search

freedomofpress / dangerzone

Take potentially dangerous PDFs, office documents, or images and convert them to safe PDFs
https://dangerzone.rocks/
GNU Affero General Public License v3.0
3.58k stars 168 forks source link

Safe document is archived if output path is same as input path #777

Open naglis opened 5 months ago

naglis commented 5 months ago

Tested on version 0.6.0 on Arch Linux. This happens on both CLI and GUI. In GUI mode, if the option to open the safe document after conversion is selected, opening it fails, since the safe document is archived (moved to "unsafe" directory) before attempting to open it.

To reproduce:

curl -sSL 'https://raw.githubusercontent.com/freedomofpress/dangerzone/main/tests/test_docs/sample-pdf.pdf' -o 'sample.pdf'
sha256sum sample.pdf
dangerzone-cli sample.pdf --output-filename sample.pdf --archive
sha256sum sample.pdf
sha256sum unsafe/sample.pdf

Output:

677875faa9b738158d912383a42dd15cf886072ec54c98c8ee13fa8c5f033adf  sample.pdf
╭──────────────────────────╮
│           ▄██▄           │
│          ██████          │
│         ███▀▀▀██         │
│        ███   ████        │
│       ███   ██████       │
│      ███   ▀▀▀▀████      │
│     ███████  ▄██████     │
│    ███████ ▄█████████    │
│   ████████████████████   │
│    ▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀    │
│                          │
│    Dangerzone v0.6.0     │
│ https://dangerzone.rocks │
╰──────────────────────────╯
Assigning ID 'lrp-3l' to doc '/tmp/sample.pdf'

Converting document to safe PDF
> /usr/bin/podman run --network none -u dangerzone --log-driver none --security-opt no-new-privileges --userns keep-id --cap-drop all --rm -i dangerzone.rocks/dangerzone /usr/bin/python3 -m dangerzone.conversion.doc_to_pixels
[doc lrp-3l] 0% Converting page 1/4 to pixels
[doc lrp-3l] 12% Converting page 2/4 to pixels
[doc lrp-3l] 24% Converting page 3/4 to pixels
[doc lrp-3l] 36% Converting page 4/4 to pixels
[doc lrp-3l] 49% Converted document to pixels
> /usr/bin/podman run --network none -u dangerzone --log-driver none --security-opt no-new-privileges --userns keep-id --cap-drop all --rm -i -v /tmp/tmpffz31mll:/safezone:Z -e OCR=0 -e OCR_LANGUAGE=None dangerzone.rocks/dangerzone /usr/bin/python3 -m dangerzone.conversion.pixels_to_pdf
[doc lrp-3l] 50% Converting page 1/4 from pixels to PDF
[doc lrp-3l] 61% Converting page 2/4 from pixels to PDF
[doc lrp-3l] 72% Converting page 3/4 from pixels to PDF
[doc lrp-3l] 83% Converting page 4/4 from pixels to PDF
[doc lrp-3l] 100% Safe PDF created

Safe PDF(s) created successfully
/tmp/sample.pdf

Unsafe (original) documents moved to 'unsafe' subdirectory
sha256sum: sample.pdf: No such file or directory
9ecacf4bc5a5c0e1cbf319f9800267118ea03e6ab5bf107f99f28494a45503f3  unsafe/sample.pdf