Package: kde4libs / 4:4.14.2-5+deb8u2

CVE-2017-6410.diff Patch series | download
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
From 1804c2fde7bf4e432c6cf5bb8cce5701c7010559 Mon Sep 17 00:00:00 2001
From: Albert Astals Cid <aacid@kde.org>
Date: Tue, 28 Feb 2017 19:08:50 +0100
Subject: [PATCH] Sanitize URLs before passing them to FindProxyForURL

Remove user/password information
For https: remove path and query

Backport from kio f9d0cb47cf94e209f6171ac0e8d774e68156a6e4
---
 kio/misc/kpac/script.cpp | 11 +++++++++--
 1 file changed, 9 insertions(+), 2 deletions(-)

diff --git a/kio/misc/kpac/script.cpp b/kio/misc/kpac/script.cpp
index a595301..9ab360a 100644
--- a/kio/misc/kpac/script.cpp
+++ b/kio/misc/kpac/script.cpp
@@ -754,9 +754,16 @@ namespace KPAC
             }
         }
 
+        KUrl cleanUrl = url;
+        cleanUrl.setUserInfo(QString());
+        if (cleanUrl.scheme().toLower() == QLatin1String("https")) {
+            cleanUrl.setPath(QString());
+            cleanUrl.setQuery(QString());
+        }
+
         QScriptValueList args;
-        args << url.url();
-        args << url.host();
+        args << cleanUrl.url();
+        args << cleanUrl.host();
 
         QScriptValue result = func.call(QScriptValue(), args);
         if (result.isError()) {
-- 
2.1.4