svn commit: r436049 - in branches/2017Q1/deskutils/kdepimlibs4: . files
Raphael Kubo da Costa
rakuco at FreeBSD.org
Mon Mar 13 10:04:14 UTC 2017
Author: rakuco
Date: Mon Mar 13 10:04:12 2017
New Revision: 436049
URL: https://svnweb.freebsd.org/changeset/ports/436049
Log:
MFH: r435960
Patch a directory traversal vulnerability in the KTNEF parser.
Backported from
https://commits.kde.org/ktnef/4ff38aa15487d69021aacad4b078500f77fb4ae8
Security announcement:
https://www.kde.org/info/security/advisory-20170227-1.txt
Security: e550fc62-069a-11e7-8e3e-5453ed2e2b49
Approved by: ports-secteam (junovitch)
Added:
branches/2017Q1/deskutils/kdepimlibs4/files/patch-ktnef_ktnefparser.cpp
- copied unchanged from r435960, head/deskutils/kdepimlibs4/files/patch-ktnef_ktnefparser.cpp
Modified:
branches/2017Q1/deskutils/kdepimlibs4/Makefile
Directory Properties:
branches/2017Q1/ (props changed)
Modified: branches/2017Q1/deskutils/kdepimlibs4/Makefile
==============================================================================
--- branches/2017Q1/deskutils/kdepimlibs4/Makefile Mon Mar 13 10:03:17 2017 (r436048)
+++ branches/2017Q1/deskutils/kdepimlibs4/Makefile Mon Mar 13 10:04:12 2017 (r436049)
@@ -3,7 +3,7 @@
PORTNAME= kdepimlibs
PORTVERSION= ${KDE4_KDELIBS_VERSION}
-PORTREVISION= 6
+PORTREVISION= 7
CATEGORIES= deskutils kde
MASTER_SITES= KDE/${KDE4_APPLICATIONS_BRANCH}/applications/${KDE4_APPLICATIONS_VERSION}/src
DIST_SUBDIR= KDE/${PORTVERSION}
Copied: branches/2017Q1/deskutils/kdepimlibs4/files/patch-ktnef_ktnefparser.cpp (from r435960, head/deskutils/kdepimlibs4/files/patch-ktnef_ktnefparser.cpp)
==============================================================================
--- /dev/null 00:00:00 1970 (empty, because file is newly added)
+++ branches/2017Q1/deskutils/kdepimlibs4/files/patch-ktnef_ktnefparser.cpp Mon Mar 13 10:04:12 2017 (r436049, copy of r435960, head/deskutils/kdepimlibs4/files/patch-ktnef_ktnefparser.cpp)
@@ -0,0 +1,38 @@
+Fix for https://www.kde.org/info/security/advisory-20170227-1.txt
+--- ktnef/ktnefparser.cpp.orig 2017-03-11 20:23:43 UTC
++++ ktnef/ktnefparser.cpp
+@@ -40,7 +40,9 @@
+
+ #include <QtCore/QDateTime>
+ #include <QtCore/QDataStream>
++#include <QtCore/QDir>
+ #include <QtCore/QFile>
++#include <QtCore/QFileInfo>
+ #include <QtCore/QVariant>
+ #include <QtCore/QList>
+
+@@ -446,7 +448,9 @@ bool KTNEFParser::extractFile( const QSt
+ bool KTNEFParser::ParserPrivate::extractAttachmentTo( KTNEFAttach *att,
+ const QString &dirname )
+ {
+- QString filename = dirname + '/';
++ const QString destDir( QDir( dirname ).absolutePath() ); // get directory path without any "." or ".."
++
++ QString filename = destDir + '/';
+ if ( !att->fileName().isEmpty()) {
+ filename += att->fileName();
+ } else {
+@@ -462,6 +466,13 @@ bool KTNEFParser::ParserPrivate::extract
+ if ( !device_->seek( att->offset() ) ) {
+ return false;
+ }
++ const QFileInfo fi( filename );
++ if ( !fi.absoluteFilePath().startsWith( destDir ) ) {
++ kWarning() << "Attempted extract into" << fi.absoluteFilePath()
++ << "which is outside of the extraction root folder" << destDir << "."
++ << "Changing export of contained files to extraction root folder.";
++ filename = destDir + QLatin1Char( '/' ) + fi.fileName();
++ }
+ KSaveFile outfile( filename );
+ if ( !outfile.open() ) {
+ return false;
More information about the svn-ports-all
mailing list