Fix read-only bypass via Cut/Delete context menu commands (Issue #444)#450
Open
JyslaFancy wants to merge 1 commit into
Open
Fix read-only bypass via Cut/Delete context menu commands (Issue #444)#450JyslaFancy wants to merge 1 commit into
JyslaFancy wants to merge 1 commit into
Conversation
…arpcode#444) VULNERABILITY: When TextEditor.IsReadOnly=true, the Cut and Delete commands remained enabled in the context menu and via keyboard shortcuts. This allowed an attacker with UI access to delete or move content from a read-only document, bypassing the read-only protection. ROOT CAUSE: The CanExecute handlers for Cut (CanCutOrCopy) and Delete (CanDelete) only checked whether text was selected, never verified that the document was writable via ReadOnlySectionProvider.CanInsert(). FIX: - CanCutOrCopy: Now checks ReadOnlySectionProvider.CanInsert() when the command is ApplicationCommands.Cut. Copy (also using CanCutOrCopy) remains unaffected — copying from read-only documents is legitimate. - CanDelete: Now requires ReadOnlySectionProvider.CanInsert() in addition to having a non-empty selection. - CanPaste: Already validated via CanInsert — no changes needed. Attack vector: Context menu or keyboard shortcut (Ctrl+X, Del) on a read-only TextEditor with selected text.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Description
Fixes #444: Cut and Delete commands remain enabled in context menu when IsReadOnly=true.
Vulnerability
When , the Cut and Delete commands remained enabled in the context menu and via keyboard shortcuts (Ctrl+X, Del). This allowed bypassing the read-only protection — a user could delete or move content from a read-only document.
Root Cause
The handlers for Cut () and Delete () only checked whether text was selected. They never verified that the document was writable via .
Fix
Attack Vector
Context menu or keyboard shortcut (Ctrl+X, Del) on a read-only with selected text.