rev 5795 - in branches/etch/packages/qt-x11-free/debian: . patches
Sune Vuorela
pusling-guest at alioth.debian.org
Thu Mar 29 22:36:25 CET 2007
Author: pusling-guest
Date: 2007-03-29 21:36:24 +0000 (Thu, 29 Mar 2007)
New Revision: 5795
Added:
branches/etch/packages/qt-x11-free/debian/patches/64_utf8-parsing-vulnerability.dpatch
Modified:
branches/etch/packages/qt-x11-free/debian/changelog
branches/etch/packages/qt-x11-free/debian/patches/00list
Log:
add patch to fix utf8-parsing
Modified: branches/etch/packages/qt-x11-free/debian/changelog
===================================================================
--- branches/etch/packages/qt-x11-free/debian/changelog 2007-03-29 21:32:19 UTC (rev 5794)
+++ branches/etch/packages/qt-x11-free/debian/changelog 2007-03-29 21:36:24 UTC (rev 5795)
@@ -1,3 +1,10 @@
+qt-x11-free (3:3.3.7-4) unstable; urgency=high
+
+ * Add patch from kde-packagers to fix issue with utf8 parsing
+ * Urgency high due to security fix
+
+ -- Debian Qt/KDE Maintainers <debian-qt-kde at lists.debian.org> Thu, 29 Mar 2007 23:25:24 +0200
+
qt-x11-free (3:3.3.7-3) unstable; urgency=low
+++ Changes by Ana Beatriz Guerrero Lopez:
Modified: branches/etch/packages/qt-x11-free/debian/patches/00list
===================================================================
--- branches/etch/packages/qt-x11-free/debian/patches/00list 2007-03-29 21:32:19 UTC (rev 5794)
+++ branches/etch/packages/qt-x11-free/debian/patches/00list 2007-03-29 21:36:24 UTC (rev 5795)
@@ -40,4 +40,5 @@
60_gnu_hurd_support
61_fcfontmatch_fontwidth_fix
62_bengali_charfix
-63_qmake_hurd
\ No newline at end of file
+63_qmake_hurd
+64_utf8-parsing-vulnerability
Added: branches/etch/packages/qt-x11-free/debian/patches/64_utf8-parsing-vulnerability.dpatch
===================================================================
--- branches/etch/packages/qt-x11-free/debian/patches/64_utf8-parsing-vulnerability.dpatch 2007-03-29 21:32:19 UTC (rev 5794)
+++ branches/etch/packages/qt-x11-free/debian/patches/64_utf8-parsing-vulnerability.dpatch 2007-03-29 21:36:24 UTC (rev 5795)
@@ -0,0 +1,127 @@
+#! /bin/sh -e
+## 64_utf8-parsing-vulnerability - orginally sent to kde-packagers
+## by Dirk Mueller
+##
+## All lines beginning with `## DP:' are a description of the patch.
+## DP: Fixes security issue with utf8-parsing
+
+if [ $# -lt 1 ]; then
+ echo "`basename $0`: script expects -patch|-unpatch as argument" >&2
+ exit 1
+fi
+
+[ -f debian/patches/00patch-opts ] && . debian/patches/00patch-opts
+patch_opts="${patch_opts:--f --no-backup-if-mismatch} ${2:+-d $2}"
+
+case "$1" in
+ -patch) patch -p0 ${patch_opts} < $0;;
+ -unpatch) patch -R -p0 ${patch_opts} < $0;;
+ *)
+ echo "`basename $0`: script expects -patch|-unpatch as argument" >&2
+ exit 1;;
+esac
+
+exit 0
+
+ at DPATCH@
+--- src/codecs/qutfcodec.cpp
++++ src/codecs/qutfcodec.cpp
+@@ -154,6 +154,7 @@
+
+ class QUtf8Decoder : public QTextDecoder {
+ uint uc;
++ uint min_uc;
+ int need;
+ bool headerDone;
+ public:
+@@ -167,8 +168,9 @@
+ result.setLength( len ); // worst case
+ QChar *qch = (QChar *)result.unicode();
+ uchar ch;
++ int error = -1;
+ for (int i=0; i<len; i++) {
+- ch = *chars++;
++ ch = chars[i];
+ if (need) {
+ if ( (ch&0xc0) == 0x80 ) {
+ uc = (uc << 6) | (ch & 0x3f);
+@@ -182,6 +184,8 @@
+ *qch++ = QChar(high);
+ *qch++ = QChar(low);
+ headerDone = TRUE;
++ } else if ((uc < min_uc) || (uc >= 0xd800 && uc <= 0xdfff) || (uc >= 0xfffe)) {
++ *qch++ = QChar::replacement;
+ } else {
+ if (headerDone || QChar(uc) != QChar::byteOrderMark)
+ *qch++ = uc;
+@@ -190,6 +194,7 @@
+ }
+ } else {
+ // error
++ i = error;
+ *qch++ = QChar::replacement;
+ need = 0;
+ }
+@@ -200,12 +205,21 @@
+ } else if ((ch & 0xe0) == 0xc0) {
+ uc = ch & 0x1f;
+ need = 1;
++ error = i;
++ min_uc = 0x80;
+ } else if ((ch & 0xf0) == 0xe0) {
+ uc = ch & 0x0f;
+ need = 2;
++ error = i;
++ min_uc = 0x800;
+ } else if ((ch&0xf8) == 0xf0) {
+ uc = ch & 0x07;
+ need = 3;
++ error = i;
++ min_uc = 0x10000;
++ } else {
++ // error
++ *qch++ = QChar::replacement;
+ }
+ }
+ }
+--- src/tools/qstring.cpp
++++ src/tools/qstring.cpp
+@@ -5805,6 +5805,7 @@
+ result.setLength( len ); // worst case
+ QChar *qch = (QChar *)result.unicode();
+ uint uc = 0;
++ uint min_uc = 0;
+ int need = 0;
+ int error = -1;
+ uchar ch;
+@@ -5822,6 +5823,12 @@
+ unsigned short low = uc%0x400 + 0xdc00;
+ *qch++ = QChar(high);
+ *qch++ = QChar(low);
++ } else if (uc < min_uc || (uc >= 0xd800 && uc <= 0xdfff) || (uc >= 0xfffe)) {
++ // overlong seqence, UTF16 surrogate or BOM
++ i = error;
++ qch = addOne(qch, result);
++ *qch++ = QChar(0xdbff);
++ *qch++ = QChar(0xde00+((uchar)utf8[i]));
+ } else {
+ *qch++ = uc;
+ }
+@@ -5844,14 +5851,17 @@
+ uc = ch & 0x1f;
+ need = 1;
+ error = i;
++ min_uc = 0x80;
+ } else if ((ch & 0xf0) == 0xe0) {
+ uc = ch & 0x0f;
+ need = 2;
+ error = i;
++ min_uc = 0x800;
+ } else if ((ch&0xf8) == 0xf0) {
+ uc = ch & 0x07;
+ need = 3;
+ error = i;
++ min_uc = 0x10000;
+ } else {
+ // Error
+ qch = addOne(qch, result);
Property changes on: branches/etch/packages/qt-x11-free/debian/patches/64_utf8-parsing-vulnerability.dpatch
___________________________________________________________________
Name: svn:executable
+ *
More information about the pkg-kde-commits
mailing list