kpriv/pkgsrc
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Fix from KDE security advisory 20100513-1.

Browse source
This commit is contained in:
markd 2010-05-16 21:21:39 +00:00
parent da7b113496
commit a050124de0
6 changed files with 219 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

3
net/kdenetwork4/Makefile
View file

@ -1,6 +1,7 @@
# $NetBSD: Makefile,v 1.9 2010/05/08 22:13:57 markd Exp $
# $NetBSD: Makefile,v 1.10 2010/05/16 21:21:39 markd Exp $
DISTNAME= kdenetwork-${_KDE_VERSION}
PKGREVISION= 1
CATEGORIES= net
COMMENT= Network modules for the KDE integrated X11 desktop

6
net/kdenetwork4/distinfo
View file

@ -1,4 +1,4 @@
$NetBSD: distinfo,v 1.8 2010/05/08 22:13:57 markd Exp $
$NetBSD: distinfo,v 1.9 2010/05/16 21:21:39 markd Exp $
SHA1 (kdenetwork-4.4.3.tar.bz2) = 67237e0142f5d4edc893a7dcafffa79f998c534e
RMD160 (kdenetwork-4.4.3.tar.bz2) = 90814afa79a259ee36b82ae160b64fe79c90a837
@ -7,3 +7,7 @@ SHA1 (patch-aa) = 0359cd86501c57197242c398d63c1fc77c60a4d0
SHA1 (patch-ab) = 0743b3b6c994623c507b8bcd52ee01dad31cf56f
SHA1 (patch-ae) = 765d48550d2d8b7a59a1593a669b0909fef3bd96
SHA1 (patch-af) = fd916bd4d102ef44222842f4327061753d568906
SHA1 (patch-ba) = d8991e4e80074b558614d353e5d35735124c19a5
SHA1 (patch-bb) = d6fcd1b54d7bf7fd090184a8602689d25bf167ba
SHA1 (patch-bc) = 2002a32d5076b566f4f0194b24403ad073251669
SHA1 (patch-bd) = 7d1d880b7c54bd8c5af6bb5c9cd289a3348b7a92

93
net/kdenetwork4/patches/patch-ba Normal file
View file

@ -0,0 +1,93 @@
$NetBSD: patch-ba,v 1.1 2010/05/16 21:21:39 markd Exp $
--- kget/transfer-plugins/metalink/metalink.cpp.orig 2010-04-29 19:58:02.000000000 +0000
+++ kget/transfer-plugins/metalink/metalink.cpp
@@ -99,6 +99,7 @@ void Metalink::start()
void Metalink::metalinkInit(const KUrl &src, const QByteArray &data)
{
kDebug(5001);
+
bool justDownloaded = !m_localMetalinkLocation.isValid();
if (!src.isEmpty())
{
@@ -121,7 +122,9 @@ void Metalink::metalinkInit(const KUrl &
//error
if (!m_metalink.isValid())
{
- kDebug(5001) << "Unknown error when trying to load the .metalink-file";
+ kError(5001) << "Unknown error when trying to load the .metalink-file. Metalink is not valid.";
+ setStatus(Job::Aborted);
+ setTransferChange(Tc_Status, true);
return;
}
@@ -202,7 +205,7 @@ void Metalink::metalinkInit(const KUrl &
if (!m_dataSourceFactory.size())
{
KMessageBox::error(0, i18n("Download failed, no working URLs were found."), i18n("Error"));
- setStatus(Job::Aborted, i18n("An error occurred...."), SmallIcon("document-preview"));
+ setStatus(Job::Aborted);
setTransferChange(Tc_Status, true);
return;
}
@@ -227,16 +230,29 @@ void Metalink::metalinkInit(const KUrl &
ui.treeView->hideColumn(FileItem::SignatureVerified);
dialog->setMainWidget(widget);
dialog->setCaption(i18n("File Selection"));
- dialog->setButtons(KDialog::Ok);
- connect(dialog, SIGNAL(finished()), this, SLOT(filesSelected()));
+ dialog->setButtons(KDialog::Ok | KDialog::Cancel);
+ connect(dialog, SIGNAL(finished(int)), this, SLOT(fileDlgFinished(int)));
dialog->show();
}
}
-void Metalink::filesSelected()
+void Metalink::fileDlgFinished(int result)
{
+ //BEGIN HACK if the dialog was not accepted untick every file, so that the download does not start
+ //generally setStatus should do the job as well, but does not as it appears
+ if (result != QDialog::Accepted) {
+ for (int row = 0; row < fileModel()->rowCount(); ++row) {
+ QModelIndex index = fileModel()->index(row, FileItem::File);
+ if (index.isValid()) {
+ fileModel()->setData(index, Qt::Unchecked, Qt::CheckStateRole);
+ }
+ }
+ }
+ //END
+
QModelIndexList files = fileModel()->fileIndexes(FileItem::File);
+ int numFilesSelected = 0;
foreach (const QModelIndex &index, files)
{
const KUrl dest = fileModel()->getUrl(index);
@@ -244,6 +260,9 @@ void Metalink::filesSelected()
if (m_dataSourceFactory.contains(dest))
{
m_dataSourceFactory[dest]->setDoDownload(doDownload);
+ if (doDownload) {
+ ++numFilesSelected;
+ }
}
}
@@ -252,9 +271,15 @@ void Metalink::filesSelected()
processedSizeChanged();
speedChanged();
+ //no files selected to download or dialog rejected, stop the download
+ if (!numFilesSelected || (result != QDialog::Accepted)) {
+ setStatus(Job::Stopped);//FIXME
+ setTransferChange(Tc_Status, true);
+ return;
+ }
+
//some files may be set to download, so start them as long as the transfer is not stopped
- if (status() != Job::Stopped)
- {
+ if (status() != Job::Stopped) {
startMetalink();
}
}

