From d0458b9068d60d89c590594509443b824520acb9 Mon Sep 17 00:00:00 2001
From: Steve Bennett <steveb@workware.net.au>
Date: Thu, 29 Jul 2021 15:10:50 +1000
Subject: win32: add taint check to win32.ShellExecute

Compile tested only.

Signed-off-by: Steve Bennett <steveb@workware.net.au>
---
 jim-win32.c | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/jim-win32.c b/jim-win32.c
index 858e49d..cbc3bae 100644
--- a/jim-win32.c
+++ b/jim-win32.c
@@ -100,6 +100,10 @@ Win32_ShellExecute(Jim_Interp *interp, int objc, Jim_Obj * const *objv)
         Jim_WrongNumArgs(interp, 1, objv, "verb path ?parameters?");
         return JIM_ERR;
     }
+    if (Jim_CheckTaint(interp, JIM_TAINT_ANY)) {
+        Jim_SetTaintError(interp, 1, objv);
+        return JIM_ERR;
+    }
     verb = Jim_String(objv[1]);
     file = Jim_String(objv[2]);
     GetCurrentDirectoryA(MAX_PATH + 1, cwd);
-- 
cgit v1.1