Filter out more unwanted command URIs

Change-Id: I24c95d73b4fee89bdf044d5dd6efc9cd89627c54
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/181016
Tested-by: Jenkins
Reviewed-by: Xisco Fauli <xiscofauli@libreoffice.org>
Reviewed-By: Daniel Leidert <dleidert@debian.org>
Origin: https://git.libreoffice.org/core/+/7105fb698f897ddb38bd60315444c07356689e14%5E%21
Bug: https://www.libreoffice.org/about-us/security/advisories/cve-2025-1080
Bug: https://github.com/advisories/ghsa-gcgr-r4x5-w79r
Bug-Debian-Security: https://security-tracker.debian.org/tracker/CVE-2025-1080
Bug-Freexian-Security: https://deb.freexian.com/extended-lts/tracker/CVE-2025-1080

Gbp-Pq: Name CVE-2025-1080.patch

diff --git a/desktop/source/app/cmdlineargs.cxx b/desktop/source/app/cmdlineargs.cxx
index 54cc7f868d3245d56bafeac0ad177431aa9eccb6..417de0291528702cd27ff08a5ff934cc651be00b 100644 (file)
--- a/desktop/source/app/cmdlineargs.cxx
+++ b/desktop/source/app/cmdlineargs.cxx
@@ -168,7 +168,7 @@ CommandLineEvent CheckOfficeURI(/* in,out */ OUString& arg, CommandLineEvent cur
     if (nURIlen < 0)
         nURIlen = rest2.getLength();
     auto const uri = rest2.copy(0, nURIlen);
-    if (INetURLObject(uri).GetProtocol() == INetProtocol::Macro) {
+    if (INetURLObject(uri).IsExoticProtocol()) {
         // Let the "Open" machinery process the full command URI (leading to failure, by intention,
         // as the "Open" machinery does not know about those command URI schemes):
         curEvt = CommandLineEvent::Open;