Refuse non-string parameters to Polkit.spawn()

Using integers or floating-point numbers could have resulted in a crash.

Use JSVAL_IS_STRING() instead of implicit conversion through
JS_ValueToString(); hopefully this will nudge the rule writer toward
thinking more about the string conversion and the format of the
resulting string.

https://bugs.freedesktop.org/show_bug.cgi?id=63575

diff --git a/src/polkitbackend/polkitbackendjsauthority.c b/src/polkitbackend/polkitbackendjsauthority.c
index 0dd95481f9dd950aa2a0f005c035f1f9c536add5..bc2fe22714f89104bcc549a0e8ed1b8991fd27e2 100644 (file)
--- a/src/polkitbackend/polkitbackendjsauthority.c
+++ b/src/polkitbackend/polkitbackendjsauthority.c
@@ -1357,6 +1357,12 @@ js_polkit_spawn (JSContext  *cx,
           JS_ReportError (cx, "Failed to get element %d", n);
           goto out;
         }
+      if (!JSVAL_IS_STRING (elem_val))
+       {
+          JS_ReportError (cx, "Element %d is not a string", n);
+          goto out;
+       }
+      s = JS_EncodeString (cx, JSVAL_TO_STRING (elem_val));
       s = JS_EncodeString (cx, JSVAL_TO_STRING (elem_val));
       argv[n] = g_strdup (s);
       JS_free (cx, s);