Date: Mon, 13 Mar 2017 10:04:12 +0000 (UTC) From: Raphael Kubo da Costa <rakuco@FreeBSD.org> To: ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-branches@freebsd.org Subject: svn commit: r436049 - in branches/2017Q1/deskutils/kdepimlibs4: . files Message-ID: <201703131004.v2DA4CBN076962@repo.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: rakuco Date: Mon Mar 13 10:04:12 2017 New Revision: 436049 URL: https://svnweb.freebsd.org/changeset/ports/436049 Log: MFH: r435960 Patch a directory traversal vulnerability in the KTNEF parser. Backported from https://commits.kde.org/ktnef/4ff38aa15487d69021aacad4b078500f77fb4ae8 Security announcement: https://www.kde.org/info/security/advisory-20170227-1.txt Security: e550fc62-069a-11e7-8e3e-5453ed2e2b49 Approved by: ports-secteam (junovitch) Added: branches/2017Q1/deskutils/kdepimlibs4/files/patch-ktnef_ktnefparser.cpp - copied unchanged from r435960, head/deskutils/kdepimlibs4/files/patch-ktnef_ktnefparser.cpp Modified: branches/2017Q1/deskutils/kdepimlibs4/Makefile Directory Properties: branches/2017Q1/ (props changed) Modified: branches/2017Q1/deskutils/kdepimlibs4/Makefile ============================================================================== --- branches/2017Q1/deskutils/kdepimlibs4/Makefile Mon Mar 13 10:03:17 2017 (r436048) +++ branches/2017Q1/deskutils/kdepimlibs4/Makefile Mon Mar 13 10:04:12 2017 (r436049) @@ -3,7 +3,7 @@ PORTNAME= kdepimlibs PORTVERSION= ${KDE4_KDELIBS_VERSION} -PORTREVISION= 6 +PORTREVISION= 7 CATEGORIES= deskutils kde MASTER_SITES= KDE/${KDE4_APPLICATIONS_BRANCH}/applications/${KDE4_APPLICATIONS_VERSION}/src DIST_SUBDIR= KDE/${PORTVERSION} Copied: branches/2017Q1/deskutils/kdepimlibs4/files/patch-ktnef_ktnefparser.cpp (from r435960, head/deskutils/kdepimlibs4/files/patch-ktnef_ktnefparser.cpp) ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ branches/2017Q1/deskutils/kdepimlibs4/files/patch-ktnef_ktnefparser.cpp Mon Mar 13 10:04:12 2017 (r436049, copy of r435960, head/deskutils/kdepimlibs4/files/patch-ktnef_ktnefparser.cpp) @@ -0,0 +1,38 @@ +Fix for https://www.kde.org/info/security/advisory-20170227-1.txt +--- ktnef/ktnefparser.cpp.orig 2017-03-11 20:23:43 UTC ++++ ktnef/ktnefparser.cpp +@@ -40,7 +40,9 @@ + + #include <QtCore/QDateTime> + #include <QtCore/QDataStream> ++#include <QtCore/QDir> + #include <QtCore/QFile> ++#include <QtCore/QFileInfo> + #include <QtCore/QVariant> + #include <QtCore/QList> + +@@ -446,7 +448,9 @@ bool KTNEFParser::extractFile( const QSt + bool KTNEFParser::ParserPrivate::extractAttachmentTo( KTNEFAttach *att, + const QString &dirname ) + { +- QString filename = dirname + '/'; ++ const QString destDir( QDir( dirname ).absolutePath() ); // get directory path without any "." or ".." ++ ++ QString filename = destDir + '/'; + if ( !att->fileName().isEmpty()) { + filename += att->fileName(); + } else { +@@ -462,6 +466,13 @@ bool KTNEFParser::ParserPrivate::extract + if ( !device_->seek( att->offset() ) ) { + return false; + } ++ const QFileInfo fi( filename ); ++ if ( !fi.absoluteFilePath().startsWith( destDir ) ) { ++ kWarning() << "Attempted extract into" << fi.absoluteFilePath() ++ << "which is outside of the extraction root folder" << destDir << "." ++ << "Changing export of contained files to extraction root folder."; ++ filename = destDir + QLatin1Char( '/' ) + fi.fileName(); ++ } + KSaveFile outfile( filename ); + if ( !outfile.open() ) { + return false;
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201703131004.v2DA4CBN076962>