github/qBittorrent
1
0
Fork 0
mirror of https://github.com/qbittorrent/qBittorrent synced 2025-07-16 02:03:07 -07:00
Code Issues Projects Releases Packages Wiki Activity Actions 3
qBittorrent/src
History
Chocobo1 c665c2f4ff
Trim leading whitespaces on Run External Program fields 
Hacked qbt instances may contain malicious script placed in Run External Program and the script
will attempt to hide itself by adding a lot whitespaces at the start of the command string.
Users may mistake the field of being empty but is actually not.
So trim the leading whitespaces to easily expose the malicious script.

Note that GUI already trim the fields and only WebAPI doesn't trim them. This patch will unify
the behavior.

Related: https://github.com/qbittorrent/docker-qbittorrent-nox/issues/71#issuecomment-2993567440
2025-06-28 14:34:37 +08:00
..
app Make modifying log file perms best effort 2025-06-05 17:32:26 +08:00
base Optimize parsing of search results 2025-06-26 08:49:58 +03:00
gui Allow to customize PiecesBar colors 2025-06-28 08:53:47 +03:00
icons Compress images losslessly 2025-06-21 01:21:01 +08:00
lang Sync translations from Transifex and run lupdate 2025-04-21 12:30:57 +03:00
searchengine GHA CI: enforce sorted import in Python scripts 2025-05-31 18:01:02 +08:00
webui Trim leading whitespaces on Run External Program fields 2025-06-28 14:34:37 +08:00
CMakeLists.txt Add support for unit testing 2022-07-10 13:20:27 +08:00
qbittorrent.exe.manifest Opt into Windows SegmentHeap 2024-09-08 15:09:34 +08:00
qbittorrent.rc Bump copyright year 2025-04-20 23:38:34 +03:00
qbittorrent_mingw.rc Fix mingw warning about unrecognized escape sequence 2018-08-14 22:45:21 +03:00