| 69 | |
| 70 | |
| 71 | def check_suspicious_options(args: list[str]) -> None: |
| 72 | options = {arg for arg in args if arg.startswith("-")} |
| 73 | try: |
| 74 | files = set(os.listdir()) |
| 75 | except OSError: |
| 76 | # If we can list files in the current working directory, this means that |
| 77 | # we're probably in an unlinked directory. Dangerzone should still work in |
| 78 | # this case, so we should return here. |
| 79 | return |
| 80 | |
| 81 | intersection = options & files |
| 82 | if intersection: |
| 83 | filenames_str = ", ".join(intersection) |
| 84 | msg = ( |
| 85 | f"Security: Detected CLI options that are also present as files in the" |
| 86 | f" current working directory: {filenames_str}" |
| 87 | ) |
| 88 | click.echo(msg) |
| 89 | sys.exit(1) |
| 90 | |
| 91 | |
| 92 | def override_parser_and_check_suspicious_options(click_main: click.Command) -> None: |