Description: Escape theme name before passing it to system(3)
Bug-Debian: https://bugs.debian.org/739709
Author: Marius Gavrilescu <marius@ieval.ro>
Forwarded: no
Last-Update: 2014-02-23

--- a/main.c
+++ b/main.c
@@ -808,27 +808,51 @@
 	}
 }
 
+static gchar *shell_escape (gchar *arg)
+{
+ 	gchar *out;
+	gint n;
+
+	out = g_new(gchar, strlen(arg) * 2 + 1);
+ 	n = 0;
+	for(;*arg;arg++)
+	{
+ 		if(*arg == '\'')
+		{
+			out[n++] = '\'';
+ 			out[n++] = '\\';
+			out[n++] = '\'';
+		}
+ 		out[n++] = *arg;
+ 	}
+	out[n] = 0;
+
+ 	return out;
+ }
+
 static short install_tarball (gchar *path, gchar **rc_file)
 {
-	gchar *command, *themedir;
+	gchar *command, *themedir, *escaped_path;
 	gint result;
 	GList *new_list, *new_theme;
 
 	themedir = g_strdup_printf ("%s/.themes", homedir);
+	escaped_path = shell_escape (path);
 
 	if (path[0] != '/')
 	{
 		gchar *cwd = g_get_current_dir();
-		command = g_strdup_printf ("tar --directory %s -xzf %s/%s 2>/dev/null", themedir, cwd, path);
+		command = g_strdup_printf ("tar --directory %s -xzf %s/'%s' 2>/dev/null", themedir, cwd, escaped_path);
 		g_free (cwd);
 	}
 	else
-		command = g_strdup_printf ("tar --directory %s -xzf %s 2>/dev/null", themedir, path);
+		command = g_strdup_printf ("tar --directory %s -xzf '%s' 2>/dev/null", themedir, escaped_path);
 
 	/* Ensure that ~/.themes exists */
 	mkdir (themedir, S_IRUSR | S_IWUSR | S_IXUSR);
 
 	result = system(command);
+	g_free (escaped_path);
 	g_free (command);
 	g_free (themedir);
 	if (result != EXIT_SUCCESS)