rev 5795 - in branches/etch/packages/qt-x11-free/debian: . patches

Sune Vuorela pusling-guest at alioth.debian.org
Thu Mar 29 22:36:25 CET 2007 

Author: pusling-guest
Date: 2007-03-29 21:36:24 +0000 (Thu, 29 Mar 2007)
New Revision: 5795

Added:
   branches/etch/packages/qt-x11-free/debian/patches/64_utf8-parsing-vulnerability.dpatch
Modified:
   branches/etch/packages/qt-x11-free/debian/changelog
   branches/etch/packages/qt-x11-free/debian/patches/00list
Log:
add patch to fix utf8-parsing


Modified: branches/etch/packages/qt-x11-free/debian/changelog
===================================================================
--- branches/etch/packages/qt-x11-free/debian/changelog	2007-03-29 21:32:19 UTC (rev 5794)
+++ branches/etch/packages/qt-x11-free/debian/changelog	2007-03-29 21:36:24 UTC (rev 5795)
@@ -1,3 +1,10 @@
+qt-x11-free (3:3.3.7-4) unstable; urgency=high
+
+  * Add patch from kde-packagers to fix issue with utf8 parsing
+  * Urgency high due to security fix
+
+ -- Debian Qt/KDE Maintainers <debian-qt-kde at lists.debian.org>  Thu, 29 Mar 2007 23:25:24 +0200
+
 qt-x11-free (3:3.3.7-3) unstable; urgency=low
 
   +++ Changes by Ana Beatriz Guerrero Lopez:

Modified: branches/etch/packages/qt-x11-free/debian/patches/00list
===================================================================
--- branches/etch/packages/qt-x11-free/debian/patches/00list	2007-03-29 21:32:19 UTC (rev 5794)
+++ branches/etch/packages/qt-x11-free/debian/patches/00list	2007-03-29 21:36:24 UTC (rev 5795)
@@ -40,4 +40,5 @@
 60_gnu_hurd_support
 61_fcfontmatch_fontwidth_fix
 62_bengali_charfix
-63_qmake_hurd
\ No newline at end of file
+63_qmake_hurd
+64_utf8-parsing-vulnerability

