lashman/pixstrip
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 1 Wiki Activity

Fix 40+ bugs from audit passes 9-12

Browse Source 
- PNG chunk parsing overflow protection with checked arithmetic
- Font directory traversal bounded with global result limit
- find_unique_path TOCTOU race fixed with create_new + marker byte
- Watch mode "processed" dir exclusion narrowed to prevent false skips
- Metadata copy now checks format support before little_exif calls
- Clipboard temp files cleaned up on app exit
- Atomic writes for file manager integration scripts
- BMP format support added to encoder and convert step
- Regex DoS protection with DFA size limit
- Watermark NaN/negative scale guard
- Selective EXIF stripping for privacy/custom metadata modes
- CLI watch mode: file stability checks, per-file history saves
- High contrast toggle preserves and restores original theme
- Image list deduplication uses O(1) HashSet lookups
- Saturation/trim/padding overflow guards in adjustments
This commit is contained in:
lashman
2026-03-07 22:14:48 +02:00
parent adef810691
commit d1cab8a691
18 changed files with 600 additions and 113 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
pixstrip-core/src/fm_integration.rs
View File

@@ -2,7 +2,7 @@ use std::path::{Path, PathBuf};
use crate::error::Result;
use crate::preset::Preset;
use crate::storage::PresetStore;
use crate::storage::{atomic_write, PresetStore};
/// Supported file managers for right-click integration.
#[derive(Debug, Clone, Copy, PartialEq, Eq)]
@@ -214,7 +214,7 @@ class PixstripExtension(GObject.GObject, Nautilus.MenuProvider):
bin = escaped_bin,
);
std::fs::write(nautilus_extension_path(), script)?;
atomic_write(&nautilus_extension_path(), &script)?;
Ok(())
}
@@ -259,7 +259,7 @@ fn install_nemo() -> Result<()> {
Mimetypes=image/*;\n",
bin = bin,
);
std::fs::write(nemo_action_path(), open_action)?;
atomic_write(&nemo_action_path(), &open_action)?;
// Per-preset actions
let presets = get_preset_names();
@@ -279,7 +279,7 @@ fn install_nemo() -> Result<()> {
safe_label = shell_safe(name),
bin = bin,
);
std::fs::write(action_path, action)?;
atomic_write(&action_path, &action)?;
}
Ok(())
@@ -361,7 +361,7 @@ fn install_thunar() -> Result<()> {
}
actions.push_str("</actions>\n");
std::fs::write(thunar_action_path(), actions)?;
atomic_write(&thunar_action_path(), &actions)?;
Ok(())
}
@@ -429,7 +429,7 @@ fn install_dolphin() -> Result<()> {
));
}
std::fs::write(dolphin_service_path(), desktop)?;
atomic_write(&dolphin_service_path(), &desktop)?;
Ok(())
}