1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
|
diff -Npur blender-2.60a.orig/source/blender/blenkernel/intern/blender.c blender-2.60a/source/blender/blenkernel/intern/blender.c
--- blender-2.60a.orig/source/blender/blenkernel/intern/blender.c 2011-11-09 20:56:11.905602401 +0100
+++ blender-2.60a/source/blender/blenkernel/intern/blender.c 2011-11-09 20:56:42.827601857 +0100
@@ -145,6 +145,7 @@ void initglobals(void)
G.f |= G_SCRIPT_AUTOEXEC;
#else
G.f &= ~G_SCRIPT_AUTOEXEC;
+ G.f |= G_SCRIPT_OVERRIDE_PREF; /* Disables turning G_SCRIPT_AUTOEXEC on from user prefs */
#endif
}
diff -Npur blender-2.60a.orig/source/blender/makesrna/intern/rna_userdef.c blender-2.60a/source/blender/makesrna/intern/rna_userdef.c
--- blender-2.60a.orig/source/blender/makesrna/intern/rna_userdef.c 2011-11-09 20:56:12.003602399 +0100
+++ blender-2.60a/source/blender/makesrna/intern/rna_userdef.c 2011-11-09 21:02:43.204595484 +0100
@@ -116,9 +116,17 @@ static void rna_userdef_show_manipulator
static void rna_userdef_script_autoexec_update(Main *UNUSED(bmain), Scene *UNUSED(scene), PointerRNA *ptr)
{
- UserDef *userdef = (UserDef*)ptr->data;
- if (userdef->flag & USER_SCRIPT_AUTOEXEC_DISABLE) G.f &= ~G_SCRIPT_AUTOEXEC;
- else G.f |= G_SCRIPT_AUTOEXEC;
+ if ((G.f & G_SCRIPT_OVERRIDE_PREF) == 0) {
+ /* Blender run with --enable-autoexec */
+ UserDef *userdef = (UserDef*)ptr->data;
+ if (userdef->flag & USER_SCRIPT_AUTOEXEC_DISABLE) G.f &= ~G_SCRIPT_AUTOEXEC;
+ else G.f |= G_SCRIPT_AUTOEXEC;
+ }
+}
+
+static int rna_userdef_script_autoexec_editable(Main *bmain, Scene *scene, PointerRNA *ptr) {
+ /* Disable "Auto Run Python Scripts" checkbox unless Blender run with --enable-autoexec */
+ return !(G.f & G_SCRIPT_OVERRIDE_PREF);
}
static void rna_userdef_mipmap_update(Main *bmain, Scene *scene, PointerRNA *ptr)
@@ -2630,6 +2638,8 @@ static void rna_def_userdef_system(Blend
"Allow any .blend file to run scripts automatically "
"(unsafe with blend files from an untrusted source)");
RNA_def_property_update(prop, 0, "rna_userdef_script_autoexec_update");
+ /* Disable "Auto Run Python Scripts" checkbox unless Blender run with --enable-autoexec */
+ RNA_def_property_editable_func(prop, "rna_userdef_script_autoexec_editable");
prop= RNA_def_property(srna, "use_tabs_as_spaces", PROP_BOOLEAN, PROP_NONE);
RNA_def_property_boolean_negative_sdna(prop, NULL, "flag", USER_TXT_TABSTOSPACES_DISABLE);
diff -Npur blender-2.60a.orig/source/blender/windowmanager/intern/wm_files.c blender-2.60a/source/blender/windowmanager/intern/wm_files.c
--- blender-2.60a.orig/source/blender/windowmanager/intern/wm_files.c 2011-11-09 20:56:12.458602413 +0100
+++ blender-2.60a/source/blender/windowmanager/intern/wm_files.c 2011-11-09 21:05:16.768592770 +0100
@@ -285,12 +285,17 @@ static void wm_init_userdef(bContext *C)
/* set the python auto-execute setting from user prefs */
/* enabled by default, unless explicitly enabled in the command line which overrides */
- if((G.f & G_SCRIPT_OVERRIDE_PREF) == 0) {
+ if (! G.background && ((G.f & G_SCRIPT_OVERRIDE_PREF) == 0)) {
+ /* Blender run with --enable-autoexec */
if ((U.flag & USER_SCRIPT_AUTOEXEC_DISABLE) == 0) G.f |= G_SCRIPT_AUTOEXEC;
else G.f &= ~G_SCRIPT_AUTOEXEC;
}
/* update tempdir from user preferences */
BLI_where_is_temp(btempdir, FILE_MAX, 1);
+
+ /* Workaround to fix default of "Auto Run Python Scripts" checkbox */
+ if ((G.f & G_SCRIPT_OVERRIDE_PREF) && !(G.f & G_SCRIPT_AUTOEXEC))
+ U.flag |= USER_SCRIPT_AUTOEXEC_DISABLE;
}
diff -Npur blender-2.60a.orig/source/blender/windowmanager/intern/wm_operators.c blender-2.60a/source/blender/windowmanager/intern/wm_operators.c
--- blender-2.60a.orig/source/blender/windowmanager/intern/wm_operators.c 2011-11-09 20:56:12.458602413 +0100
+++ blender-2.60a/source/blender/windowmanager/intern/wm_operators.c 2011-11-09 21:07:09.746590772 +0100
@@ -1583,12 +1583,13 @@ static int wm_open_mainfile_exec(bContex
G.fileflags &= ~G_FILE_NO_UI;
else
G.fileflags |= G_FILE_NO_UI;
-
- if(RNA_boolean_get(op->ptr, "use_scripts"))
+
+ /* Restrict "Trusted Source" mode to Blender in --enable-autoexec mode */
+ if(RNA_boolean_get(op->ptr, "use_scripts") && (!(G.f & G_SCRIPT_OVERRIDE_PREF)))
G.f |= G_SCRIPT_AUTOEXEC;
else
G.f &= ~G_SCRIPT_AUTOEXEC;
-
+
// XXX wm in context is not set correctly after WM_read_file -> crash
// do it before for now, but is this correct with multiple windows?
