[packages/kdelibs.git] / post-3.5.7-kdelibs-kdecore.diff

------------------------------------------------------------------------
r700053 | mueller | 2007-08-14 18:37:30 +0200 (Tue, 14 Aug 2007) | 2 lines

be more robust against addressbar spoofing (CVE-2007-4225)

------------------------------------------------------------------------
--- kdecore/tests/kurltest.cpp
+++ kdecore/tests/kurltest.cpp
@@ -288,6 +288,16 @@ int main(int argc, char *argv[])
   check("KURL::prettyURL()", url15582.prettyURL(), "http://alain.knaff.linux.lu/bug-reports/kde/percentage%in%url.html");
   check("KURL::url()", url15582.url(), "http://alain.knaff.linux.lu/bug-reports/kde/percentage%25in%25url.html");
 
+  KURL whitespaceInUser("http://www.google.com%20%20%20%20%20@foobar.com/");
+  check("KURL::prettyURL()", whitespaceInUser.prettyURL(), "http://www.google.com%20%20%20%20%20@foobar.com/");
+
+  KURL whitespaceInPath("http://www.google.com/foo%20bar/");
+  check("KURL::prettyURL()", whitespaceInPath.prettyURL(), "http://www.google.com/foo bar/");
+
+   KURL whitespaceInPath2("http://www.google.com/foo%20%20%20%20%20%20%20bar/");
+  check("KURL::prettyURL()", whitespaceInPath2.prettyURL(),
+          "http://www.google.com/foo%20%20%20%20%20%20 bar/");
+
   KURL carsten;
   carsten.setPath("/home/gis/src/kde/kdelibs/kfile/.#kfiledetailview.cpp.1.18");
   check("KURL::path()", carsten.path(), "/home/gis/src/kde/kdelibs/kfile/.#kfiledetailview.cpp.1.18");
@@ -594,6 +604,15 @@ int main(int argc, char *argv[])
   check("http: URL with empty path string path", waba1.path(),
         "");
 
+  waba1 = "http://www.meinestadt.de&url_plain=http";
+  check("http: URL with empty path string", waba1.host(),
+         "www.meinestadt.de&url_plain=http");
+  check("http: URL with empty path string", waba1.htmlURL(),
+         "http://www.meinestadt.de&amp;url_plain=http");
+ 
+  check("http: URL with empty path string", waba1.path(),
+         "");
+
   waba1 = "http://a:389#b=c";
   check( "http: URL with port, ref, and empty path; url", waba1.url(), "http://a:389#b=c" );
   check( "http: URL with port, ref, and empty path; host", waba1.host(), "a" );
--- kdecore/kurl.cpp
+++ kdecore/kurl.cpp
@@ -183,7 +183,7 @@ static QString lazy_encode( const QStrin
         (character == '?') || // Start of query delimiter
         ((character == '@') && encodeAt) || // Username delimiter
         (character == '#') || // Start of reference delimiter
-        ((character == 32) && (i+1 == old_length))) // A trailing space
+        ((character == 32) && (i+1 == old_length || segment[i+1] == ' '))) // A trailing space
     {
       new_segment[ new_length++ ] = '%';
 
@@ -1540,7 +1540,7 @@ QString KURL::prettyURL( int _trailing )
     u += "//";
     if ( hasUser() )
     {
-      u += lazy_encode(m_strUser);
+      u += encode(m_strUser, 0, 0);
       // Don't show password!
       u += "@";
     }
Commit	Line	Data
0a9201ae AG	1	------------------------------------------------------------------------
	2	r700053 \| mueller \| 2007-08-14 18:37:30 +0200 (Tue, 14 Aug 2007) \| 2 lines
	3
	4	be more robust against addressbar spoofing (CVE-2007-4225)
	5
	6	------------------------------------------------------------------------
	7	--- kdecore/tests/kurltest.cpp
	8	+++ kdecore/tests/kurltest.cpp
	9	@@ -288,6 +288,16 @@ int main(int argc, char *argv[])
	10	check("KURL::prettyURL()", url15582.prettyURL(), "http://alain.knaff.linux.lu/bug-reports/kde/percentage%in%url.html");
	11	check("KURL::url()", url15582.url(), "http://alain.knaff.linux.lu/bug-reports/kde/percentage%25in%25url.html");
	12
	13	+ KURL whitespaceInUser("http://www.google.com%20%20%20%20%20@foobar.com/");
	14	+ check("KURL::prettyURL()", whitespaceInUser.prettyURL(), "http://www.google.com%20%20%20%20%20@foobar.com/");
	15	+
	16	+ KURL whitespaceInPath("http://www.google.com/foo%20bar/");
	17	+ check("KURL::prettyURL()", whitespaceInPath.prettyURL(), "http://www.google.com/foo bar/");
	18	+
	19	+ KURL whitespaceInPath2("http://www.google.com/foo%20%20%20%20%20%20%20bar/");
	20	+ check("KURL::prettyURL()", whitespaceInPath2.prettyURL(),
	21	+ "http://www.google.com/foo%20%20%20%20%20%20 bar/");
	22	+
	23	KURL carsten;
	24	carsten.setPath("/home/gis/src/kde/kdelibs/kfile/.#kfiledetailview.cpp.1.18");
	25	check("KURL::path()", carsten.path(), "/home/gis/src/kde/kdelibs/kfile/.#kfiledetailview.cpp.1.18");
	26	@@ -594,6 +604,15 @@ int main(int argc, char *argv[])
	27	check("http: URL with empty path string path", waba1.path(),
	28	"");
	29
	30	+ waba1 = "http://www.meinestadt.de&url_plain=http";
	31	+ check("http: URL with empty path string", waba1.host(),
	32	+ "www.meinestadt.de&url_plain=http");
	33	+ check("http: URL with empty path string", waba1.htmlURL(),
	34	+ "http://www.meinestadt.de&url_plain=http");
	35	+
	36	+ check("http: URL with empty path string", waba1.path(),
	37	+ "");
	38	+
	39	waba1 = "http://a:389#b=c";
	40	check( "http: URL with port, ref, and empty path; url", waba1.url(), "http://a:389#b=c" );
	41	check( "http: URL with port, ref, and empty path; host", waba1.host(), "a" );
	42	--- kdecore/kurl.cpp
	43	+++ kdecore/kurl.cpp
	44	@@ -183,7 +183,7 @@ static QString lazy_encode( const QStrin
	45	(character == '?') \|\| // Start of query delimiter
	46	((character == '@') && encodeAt) \|\| // Username delimiter
	47	(character == '#') \|\| // Start of reference delimiter
	48	- ((character == 32) && (i+1 == old_length))) // A trailing space
	49	+ ((character == 32) && (i+1 == old_length \|\| segment[i+1] == ' '))) // A trailing space
	50	{
	51	new_segment[ new_length++ ] = '%';
	52
	53	@@ -1540,7 +1540,7 @@ QString KURL::prettyURL( int _trailing )
	54	u += "//";
	55	if ( hasUser() )
	56	{
	57	- u += lazy_encode(m_strUser);
	58	+ u += encode(m_strUser, 0, 0);
	59	// Don't show password!
	60	u += "@";
	61	}