diff options
| author | markd <markd> | 2009-12-13 19:43:51 +0000 |
|---|---|---|
| committer | markd <markd> | 2009-12-13 19:43:51 +0000 |
| commit | f6648f560f41d8913cd996b920841296bacfa2e4 (patch) | |
| tree | b324b0a3043ec375fd712221c00d59286bb3e561 /x11/kdelibs3/patches | |
| parent | 60e9c3c732411268eec7bd3e3513f8829e914d55 (diff) | |
| download | pkgsrc-f6648f560f41d8913cd996b920841296bacfa2e4.tar.gz | |
Patches for CVE-2009-0689 and KDE advisory 20091027.
Diffstat (limited to 'x11/kdelibs3/patches')
| -rw-r--r-- | x11/kdelibs3/patches/patch-ar | 15 | ||||
| -rw-r--r-- | x11/kdelibs3/patches/patch-as | 46 |
2 files changed, 61 insertions, 0 deletions
diff --git a/x11/kdelibs3/patches/patch-ar b/x11/kdelibs3/patches/patch-ar new file mode 100644 index 00000000000..5c272a51026 --- /dev/null +++ b/x11/kdelibs3/patches/patch-ar @@ -0,0 +1,15 @@ +$NetBSD: patch-ar,v 1.8 2009/12/13 19:43:51 markd Exp $ + +fix array overrun (CVE-2009-0689) + +--- kjs/dtoa.cpp.orig 2005-09-10 20:27:24.000000000 +1200 ++++ kjs/dtoa.cpp +@@ -487,7 +487,7 @@ extern double rnd_prod(double, double), + #define FREE_DTOA_LOCK(n) /*nothing*/ + #endif + +-#define Kmax 15 ++#define Kmax (sizeof(size_t) << 3) + + struct + Bigint { diff --git a/x11/kdelibs3/patches/patch-as b/x11/kdelibs3/patches/patch-as new file mode 100644 index 00000000000..4c1e5b8dbb0 --- /dev/null +++ b/x11/kdelibs3/patches/patch-as @@ -0,0 +1,46 @@ +$NetBSD: patch-as,v 1.8 2009/12/13 19:43:51 markd Exp $ + +http://www.kde.org/info/security/advisory-20091027-1.txt + +--- khtml/ecma/xmlhttprequest.cpp.orig 2007-10-08 22:52:07.000000000 +1300 ++++ khtml/ecma/xmlhttprequest.cpp +@@ -342,16 +342,16 @@ void XMLHttpRequest::send(const QString& + { + aborted = false; + +- if (method == "post") { +- QString protocol = url.protocol().lower(); ++ const QString protocol = url.protocol().lower(); ++ // Abandon the request when the protocol is other than "http", ++ // instead of blindly doing a KIO::get on other protocols like file:/. ++ if (!protocol.startsWith("http") && !protocol.startsWith("webdav")) ++ { ++ abort(); ++ return; ++ } + +- // Abondon the request when the protocol is other than "http", +- // instead of blindly changing it to a "get" request. +- if (!protocol.startsWith("http") && !protocol.startsWith("webdav")) +- { +- abort(); +- return; +- } ++ if (method == "post") { + + // FIXME: determine post encoding correctly by looking in headers + // for charset. +@@ -763,11 +763,11 @@ Value XMLHttpRequestProtoFunc::tryCall(E + if (obj.isValid() && obj.inherits(&DOMDocument::info)) { + DOM::Node docNode = static_cast<KJS::DOMDocument *>(obj.imp())->toNode(); + DOM::DocumentImpl *doc = static_cast<DOM::DocumentImpl *>(docNode.handle()); +- ++ + try { + body = doc->toString().string(); + // FIXME: also need to set content type, including encoding! +- ++ + } catch(DOM::DOMException& e) { + Object err = Error::create(exec, GeneralError, "Exception serializing document"); + exec->setException(err); |