WM_event_add_notifier(C, NC_WINDOW, NULL);
@@ -1600,6 +1601,8 @@ static int wm_open_mainfile_exec(bContex
static void WM_OT_open_mainfile(wmOperatorType *ot)
{
+ PropertyRNA * use_scripts_checkbox = NULL;
+
ot->name= "Open Blender File";
ot->idname= "WM_OT_open_mainfile";
ot->description="Open a Blender file";
@@ -1611,7 +1614,12 @@ static void WM_OT_open_mainfile(wmOperat
WM_operator_properties_filesel(ot, FOLDERFILE|BLENDERFILE, FILE_BLENDER, FILE_OPENFILE, WM_FILESEL_FILEPATH);
RNA_def_boolean(ot->srna, "load_ui", 1, "Load UI", "Load user interface setup in the .blend file");
- RNA_def_boolean(ot->srna, "use_scripts", 1, "Trusted Source", "Allow blend file execute scripts automatically, default available from system preferences");
+ use_scripts_checkbox = RNA_def_boolean(ot->srna, "use_scripts",
+ !!(G.f & G_SCRIPT_AUTOEXEC), "Trusted Source",
+ "Allow blend file execute scripts automatically, default available from system preferences");
+ /* Disable "Trusted Source" checkbox unless Blender run with --enable-autoexec */
+ if (use_scripts_checkbox && (G.f & G_SCRIPT_OVERRIDE_PREF))
+ RNA_def_property_clear_flag(use_scripts_checkbox, PROP_EDITABLE);
}
/* **************** link/append *************** */
diff -Npur blender-2.60a.orig/source/creator/creator.c blender-2.60a/source/creator/creator.c
--- blender-2.60a.orig/source/creator/creator.c 2011-11-09 20:56:11.899602401 +0100
+++ blender-2.60a/source/creator/creator.c 2011-11-09 21:17:22.278579932 +0100
@@ -258,6 +258,7 @@ static int print_help(int UNUSED(argc),
printf("\n");
+ BLI_argsPrintArgDoc(ba, "-666");
BLI_argsPrintArgDoc(ba, "--enable-autoexec");
BLI_argsPrintArgDoc(ba, "--disable-autoexec");
@@ -326,14 +327,14 @@ static int end_arguments(int UNUSED(argc
static int enable_python(int UNUSED(argc), const char **UNUSED(argv), void *UNUSED(data))
{
G.f |= G_SCRIPT_AUTOEXEC;
- G.f |= G_SCRIPT_OVERRIDE_PREF;
+ G.f &= ~G_SCRIPT_OVERRIDE_PREF; /* Enables turning G_SCRIPT_AUTOEXEC off from user prefs */
return 0;
}
static int disable_python(int UNUSED(argc), const char **UNUSED(argv), void *UNUSED(data))
{
G.f &= ~G_SCRIPT_AUTOEXEC;
- G.f |= G_SCRIPT_OVERRIDE_PREF;
+ G.f |= G_SCRIPT_OVERRIDE_PREF; /* Disables turning G_SCRIPT_AUTOEXEC on from user prefs */
return 0;
}
@@ -1055,8 +1056,9 @@ static void setupArguments(bContext *C,
# define PY_DISABLE_AUTO ", (compiled as non-standard default)"
#endif
- BLI_argsAdd(ba, 1, "-y", "--enable-autoexec", "\n\tEnable automatic python script execution" PY_ENABLE_AUTO, enable_python, NULL);
- BLI_argsAdd(ba, 1, "-Y", "--disable-autoexec", "\n\tDisable automatic python script execution (pydrivers, pyconstraints, pynodes)" PY_DISABLE_AUTO, disable_python, NULL);
+ BLI_argsAdd(ba, 1, NULL, "-666", "\n\tEnable automatic python script execution (port from CVE-2009-3850 patch to Blender 2.60a)" PY_ENABLE_AUTO, enable_python, NULL);
+ BLI_argsAdd(ba, 1, "-y", "--enable-autoexec", "\n\tEnable automatic python script execution" PY_ENABLE_AUTO, enable_python, NULL);
+ BLI_argsAdd(ba, 1, "-Y", "--disable-autoexec", "\n\tDisable automatic python script execution (pydrivers, pyconstraints, pynodes)" PY_DISABLE_AUTO, disable_python, NULL);
#undef PY_ENABLE_AUTO
#undef PY_DISABLE_AUTO
|