Mirrors/tg
2
0
Fork 0
mirror of https://github.com/paul-nameless/tg synced 2024-11-22 03:43:19 +00:00
Code Issues Projects Releases Packages Wiki Activity

mitigation for CVE-2015-20107 (#271)

Browse source 
Fixes: https://github.com/paul-nameless/tg/issues/270

Co-authored-by: Kevin Chan <a.aacdx@gmail.com>
This commit is contained in:
Kevin Chan 2022-08-08 23:20:52 +08:00 committed by GitHub
parent 49981d1247
commit 2b0c0cf199
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
1 changed files with 1 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
tg/utils.py
View file

@ -85,7 +85,7 @@ def get_file_handler(file_path: str) -> str:
return config.DEFAULT_OPEN.format(file_path=shlex.quote(file_path)) return config.DEFAULT_OPEN.format(file_path=shlex.quote(file_path))
caps = get_mailcap() caps = get_mailcap()
handler, view = mailcap.findmatch(caps, mtype, filename=file_path) handler, view = mailcap.findmatch(caps, mtype, filename=shlex.quote(file_path))
if not handler: if not handler:
return config.DEFAULT_OPEN.format(file_path=shlex.quote(file_path)) return config.DEFAULT_OPEN.format(file_path=shlex.quote(file_path))
return handler return handler