[SCM] kcoreaddons packaging branch, master, updated. debian/5.26.0-2-3-gd581f93
Sandro Knauß
hefee at moszumanska.debian.org
Thu Oct 13 09:58:05 UTC 2016
Gitweb-URL: http://git.debian.org/?p=pkg-kde/frameworks/kcoreaddons.git;a=commitdiff;h=3a75d0b
The following commit has been merged in the master branch:
commit 3a75d0b1e7edd04cb6ae2523a02fa902d3ae44fd
Author: Sandro Knauß <hefee at debian.org>
Date: Thu Oct 13 11:52:19 2016 +0200
Additional patches to complete the fix for CVE-2016-7966
---
debian/changelog | 4 ++
debian/patches/0003-Add-more-autotests.patch | 38 +++++++++++++
debian/patches/0004-Display-bad-url.patch | 79 ++++++++++++++++++++++++++++
debian/patches/series | 2 +
4 files changed, 123 insertions(+)
diff --git a/debian/changelog b/debian/changelog
index 24ee2fe..677774d 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,5 +1,9 @@
kcoreaddons (5.26.0-3~) UNRELEASED; urgency=medium
+ [ Sandro Knauß ]
+ * Additional patches to complete the fix for CVE-2016-7966
+ 0003-Add-more-autotests.patch
+ 0004-Display-bad-url.patch
-- Debian Qt/KDE Maintainers <debian-qt-kde at lists.debian.org> Wed, 12 Oct 2016 23:22:53 +0200
diff --git a/debian/patches/0003-Add-more-autotests.patch b/debian/patches/0003-Add-more-autotests.patch
new file mode 100644
index 0000000..0005e12
--- /dev/null
+++ b/debian/patches/0003-Add-more-autotests.patch
@@ -0,0 +1,38 @@
+From a06cef31cc4c908bc9b76bd9d103fe9c60e0953f Mon Sep 17 00:00:00 2001
+From: Montel Laurent <montel at kde.org>
+Date: Tue, 11 Oct 2016 11:11:08 +0200
+Subject: [PATCH 1/2] Add more autotests
+
+---
+ autotests/ktexttohtmltest.cpp | 15 +++++++++++++++
+ 1 file changed, 15 insertions(+)
+
+diff --git a/autotests/ktexttohtmltest.cpp b/autotests/ktexttohtmltest.cpp
+index c5690e8..0179a00 100644
+--- a/autotests/ktexttohtmltest.cpp
++++ b/autotests/ktexttohtmltest.cpp
+@@ -392,6 +392,21 @@ void KTextToHTMLTest::testHtmlConvert_data()
+ << KTextToHTML::Options(KTextToHTML::PreserveSpaces)
+ << "https://\"><!--";
+
++ QTest::newRow("url-exec-html-2") << "https://192.168.1.1:\"><!--"
++ << KTextToHTML::Options(KTextToHTML::PreserveSpaces)
++ << "https://192.168.1.1:\"><!--";
++
++ QTest::newRow("url-exec-html-3") << "https://<IP>:\"><!--"
++ << KTextToHTML::Options(KTextToHTML::PreserveSpaces)
++ << "https://<IP>:\"><!--";
++
++ QTest::newRow("url-exec-html-4") << "https://<IP>:/\"><!--"
++ << KTextToHTML::Options(KTextToHTML::PreserveSpaces)
++ << "https://<IP>:/\"><!--";
++
++ QTest::newRow("url-exec-html-5") << "https://<IP>:/\"><script>alert(1);</script><!--"
++ << KTextToHTML::Options(KTextToHTML::PreserveSpaces)
++ << "https://<IP>:/\"><script>alert(1);</script><!--";
+ }
+
+
+--
+2.9.3
+
diff --git a/debian/patches/0004-Display-bad-url.patch b/debian/patches/0004-Display-bad-url.patch
new file mode 100644
index 0000000..72ed74a
--- /dev/null
+++ b/debian/patches/0004-Display-bad-url.patch
@@ -0,0 +1,79 @@
+From 5e13d2439dbf540fdc840f0b0ab5b3ebf6642c6a Mon Sep 17 00:00:00 2001
+From: Montel Laurent <montel at kde.org>
+Date: Tue, 11 Oct 2016 11:40:10 +0200
