Bug 443911

Summary: Joystick KCM device path handling is borked
Product: [Applications] systemsettings Reporter: Nagy Tibor <xnagytibor>
Component: kcm_joystickAssignee: Plasma Bugs List <plasma-bugs-null>
Status: RESOLVED WORKSFORME    
Severity: normal CC: nate
Priority: NOR    
Version First Reported In: 5.23.0   
Target Milestone: ---   
Platform: Neon   
OS: Linux   
Latest Commit: Version Fixed/Implemented In:
Sentry Crash Report:

Description Nagy Tibor 2021-10-17 20:48:17 UTC 
SUMMARY
The Joystick KCM tries to ensure that paths entered into the Device field are within the "/dev" directory. However it fails to do so. It has two significant issues:

1. Path truncation.
When an entered path has a "/dev" subpath somewhere in the middle, the path gets truncated. For example "/your/long/path/dev/joy0" gets truncated to "/dev/joy0" and the KCM tries to use this incorrect path instead of throwing an error that the specified path is outside of "/dev".

2. Path canonicalization.
The KCM doesn't canonicalize paths to check if they are indeed under "/dev", it's vulnerable to path traversals. For example it happily accepts "/dev/../your/path" as a valid path despite being outside of "/dev".

SOFTWARE/OS VERSIONS
Operating System: KDE neon 5.23
KDE Plasma Version: 5.23.0
KDE Frameworks Version: 5.87.0
Qt Version: 5.15.3
Comment 1 Nate Graham 2025-10-09 16:19:54 UTC 
Thank you for the bug report, and I'm sorry we weren't able to look into it yet. A lot has changed since it was reported; can I ask you to see if this is still an issue with Plasma 6.4 or later? Thanks a lot!
Comment 2 Bug Janitor Service 2025-10-24 03:47:18 UTC 
๐Ÿ›๐Ÿงน โš ๏ธ This bug has been in NEEDSINFO status with no change for at least 15 days. Please provide the requested information, then set the bug status to REPORTED. If there is no change for at least 30 days, it will be automatically closed as RESOLVED WORKSFORME.

For more information about our bug triaging procedures, please read https://community.kde.org/Guidelines_and_HOWTOs/Bug_triaging.

Thank you for helping us make KDE software even better for everyone!
Comment 3 Bug Janitor Service 2025-11-08 03:48:03 UTC 
๐Ÿ›๐Ÿงน This bug has been in NEEDSINFO status with no change for at least 30 days. Closing as RESOLVED WORKSFORME.