459859 – KRunner erroneously executes command when user is deleting input

Bug 459859 - KRunner erroneously executes command when user is deleting input

Summary: KRunner erroneously executes command when user is deleting input

Status:	RESOLVED FIXED

Alias:	None

Product:	krunner
Classification:	Plasma
Component:	general (show other bugs)
Version:	5.25.5
Platform:	Ubuntu Linux

Importance:	NOR major
Target Milestone:	---
Assignee:	Alexander Lohnau

URL:
Keywords:

Depends on:
Blocks:

Reported:	2022-09-30 13:13 UTC by phd
Modified:	2023-02-24 01:12 UTC (History)
CC List:	3 users (show)

See Also:
Latest Commit:	https://invent.kde.org/plasma/milou/commit/2d5f08e955c1bca2ab53f41769d705f1c2e800e2
Version Fixed In:	5.27.2
Sentry Crash Report:

Attachments
Add an attachment

Note You need to log in before you can comment on or make changes to this bug.

Description phd 2022-09-30 13:13:48 UTC

SUMMARY
KRunner erroneously executes command when user is deleting text from its input field.
This happens after user typed non-existing command, pressed Enter, and then started deleting text.
Once a match for this shortened text is found, it is executed, which should not happen.

STEPS TO REPRODUCE
1. Open KRunner window
2. type "konsole123"
3. press Enter (nothing will happen)
4. start deleting characters with Backspace
5. once "123" is deleted and the input says "konsole", Konsole will be started

OBSERVED RESULT
"konsole" is started despite user didn't explicitly allowed that action.

EXPECTED RESULT
Nothing should happen.

SOFTWARE/OS VERSIONS
Linux: Ubuntu 22.04
X.org: 1.21.1.3
KDE Plasma: 5.25.5
KDE Frameworks: 5.98.0
Qt: 5.15.3

Comment 1 phd 2022-09-30 13:15:56 UTC

>4. start deleting characters with Backspace
4. start deleting characters with Backspace ONE BY ONE

if you just press and hold Backspace, this bug might not be triggered.

Comment 2 phd 2022-09-30 13:23:33 UTC

>if you just press and hold Backspace, this bug might not be triggered.
however it *will* be triggered once you now enter anything else that has a match, even a suggestion

STEPS TO REPRODUCE
1. Open KRunner window
2. type "konsole123"
3. press Enter (nothing will happen)
4. press and hold Backspace until the input is *empty*
5. press "k", it will probably be auto-completed to some random command, and it will be executed (!)
5a. if not, write "kcalc" and it will be executed even without pressing Enter

OBSERVED RESULT
Random command matching new input (or its auto-complete) is started despite user didn't explicitly allowed that action.

EXPECTED RESULT
Nothing should happen.

Comment 3 phd 2022-09-30 13:44:06 UTC

What is more, you can close the KRunner window and then the bug will still trigger once you open KRunner again, even after a long time.

And the bug will (obviously) trigger also when you *paste* the new content into the input field.

The above scenario might be a security/data-loss issue, because clipboard content might contain some dangerous command and that should always require user pressing Enter to confirm its execution.

STEPS TO REPRODUCE
1. Open KRunner window
2. type "konsole123"
3. press Enter (nothing will happen)
4. close KRunner by pressing Esc key

5. copy "kcalc" into your clipboard
6. open KRunner window again
7. press Ctrl+V to paste "kcalc" into Krunner

OBSERVED RESULT
Pasted command ("kcalc") will be executed despite user didn't explicitly allowed that action.

EXPECTED RESULT
Nothing should happen.

Comment 4 Nate Graham 2022-10-09 21:39:05 UTC

Whoa, can reproduce. This seems bad.

Comment 5 David Korth 2023-02-19 06:41:25 UTC

Can still reproduce in 5.27.0.

In RunCommand.qml:

function runCurrentIndex(event) {
    var entry = runnerManager.history[currentIndex]
    if (entry) {
        // If user presses Shift+Return to invoke an action, invoke the first runner action
        if (event && event.modifiers === Qt.ShiftModifier
                && currentItem.additionalActions && currentItem.additionalActions.length > 0) {
            runAction(0);
            return
        }

        queryField.text = entry
        queryField.forceActiveFocus();
    }
}

I'm not able to debug this myself (no experience with QML), but it seems like the access to runnerManager.history[] might be blocking until something's present in the list?

Comment 6 Bug Janitor Service 2023-02-19 07:53:01 UTC

A possibly relevant merge request was started @ https://invent.kde.org/plasma/milou/-/merge_requests/52

Comment 7 Alexander Lohnau 2023-02-19 07:55:11 UTC

@David Korth That code is only relevant for the history, like having an empty query and pressing the arrow-down key in KRunner.
But I was quite confused by that too when I started working with KRunner :)

Comment 8 David Korth 2023-02-19 17:04:54 UTC

(In reply to Bug Janitor Service from comment #6)
> A possibly relevant merge request was started @
> https://invent.kde.org/plasma/milou/-/merge_requests/52

Can confirm that this patch fixes the issue for me.

Comment 9 Alexander Lohnau 2023-02-21 16:44:30 UTC

Git commit 717164ca13fbe3ff9f738964a9efbecdc0814e40 by Alexander Lohnau.
Committed on 20/02/2023 at 12:46.
Pushed by alex into branch 'master'.

Do not run match automatically when query string changed

M  +6    -1    lib/qml/ResultsView.qml

https://invent.kde.org/plasma/milou/commit/717164ca13fbe3ff9f738964a9efbecdc0814e40

Comment 10 Alexander Lohnau 2023-02-21 16:45:45 UTC

Git commit 2d5f08e955c1bca2ab53f41769d705f1c2e800e2 by Alexander Lohnau.
Committed on 21/02/2023 at 16:45.
Pushed by alex into branch 'Plasma/5.27'.

Do not run match automatically when query string changed


(cherry picked from commit 717164ca13fbe3ff9f738964a9efbecdc0814e40)

M  +6    -1    lib/qml/ResultsView.qml

https://invent.kde.org/plasma/milou/commit/2d5f08e955c1bca2ab53f41769d705f1c2e800e2