fix(security): use promise queue for steam pipe (#300)
this prevents an (unlikely) race condition where writing multiple large payloads to the pipe simultaneously could lead to jambled data => argument injection
This commit is contained in:
parent
1429815fd1
commit
dfc6970756
1 changed files with 12 additions and 8 deletions
|
@ -17,6 +17,8 @@ const layoutVersion = 2;
|
||||||
const layoutId = "3080264545"; // Vesktop Layout v2
|
const layoutId = "3080264545"; // Vesktop Layout v2
|
||||||
const numberRegex = /^[0-9]*$/;
|
const numberRegex = /^[0-9]*$/;
|
||||||
|
|
||||||
|
let steamPipeQueue = Promise.resolve();
|
||||||
|
|
||||||
export const isDeckGameMode = process.env.SteamOS === "1" && process.env.SteamGamepadUI === "1";
|
export const isDeckGameMode = process.env.SteamOS === "1" && process.env.SteamGamepadUI === "1";
|
||||||
|
|
||||||
export function applyDeckKeyboardFix() {
|
export function applyDeckKeyboardFix() {
|
||||||
|
@ -39,18 +41,20 @@ function getAppId(): string | null {
|
||||||
return null;
|
return null;
|
||||||
}
|
}
|
||||||
|
|
||||||
export async function execSteamURL(url: string): Promise<void> {
|
export function execSteamURL(url: string) {
|
||||||
// This doesn't allow arbitrary execution despite the weird syntax.
|
// This doesn't allow arbitrary execution despite the weird syntax.
|
||||||
await writeFile(
|
steamPipeQueue = steamPipeQueue.then(() =>
|
||||||
join(process.env.HOME || "/home/deck", ".steam", "steam.pipe"),
|
writeFile(
|
||||||
// replace ' to prevent argument injection
|
join(process.env.HOME || "/home/deck", ".steam", "steam.pipe"),
|
||||||
`'${process.env.HOME}/.local/share/Steam/ubuntu12_32/steam' '-ifrunning' '${url.replaceAll("'", "%27")}'\n`,
|
// replace ' to prevent argument injection
|
||||||
"utf-8"
|
`'${process.env.HOME}/.local/share/Steam/ubuntu12_32/steam' '-ifrunning' '${url.replaceAll("'", "%27")}'\n`,
|
||||||
|
"utf-8"
|
||||||
|
)
|
||||||
);
|
);
|
||||||
}
|
}
|
||||||
|
|
||||||
export async function steamOpenURL(url: string) {
|
export function steamOpenURL(url: string) {
|
||||||
await execSteamURL(`steam://openurl/${url}`);
|
execSteamURL(`steam://openurl/${url}`);
|
||||||
}
|
}
|
||||||
|
|
||||||
export async function showGamePage() {
|
export async function showGamePage() {
|
||||||
|
|
Loading…
Reference in a new issue