13
net/kdenetwork4/patches/patch-bb Normal file
View file

@ -0,0 +1,13 @@
$NetBSD: patch-bb,v 1.1 2010/05/16 21:21:39 markd Exp $
--- kget/transfer-plugins/metalink/metalink.h.orig 2009-11-13 10:58:48.000000000 +0000
+++ kget/transfer-plugins/metalink/metalink.h
@@ -81,7 +81,7 @@ class Metalink : public Transfer
private Q_SLOTS:
void metalinkInit(const KUrl &url = KUrl(), const QByteArray &data = QByteArray());
- void filesSelected();
+ void fileDlgFinished(int result);
void totalSizeChanged(KIO::filesize_t size);
void processedSizeChanged();
void speedChanged();

19
net/kdenetwork4/patches/patch-bc Normal file
View file

@ -0,0 +1,19 @@
$NetBSD: patch-bc,v 1.1 2010/05/16 21:21:39 markd Exp $
--- kget/ui/metalinkcreator/metalinker.h.orig 2010-01-31 19:33:11.000000000 +0000
+++ kget/ui/metalinkcreator/metalinker.h
@@ -259,6 +259,14 @@ class File
KIO::filesize_t size;
CommonData data;
Resources resources;
+
+ private:
+ /**
+ * Controlls if the name attribute is valid, i.e. it is not empty and
+ * does not contain any directory traversal directives or information,
+ * as described in the Metalink 4.0 specification 4.1.2.1.
+ */
+ bool isValidNameAttribute() const;
};
class Files

87
net/kdenetwork4/patches/patch-bd Normal file
View file

@ -0,0 +1,87 @@
$NetBSD: patch-bd,v 1.1 2010/05/16 21:21:39 markd Exp $
--- kget/ui/metalinkcreator/metalinker.cpp.orig 2010-01-31 19:33:11.000000000 +0000
+++ kget/ui/metalinkcreator/metalinker.cpp
@@ -528,14 +528,14 @@ void KGetMetalink::Verification::clear()
bool KGetMetalink::File::isValid() const
{
- return !name.isEmpty() && resources.isValid();
+ return isValidNameAttribute() && resources.isValid();
}
void KGetMetalink::File::load(const QDomElement &e)
{
data.load(e);
- name = e.attribute("name");
+ name = QUrl::fromPercentEncoding(e.attribute("name").toAscii());
size = e.firstChildElement("size").text().toULongLong();
verification.load(e);
@@ -575,6 +575,22 @@ void KGetMetalink::File::clear()
resources.clear();
}
+
+bool KGetMetalink::File::isValidNameAttribute() const
+{
+ if (name.isEmpty()) {
+ kError(5001) << "Name attribute of Metalink::File is empty.";
+ return false;
+ }
+
+ if (name.contains(QRegExp("$(\\.\\.?)?/")) || name.contains("/../") || name.endsWith("/..")) {
+ kError(5001) << "Name attribute of Metalink::File contains directory traversal directives:" << name;
+ return false;
+ }
+
+ return true;
+}
+
#ifdef HAVE_NEPOMUK
QHash<QUrl, Nepomuk::Variant> KGetMetalink::File::properties() const
{
@@ -584,13 +600,28 @@ QHash<QUrl, Nepomuk::Variant> KGetMetali
bool KGetMetalink::Files::isValid() const
{
- bool isValid = !files.empty();
- foreach (const File &file, files)
- {
- isValid &= file.isValid();
+ if (files.isEmpty()) {
+ return false;
+ }
+
+ QStringList fileNames;
+ foreach (const File &file, files) {
+ fileNames << file.name;
+ if (!file.isValid()) {
+ return false;
+ }
}
- return isValid;
+ //The value of name must be unique for each file
+ while (!fileNames.isEmpty()) {
+ const QString fileName = fileNames.takeFirst();
+ if (fileNames.contains(fileName)) {
+ kError(5001) << "Metalink::File name" << fileName << "exists multiple times.";
+ return false;
+ }
+ }
+
+ return true;
}
void KGetMetalink::Files::load(const QDomElement &e)
@@ -751,7 +782,7 @@ void KGetMetalink::Metalink_v3::parseFil
for (QDomElement elem = filesElem.firstChildElement("file"); !elem.isNull(); elem = elem.nextSiblingElement("file")) {
File file;
- file.name = elem.attribute("name");
+ file.name = QUrl::fromPercentEncoding(elem.attribute("name").toAscii());
file.size = elem.firstChildElement("size").text().toULongLong();
file.data = parseCommonData(elem);