_type pos;
+    if ((pos = command.find("%u", 0)) != string::npos)
+        command.replace(pos, 2, path.str());
+    else
+        command += " " + path.str();

-    if ( system("xwininfo -name Netscape > /dev/null 2>&1") == 0 ) {
-        command = help_app + " -remote \"openURL(" + path.str() + ")\"";
-    } else {
-        command = help_app + " " + path.str();
-    }
    command += " &";
    system( command.c_str() );

--- a/src/Main/fg_init.cxx
+++ b/src/Main/fg_init.cxx
@ -1390,6 +1390,8 @@ bool fgInitGeneral() {
    }
    SG_LOG( SG_GENERAL, SG_INFO, "FG_ROOT = " << '"' << root << '"' << endl );

+    globals->set_browser(fgGetString("/sim/startup/browser-app", "firefox %u"));
+
 #if defined(FX) && defined(XMESA)
    // initialize full screen flag
    globals->set_fullscreen(false);
--- a/src/Main/globals.hxx
+++ b/src/Main/globals.hxx
@ -116,6 +116,8 @@ private:
    // Roots of FlightGear scenery tree
    string_list fg_scenery;

+    string browser;
+
    // Fullscreen mode for old 3DFX cards.
 #if defined(FX) && defined(XMESA)
    bool fullscreen;
@ -238,6 +240,9 @@ public:
    inline const string_list &get_fg_scenery () const { return fg_scenery; }
    void set_fg_scenery (const string &scenery);

+    inline const string &get_browser () const { return browser; }
+    void set_browser (const string &b) { browser = b; }
+
 #if defined(FX) && defined(XMESA)
    inline bool get_fullscreen() const { return fullscreen; }
    inline bool set_fullscreen( bool f ) { fullscreen = f; }