From cbb453a0edf5bde883627247b8284f02d18c4493 Mon Sep 17 00:00:00 2001
From: Trial97 <alexandru.tripon97@gmail.com>
Date: Fri, 3 Nov 2023 22:55:10 +0200
Subject: [PATCH] minimize the permisions for extracted files

Signed-off-by: Trial97 <alexandru.tripon97@gmail.com>
---
 launcher/MMCZip.cpp | 32 ++++++++++++++++++++++++++++----
 1 file changed, 28 insertions(+), 4 deletions(-)

diff --git a/launcher/MMCZip.cpp b/launcher/MMCZip.cpp
index 6172fe911..c3acd8eb6 100644
--- a/launcher/MMCZip.cpp
+++ b/launcher/MMCZip.cpp
@@ -42,6 +42,7 @@
 
 #include <QCoreApplication>
 #include <QDebug>
+#include <QFileInfo>
 #include <QUrl>
 
 #if defined(LAUNCHER_APPLICATION)
@@ -327,9 +328,20 @@ std::optional<QStringList> extractSubDir(QuaZip* zip, const QString& subdir, con
         }
 
         extracted.append(target_file_path);
-        QFile::setPermissions(target_file_path,
-                              QFileDevice::Permission::ReadUser | QFileDevice::Permission::WriteUser | QFileDevice::Permission::ExeUser);
+        auto fileInfo = QFileInfo(target_file_path);
+        if (fileInfo.isFile()) {
+            auto permissions = fileInfo.permissions();
+            auto maxPermisions = QFileDevice::Permission::ReadUser | QFileDevice::Permission::WriteUser | QFileDevice::Permission::ExeUser |
+                                 QFileDevice::Permission::ReadGroup | QFileDevice::Permission::ReadOther;
+            auto minPermisions = QFileDevice::Permission::ReadUser | QFileDevice::Permission::WriteUser;
 
+            auto newPermisions = (permissions & maxPermisions) | minPermisions;
+            if (newPermisions != permissions) {
+                if (!QFile::setPermissions(target_file_path, permissions)) {
+                    qWarning() << (QObject::tr("Could not fix permissions for %1").arg(target_file_path));
+                }
+            }
+        }
         qDebug() << "Extracted file" << relative_file_name << "to" << target_file_path;
     } while (zip->goToNextFile());
 
@@ -582,8 +594,20 @@ auto ExtractZipTask::extractZip() -> ZipResult
         }
 
         extracted.append(target_file_path);
-        QFile::setPermissions(target_file_path,
-                              QFileDevice::Permission::ReadUser | QFileDevice::Permission::WriteUser | QFileDevice::Permission::ExeUser);
+        auto fileInfo = QFileInfo(target_file_path);
+        if (fileInfo.isFile()) {
+            auto permissions = fileInfo.permissions();
+            auto maxPermisions = QFileDevice::Permission::ReadUser | QFileDevice::Permission::WriteUser | QFileDevice::Permission::ExeUser |
+                                 QFileDevice::Permission::ReadGroup | QFileDevice::Permission::ReadOther;
+            auto minPermisions = QFileDevice::Permission::ReadUser | QFileDevice::Permission::WriteUser;
+
+            auto newPermisions = (permissions & maxPermisions) | minPermisions;
+            if (newPermisions != permissions) {
+                if (!QFile::setPermissions(target_file_path, permissions)) {
+                    logWarning(tr("Could not fix permissions for %1").arg(target_file_path));
+                }
+            }
+        }
 
         qDebug() << "Extracted file" << relative_file_name << "to" << target_file_path;
     } while (m_input->goToNextFile());