From: Michael Karcher <debian@mkarcher.dialup.fu-berlin.de>
Date: Sat, 29 Dec 2012 17:33:33 +0100
Subject: Fix LP: #911146 relative filename vulnerability

Ensures that filenames passed to extensions are made absolute before
changing the current working directory.
---
 src/extension/implementation/script.cpp |    9 ++++++++-
 1 file changed, 8 insertions(+), 1 deletion(-)

diff --git a/src/extension/implementation/script.cpp b/src/extension/implementation/script.cpp
index b78fbda..02c3aeb 100644
--- a/src/extension/implementation/script.cpp
+++ b/src/extension/implementation/script.cpp
@@ -954,7 +954,14 @@ int Script::execute (const std::list<std::string> &in_command,
     // assemble the rest of argv
     std::copy(in_params.begin(), in_params.end(), std::back_inserter(argv));
     if (!filein.empty()) {
-        argv.push_back(filein);
+        if(Glib::path_is_absolute(filein))
+            argv.push_back(filein);
+        else {
+            std::vector<std::string> buildargs;
+            buildargs.push_back(Glib::get_current_dir());
+            buildargs.push_back(filein);
+            argv.push_back(Glib::build_filename(buildargs));
+        }
     }
 
     int stdout_pipe, stderr_pipe;

--                                                                                                                         1.7.10.4