From 1670e48a16e8bc239e3893156e1a4e634dc11593 Mon Sep 17 00:00:00 2001 From: Jaex Date: Fri, 14 Aug 2020 14:47:03 +0300 Subject: [PATCH] Make sure only json and xml files will be extracted from backup file, also limit max uncompressed size for backup and FFmpeg --- ShareX.ImageEffectsLib/ImageEffectPackager.cs | 2 +- ShareX.MediaLib/FFmpegDownloader.cs | 2 +- ShareX.Setup/Program.cs | 4 ++-- ShareX/Forms/ApplicationSettingsForm.resx | 12 ++++++------ ShareX/SettingManager.cs | 6 +++++- 5 files changed, 15 insertions(+), 11 deletions(-) diff --git a/ShareX.ImageEffectsLib/ImageEffectPackager.cs b/ShareX.ImageEffectsLib/ImageEffectPackager.cs index 79e1cdc89..62f83cbb9 100644 --- a/ShareX.ImageEffectsLib/ImageEffectPackager.cs +++ b/ShareX.ImageEffectsLib/ImageEffectPackager.cs @@ -89,7 +89,7 @@ public static string ExtractPackage(string packageFilePath, string destination) } return false; - }, 20_000_000); + }, 100_000_000); } return configJson; diff --git a/ShareX.MediaLib/FFmpegDownloader.cs b/ShareX.MediaLib/FFmpegDownloader.cs index 6cd3605b2..c9cd0bba8 100644 --- a/ShareX.MediaLib/FFmpegDownloader.cs +++ b/ShareX.MediaLib/FFmpegDownloader.cs @@ -58,7 +58,7 @@ public static bool ExtractFFmpeg(string archivePath, string extractPath) { try { - ZipManager.Extract(archivePath, extractPath, false, entry => entry.Name.Equals("ffmpeg.exe", StringComparison.OrdinalIgnoreCase)); + ZipManager.Extract(archivePath, extractPath, false, entry => entry.Name.Equals("ffmpeg.exe", StringComparison.OrdinalIgnoreCase), 1_000_000_000); return true; } catch (Exception e) diff --git a/ShareX.Setup/Program.cs b/ShareX.Setup/Program.cs index 82ed1e05e..3d78ef6d6 100644 --- a/ShareX.Setup/Program.cs +++ b/ShareX.Setup/Program.cs @@ -342,7 +342,7 @@ private static void CopyFFmpeg(string destination, bool include32bit, bool inclu if (!File.Exists(FFmpeg32bit)) { string filename = SetupHelpers.DownloadFile("https://ffmpeg.zeranoe.com/builds/win32/static/ffmpeg-4.2.2-win32-static.zip"); - ZipManager.Extract(filename, ".", false, entry => entry.Name.Equals("ffmpeg.exe", StringComparison.OrdinalIgnoreCase)); + ZipManager.Extract(filename, ".", false, entry => entry.Name.Equals("ffmpeg.exe", StringComparison.OrdinalIgnoreCase), 1_000_000_000); File.Move("ffmpeg.exe", FFmpeg32bit); } @@ -354,7 +354,7 @@ private static void CopyFFmpeg(string destination, bool include32bit, bool inclu if (!File.Exists(FFmpeg64bit)) { string filename = SetupHelpers.DownloadFile("https://ffmpeg.zeranoe.com/builds/win64/static/ffmpeg-4.2.2-win64-static.zip"); - ZipManager.Extract(filename, ".", false, entry => entry.Name.Equals("ffmpeg.exe", StringComparison.OrdinalIgnoreCase)); + ZipManager.Extract(filename, ".", false, entry => entry.Name.Equals("ffmpeg.exe", StringComparison.OrdinalIgnoreCase), 1_000_000_000); File.Move("ffmpeg.exe", FFmpeg64bit); } diff --git a/ShareX/Forms/ApplicationSettingsForm.resx b/ShareX/Forms/ApplicationSettingsForm.resx index e7ac3c478..580b9d758 100644 --- a/ShareX/Forms/ApplicationSettingsForm.resx +++ b/ShareX/Forms/ApplicationSettingsForm.resx @@ -1660,7 +1660,7 @@ True - 16, 80 + 16, 88 58, 17 @@ -1687,7 +1687,7 @@ True - 16, 56 + 16, 64 64, 17 @@ -1741,7 +1741,7 @@ NoControl - 16, 168 + 16, 176 184, 24 @@ -1768,7 +1768,7 @@ NoControl - 208, 104 + 208, 112 184, 23 @@ -1795,7 +1795,7 @@ NoControl - 16, 104 + 16, 112 184, 23 @@ -1822,7 +1822,7 @@ NoControl - 16, 136 + 16, 144 184, 23 diff --git a/ShareX/SettingManager.cs b/ShareX/SettingManager.cs index 1363f810c..1197002b1 100644 --- a/ShareX/SettingManager.cs +++ b/ShareX/SettingManager.cs @@ -391,7 +391,11 @@ public static bool Import(string archivePath) { try { - ZipManager.Extract(archivePath, Program.PersonalFolder); + ZipManager.Extract(archivePath, Program.PersonalFolder, true, entry => + { + return Helpers.CheckExtension(entry.Name, new string[] { "json", "xml" }); + }, 1_000_000_000); + return true; } catch (Exception e)