Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status
summaryrefslogtreecommitdiff
path: root/kde-frameworks/kcoreaddons/files/kcoreaddons-5.27.0-CVE-2016-7966.patch
diff options
context:
space:
mode:
Diffstat (limited to 'kde-frameworks/kcoreaddons/files/kcoreaddons-5.27.0-CVE-2016-7966.patch')
-rw-r--r--kde-frameworks/kcoreaddons/files/kcoreaddons-5.27.0-CVE-2016-7966.patch117
1 files changed, 117 insertions, 0 deletions
diff --git a/kde-frameworks/kcoreaddons/files/kcoreaddons-5.27.0-CVE-2016-7966.patch b/kde-frameworks/kcoreaddons/files/kcoreaddons-5.27.0-CVE-2016-7966.patch
new file mode 100644
index 000000000000..4fbd5e39ace1
--- /dev/null
+++ b/kde-frameworks/kcoreaddons/files/kcoreaddons-5.27.0-CVE-2016-7966.patch
@@ -0,0 +1,117 @@
+From a06cef31cc4c908bc9b76bd9d103fe9c60e0953f Mon Sep 17 00:00:00 2001
+From: Montel Laurent <montel@kde.org>
+Date: Tue, 11 Oct 2016 11:11:08 +0200
+Subject: [PATCH] Add more autotests
+
+---
+ autotests/ktexttohtmltest.cpp | 15 +++++++++++++++
+ 1 file changed, 15 insertions(+)
+
+diff --git a/autotests/ktexttohtmltest.cpp b/autotests/ktexttohtmltest.cpp
+index c5690e8..0179a00 100644
+--- a/autotests/ktexttohtmltest.cpp
++++ b/autotests/ktexttohtmltest.cpp
+@@ -392,6 +392,21 @@ void KTextToHTMLTest::testHtmlConvert_data()
+ << KTextToHTML::Options(KTextToHTML::PreserveSpaces)
+ << "https://\"><!--";
+
++ QTest::newRow("url-exec-html-2") << "https://192.168.1.1:\"><!--"
++ << KTextToHTML::Options(KTextToHTML::PreserveSpaces)
++ << "https://192.168.1.1:\"><!--";
++
++ QTest::newRow("url-exec-html-3") << "https://<IP>:\"><!--"
++ << KTextToHTML::Options(KTextToHTML::PreserveSpaces)
++ << "https://<IP>:\"><!--";
++
++ QTest::newRow("url-exec-html-4") << "https://<IP>:/\"><!--"
++ << KTextToHTML::Options(KTextToHTML::PreserveSpaces)
++ << "https://<IP>:/\"><!--";
++
++ QTest::newRow("url-exec-html-5") << "https://<IP>:/\"><script>alert(1);</script><!--"
++ << KTextToHTML::Options(KTextToHTML::PreserveSpaces)
++ << "https://<IP>:/\"><script>alert(1);</script><!--";
+ }
+
+
+--
+2.7.3
+
+From 5e13d2439dbf540fdc840f0b0ab5b3ebf6642c6a Mon Sep 17 00:00:00 2001
+From: Montel Laurent <montel@kde.org>
+Date: Tue, 11 Oct 2016 11:40:10 +0200
+Subject: [PATCH] Display bad url
+
+---
+ autotests/ktexttohtmltest.cpp | 14 +++++++++-----
+ src/lib/text/ktexttohtml.cpp | 18 +++++++++++++++++-
+ 2 files changed, 26 insertions(+), 6 deletions(-)
+
+diff --git a/autotests/ktexttohtmltest.cpp b/autotests/ktexttohtmltest.cpp
+index 0179a00..ccac29a 100644
+--- a/autotests/ktexttohtmltest.cpp
++++ b/autotests/ktexttohtmltest.cpp
+@@ -390,23 +390,27 @@ void KTextToHTMLTest::testHtmlConvert_data()
+ //Fix url exploit
+ QTest::newRow("url-exec-html") << "https://\"><!--"
+ << KTextToHTML::Options(KTextToHTML::PreserveSpaces)
+- << "https://\"><!--";
++ << "https://&quot;&gt;&lt;!--";
+
+ QTest::newRow("url-exec-html-2") << "https://192.168.1.1:\"><!--"
+ << KTextToHTML::Options(KTextToHTML::PreserveSpaces)
+- << "https://192.168.1.1:\"><!--";
++ << "https://192.168.1.1:&quot;&gt;&lt;!--";
+
+ QTest::newRow("url-exec-html-3") << "https://<IP>:\"><!--"
+ << KTextToHTML::Options(KTextToHTML::PreserveSpaces)
+- << "https://<IP>:\"><!--";
++ << "https://&lt;IP&gt;:&quot;&gt;&lt;!--";
+
+ QTest::newRow("url-exec-html-4") << "https://<IP>:/\"><!--"
+ << KTextToHTML::Options(KTextToHTML::PreserveSpaces)
+- << "https://<IP>:/\"><!--";
++ << "https://&lt;IP&gt;:/&quot;&gt;&lt;!--";
+
+ QTest::newRow("url-exec-html-5") << "https://<IP>:/\"><script>alert(1);</script><!--"
+ << KTextToHTML::Options(KTextToHTML::PreserveSpaces)
+- << "https://<IP>:/\"><script>alert(1);</script><!--";
++ << "https://&lt;IP&gt;:/&quot;&gt;&lt;script&gt;alert(1);&lt;/script&gt;&lt;!--";
++
++ QTest::newRow("url-exec-html-6") << "https://<IP>:/\"><script>alert(1);</script><!--\nTest2"
++ << KTextToHTML::Options(KTextToHTML::PreserveSpaces)
++ << "https://&lt;IP&gt;:/&quot;&gt;&lt;script&gt;alert(1);&lt;/script&gt;&lt;!--\nTest2";
+ }
+
+
+diff --git a/src/lib/text/ktexttohtml.cpp b/src/lib/text/ktexttohtml.cpp
+index 97c5eab..30e0b5d 100644
+--- a/src/lib/text/ktexttohtml.cpp
++++ b/src/lib/text/ktexttohtml.cpp
+@@ -423,7 +423,23 @@ QString KTextToHTML::convertToHtml(const QString &plainText, const KTextToHTML::
+ bool badUrl = false;
+ str = helper.getUrl(&badUrl);
+ if (badUrl) {
+- return helper.mText;
++ QString resultBadUrl;
++ const int helperTextSize(helper.mText.count());
++ for (int i = 0; i < helperTextSize; ++i) {
++ const QChar chBadUrl = helper.mText[i];
++ if (chBadUrl == QLatin1Char('&')) {
++ resultBadUrl += QLatin1String("&amp;");
++ } else if (chBadUrl == QLatin1Char('"')) {
++ resultBadUrl += QLatin1String("&quot;");
++ } else if (chBadUrl == QLatin1Char('<')) {
++ resultBadUrl += QLatin1String("&lt;");
++ } else if (chBadUrl == QLatin1Char('>')) {
++ resultBadUrl += QLatin1String("&gt;");
++ } else {
++ resultBadUrl += chBadUrl;
++ }
++ }
++ return resultBadUrl;
+ }
+ if (!str.isEmpty()) {
+ QString hyperlink;
+--
+2.7.3
+