+Subject: [PATCH 2/2] Display bad url
+
+---
+ autotests/ktexttohtmltest.cpp | 14 +++++++++-----
+ src/lib/text/ktexttohtml.cpp | 18 +++++++++++++++++-
+ 2 files changed, 26 insertions(+), 6 deletions(-)
+
+diff --git a/autotests/ktexttohtmltest.cpp b/autotests/ktexttohtmltest.cpp
+index 0179a00..ccac29a 100644
+--- a/autotests/ktexttohtmltest.cpp
++++ b/autotests/ktexttohtmltest.cpp
+@@ -390,23 +390,27 @@ void KTextToHTMLTest::testHtmlConvert_data()
+ //Fix url exploit
+ QTest::newRow("url-exec-html") << "https://\"><!--"
+ << KTextToHTML::Options(KTextToHTML::PreserveSpaces)
+- << "https://\"><!--";
++ << "https://"><!--";
+
+ QTest::newRow("url-exec-html-2") << "https://192.168.1.1:\"><!--"
+ << KTextToHTML::Options(KTextToHTML::PreserveSpaces)
+- << "https://192.168.1.1:\"><!--";
++ << "https://192.168.1.1:"><!--";
+
+ QTest::newRow("url-exec-html-3") << "https://<IP>:\"><!--"
+ << KTextToHTML::Options(KTextToHTML::PreserveSpaces)
+- << "https://<IP>:\"><!--";
++ << "https://<IP>:"><!--";
+
+ QTest::newRow("url-exec-html-4") << "https://<IP>:/\"><!--"
+ << KTextToHTML::Options(KTextToHTML::PreserveSpaces)
+- << "https://<IP>:/\"><!--";
++ << "https://<IP>:/"><!--";
+
+ QTest::newRow("url-exec-html-5") << "https://<IP>:/\"><script>alert(1);</script><!--"
+ << KTextToHTML::Options(KTextToHTML::PreserveSpaces)
+- << "https://<IP>:/\"><script>alert(1);</script><!--";
++ << "https://<IP>:/"><script>alert(1);</script><!--";
++
++ QTest::newRow("url-exec-html-6") << "https://<IP>:/\"><script>alert(1);</script><!--
Test2"
++ << KTextToHTML::Options(KTextToHTML::PreserveSpaces)
++ << "https://<IP>:/"><script>alert(1);</script><!--
Test2";
+ }
+
+
+diff --git a/src/lib/text/ktexttohtml.cpp b/src/lib/text/ktexttohtml.cpp
+index 97c5eab..30e0b5d 100644
+--- a/src/lib/text/ktexttohtml.cpp
++++ b/src/lib/text/ktexttohtml.cpp
+@@ -423,7 +423,23 @@ QString KTextToHTML::convertToHtml(const QString &plainText, const KTextToHTML::
+ bool badUrl = false;
+ str = helper.getUrl(&badUrl);
+ if (badUrl) {
+- return helper.mText;
++ QString resultBadUrl;
++ const int helperTextSize(helper.mText.count());
++ for (int i = 0; i < helperTextSize; ++i) {
++ const QChar chBadUrl = helper.mText[i];
++ if (chBadUrl == QLatin1Char('&')) {
++ resultBadUrl += QLatin1String("&");
++ } else if (chBadUrl == QLatin1Char('"')) {
++ resultBadUrl += QLatin1String(""");
++ } else if (chBadUrl == QLatin1Char('<')) {
++ resultBadUrl += QLatin1String("<");
++ } else if (chBadUrl == QLatin1Char('>')) {
++ resultBadUrl += QLatin1String(">");
++ } else {
++ resultBadUrl += chBadUrl;
++ }
++ }
++ return resultBadUrl;
+ }
+ if (!str.isEmpty()) {
+ QString hyperlink;
+--
+2.9.3
+
diff --git a/debian/patches/series b/debian/patches/series
index 8ac2f60..d37aad4 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -1,2 +1,4 @@
0001-Fix-very-old-bug-when-we-remove-space-in-url-as-foo-.patch
0002-Don-t-convert-as-url-an-url-which-has-a.patch
+0003-Add-more-autotests.patch
+0004-Display-bad-url.patch
--
kcoreaddons packaging
More information about the pkg-kde-commits
mailing list