devproje/project-client
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

fix(security): use promise queue for steam pipe (#300)

Browse source 
this prevents an (unlikely) race condition where writing multiple large payloads to the pipe simultaneously could lead to jambled data => argument injection
This commit is contained in:
Lewis Crichton 2023-12-28 00:38:31 +00:00 committed by GitHub
parent 1429815fd1
commit dfc6970756
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
1 changed files with 12 additions and 8 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

12
src/main/utils/steamOS.ts
View file

@ -17,6 +17,8 @@ const layoutVersion = 2;
const layoutId = "3080264545"; // Vesktop Layout v2 const layoutId = "3080264545"; // Vesktop Layout v2
const numberRegex = /^[0-9]*$/; const numberRegex = /^[0-9]*$/;
let steamPipeQueue = Promise.resolve();
export const isDeckGameMode = process.env.SteamOS === "1" && process.env.SteamGamepadUI === "1"; export const isDeckGameMode = process.env.SteamOS === "1" && process.env.SteamGamepadUI === "1";
export function applyDeckKeyboardFix() { export function applyDeckKeyboardFix() {
@ -39,18 +41,20 @@ function getAppId(): string | null {
return null; return null;
} }
export async function execSteamURL(url: string): Promise<void> { export function execSteamURL(url: string) {
// This doesn't allow arbitrary execution despite the weird syntax. // This doesn't allow arbitrary execution despite the weird syntax.
await writeFile( steamPipeQueue = steamPipeQueue.then(() =>
writeFile(
join(process.env.HOME || "/home/deck", ".steam", "steam.pipe"), join(process.env.HOME || "/home/deck", ".steam", "steam.pipe"),
// replace ' to prevent argument injection // replace ' to prevent argument injection
`'${process.env.HOME}/.local/share/Steam/ubuntu12_32/steam' '-ifrunning' '${url.replaceAll("'", "%27")}'\n`, `'${process.env.HOME}/.local/share/Steam/ubuntu12_32/steam' '-ifrunning' '${url.replaceAll("'", "%27")}'\n`,
"utf-8" "utf-8"
)
); );
} }
export async function steamOpenURL(url: string) { export function steamOpenURL(url: string) {
await execSteamURL(`steam://openurl/${url}`); execSteamURL(`steam://openurl/${url}`);
} }
export async function showGamePage() { export async function showGamePage() {