Added: branches/etch/packages/qt-x11-free/debian/patches/64_utf8-parsing-vulnerability.dpatch
===================================================================
--- branches/etch/packages/qt-x11-free/debian/patches/64_utf8-parsing-vulnerability.dpatch	2007-03-29 21:32:19 UTC (rev 5794)
+++ branches/etch/packages/qt-x11-free/debian/patches/64_utf8-parsing-vulnerability.dpatch	2007-03-29 21:36:24 UTC (rev 5795)
@@ -0,0 +1,127 @@
+#! /bin/sh -e
+## 64_utf8-parsing-vulnerability - orginally sent to kde-packagers 
+## by Dirk Mueller
+##
+## All lines beginning with `## DP:' are a description of the patch.
+## DP: Fixes security issue with utf8-parsing
+
+if [ $# -lt 1 ]; then
+    echo "`basename $0`: script expects -patch|-unpatch as argument" >&2
+    exit 1
+fi
+
+[ -f debian/patches/00patch-opts ] && . debian/patches/00patch-opts
+patch_opts="${patch_opts:--f --no-backup-if-mismatch} ${2:+-d $2}"
+
+case "$1" in
+    -patch) patch -p0 ${patch_opts} < $0;;
+    -unpatch) patch -R -p0 ${patch_opts} < $0;;
+    *)
+        echo "`basename $0`: script expects -patch|-unpatch as argument" >&2
+        exit 1;;
+esac
+
+exit 0
+
+ at DPATCH@
+--- src/codecs/qutfcodec.cpp
++++ src/codecs/qutfcodec.cpp
+@@ -154,6 +154,7 @@
+ 
+ class QUtf8Decoder : public QTextDecoder {
+     uint uc;
++    uint min_uc;
+     int need;
+     bool headerDone;
+ public:
+@@ -167,8 +168,9 @@
+ 	result.setLength( len ); // worst case
+ 	QChar *qch = (QChar *)result.unicode();
+ 	uchar ch;
++        int error = -1;
+ 	for (int i=0; i<len; i++) {
+-	    ch = *chars++;
++	    ch = chars[i];
+ 	    if (need) {
+ 		if ( (ch&0xc0) == 0x80 ) {
+ 		    uc = (uc << 6) | (ch & 0x3f);
+@@ -182,6 +184,8 @@
+ 			    *qch++ = QChar(high);
+ 			    *qch++ = QChar(low);
+ 			    headerDone = TRUE;
++			} else if ((uc < min_uc) || (uc >= 0xd800 && uc <= 0xdfff) || (uc >= 0xfffe)) {
++                            *qch++ = QChar::replacement;
+ 			} else {
+ 			    if (headerDone || QChar(uc) != QChar::byteOrderMark)
+ 				*qch++ = uc;
+@@ -190,6 +194,7 @@
+ 		    }
+ 		} else {
+ 		    // error
++                    i = error;
+ 		    *qch++ = QChar::replacement;
+ 		    need = 0;
+ 		}
+@@ -200,12 +205,21 @@
+ 		} else if ((ch & 0xe0) == 0xc0) {
+ 		    uc = ch & 0x1f;
+ 		    need = 1;
++                    error = i;
++		    min_uc = 0x80;
+ 		} else if ((ch & 0xf0) == 0xe0) {
+ 		    uc = ch & 0x0f;
+ 		    need = 2;
++                    error = i;
++		    min_uc = 0x800;
+ 		} else if ((ch&0xf8) == 0xf0) {
+ 		    uc = ch & 0x07;
+ 		    need = 3;
++                    error = i;
++                    min_uc = 0x10000;
++                } else {
++                    // error
++                    *qch++ = QChar::replacement;
+ 		}
+ 	    }
+ 	}
+--- src/tools/qstring.cpp
++++ src/tools/qstring.cpp
+@@ -5805,6 +5805,7 @@
+     result.setLength( len ); // worst case
+     QChar *qch = (QChar *)result.unicode();
+     uint uc = 0;
++    uint min_uc = 0;
+     int need = 0;
+     int error = -1;
+     uchar ch;
+@@ -5822,6 +5823,12 @@
+ 			unsigned short low = uc%0x400 + 0xdc00;
+ 			*qch++ = QChar(high);
+ 			*qch++ = QChar(low);
++		    } else if (uc < min_uc || (uc >= 0xd800 && uc <= 0xdfff) || (uc >= 0xfffe)) {
++			// overlong seqence, UTF16 surrogate or BOM
++                        i = error;
++                        qch = addOne(qch, result);
++                        *qch++ = QChar(0xdbff);
++                        *qch++ = QChar(0xde00+((uchar)utf8[i]));
+ 		    } else {
+ 			*qch++ = uc;
+ 		    }
+@@ -5844,14 +5851,17 @@
+ 		uc = ch & 0x1f;
+ 		need = 1;
+ 		error = i;
++		min_uc = 0x80;
+ 	    } else if ((ch & 0xf0) == 0xe0) {
+ 		uc = ch & 0x0f;
+ 		need = 2;
+ 		error = i;
++		min_uc = 0x800;
+ 	    } else if ((ch&0xf8) == 0xf0) {
+ 		uc = ch & 0x07;
+ 		need = 3;
+ 		error = i;
++		min_uc = 0x10000;
+ 	    } else {
+ 	        // Error
+                 qch = addOne(qch, result);


Property changes on: branches/etch/packages/qt-x11-free/debian/patches/64_utf8-parsing-vulnerability.dpatch
___________________________________________________________________
Name: svn:executable
   + *

More information about the pkg-kde-commits mailing list