The `org-babel-execute:plantuml' function does not properly escape the `out-file' parameter when invoking the `inkscape' command. This leads to a command injection vulnerability.

Pre-configuration:

(require 'ob-plantuml)
(setq org-babel-plantuml-svg-text-to-path t)
(setq org-plantuml-jar-path (expand-file-name "/usr/share/plantuml/plantuml.jar"))

When the following block is executed (via C-c C-c or org-babel-execute-buffer), arbitrary command execution is triggered:

#+begin_src plantuml :file "$(echo hi' >> /tmp/test.txt).svg"
A -> B : hello
#+end_src

A patch fixing the issue is attached.


From f25afbf8ed0ed398b8287142b93e7bdeb8673ab3 Mon Sep 17 00:00:00 2001
From: Xi Lu <[email protected]>
Date: Wed, 1 Apr 2026 13:46:39 +0800
Subject: [PATCH] * lisp/ob-plantuml.el: Fix command injection vulnerability

    (org-babel-execute:plantuml):
    Fix command injection in `out-file' argument.

    TINYCHANGE
---
 lisp/ob-plantuml.el | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/lisp/ob-plantuml.el b/lisp/ob-plantuml.el
index 93b183b96..3591dda91 100644
--- a/lisp/ob-plantuml.el
+++ b/lisp/ob-plantuml.el
@@ -162,7 +162,9 @@ This function is called by `org-babel-execute-src-block'."
     (message "%s" cmd) (org-babel-eval cmd "")
     (if (and (string= (file-name-extension out-file) "svg")
              org-babel-plantuml-svg-text-to-path)
-        (org-babel-eval (format "inkscape %s -T -l %s" out-file out-file) ""))
+        (org-babel-eval (format "inkscape %s -T -l %s"
+                                (shell-quote-argument out-file)
+                                (shell-quote-argument out-file)) ""))
     (unless do-export (with-temp-buffer
                         (insert-file-contents out-file)
                         (buffer-substring-no-properties
-- 
2.53.0

Reply via email to