aboutsummaryrefslogtreecommitdiffstats
path: root/www/seamonkey
diff options
context:
space:
mode:
authorpav <pav@FreeBSD.org>2005-09-11 01:24:31 +0800
committerpav <pav@FreeBSD.org>2005-09-11 01:24:31 +0800
commit2a9444045bb385e9ddbe953d56c2ceb430f22d3c (patch)
treea972650fb9cdcae2c1a3f84d20716d651852c3a1 /www/seamonkey
parent237c31fb3140faf8bda7f3ab4a51350f77f78709 (diff)
downloadfreebsd-ports-gnome-2a9444045bb385e9ddbe953d56c2ceb430f22d3c.tar.gz
freebsd-ports-gnome-2a9444045bb385e9ddbe953d56c2ceb430f22d3c.tar.zst
freebsd-ports-gnome-2a9444045bb385e9ddbe953d56c2ceb430f22d3c.zip
- Patch a security vulnerability (DoS, remote execution) in IDN
(internationalized domain names) subsystem, also known as "hyphen domain name bug" Submitted by: Marcus Grando Obtained from: Mozilla Project CVS, https://bugzilla.mozilla.org/show_bug.cgi?query_format=specific&order=relevance+desc&bug_status=__open__&id=307259 Security: CAN-2005-2871 http://secunia.com/advisories/16764/
Diffstat (limited to 'www/seamonkey')
-rw-r--r--www/seamonkey/Makefile2
-rw-r--r--www/seamonkey/files/patch-CAN-2005-287192
2 files changed, 93 insertions, 1 deletions
diff --git a/www/seamonkey/Makefile b/www/seamonkey/Makefile
index 6dd0c277e3eb..a08080b44197 100644
--- a/www/seamonkey/Makefile
+++ b/www/seamonkey/Makefile
@@ -7,7 +7,7 @@
PORTNAME?= mozilla
PORTVERSION= 1.8.b1
-PORTREVISION?= 4
+PORTREVISION?= 5
PORTEPOCH?= 2
CATEGORIES?= www
MASTER_SITES= ${MASTER_SITE_MOZILLA}
diff --git a/www/seamonkey/files/patch-CAN-2005-2871 b/www/seamonkey/files/patch-CAN-2005-2871
new file mode 100644
index 000000000000..0fd2cc670932
--- /dev/null
+++ b/www/seamonkey/files/patch-CAN-2005-2871
@@ -0,0 +1,92 @@
+Index: netwerk/base/src/nsStandardURL.cpp
+===================================================================
+RCS file: /cvs/mozilla/netwerk/base/src/nsStandardURL.cpp,v
+retrieving revision 1.82
+diff -p -u -1 -2 -r1.82 nsStandardURL.cpp
+--- netwerk/base/src/nsStandardURL.cpp 20 Jun 2005 05:23:20 -0000 1.82
++++ netwerk/base/src/nsStandardURL.cpp 9 Sep 2005 16:34:42 -0000
+@@ -458,24 +458,25 @@ nsStandardURL::AppendToBuf(char *buf, PR
+ // 4- update url segment positions and lengths
+ nsresult
+ nsStandardURL::BuildNormalizedSpec(const char *spec)
+ {
+ // Assumptions: all member URLSegments must be relative the |spec| argument
+ // passed to this function.
+
+ // buffers for holding escaped url segments (these will remain empty unless
+ // escaping is required).
+ nsCAutoString encUsername;
+ nsCAutoString encPassword;
+ nsCAutoString encHost;
++ PRBool useEncHost;
+ nsCAutoString encDirectory;
+ nsCAutoString encBasename;
+ nsCAutoString encExtension;
+ nsCAutoString encParam;
+ nsCAutoString encQuery;
+ nsCAutoString encRef;
+
+ //
+ // escape each URL segment, if necessary, and calculate approximate normalized
+ // spec length.
+ //
+ PRInt32 approxLen = 3; // includes room for "://"
+@@ -497,25 +498,25 @@ nsStandardURL::BuildNormalizedSpec(const
+ approxLen += encoder.EncodeSegmentCount(spec, mParam, esc_Param, encParam);
+ approxLen += encoder.EncodeSegmentCount(spec, mQuery, esc_Query, encQuery);
+ approxLen += encoder.EncodeSegmentCount(spec, mRef, esc_Ref, encRef);
+ }
+
+ // do not escape the hostname, if IPv6 address literal, mHost will
+ // already point to a [ ] delimited IPv6 address literal.
+ // However, perform Unicode normalization on it, as IDN does.
+ mHostEncoding = eEncoding_ASCII;
+ if (mHost.mLen > 0) {
+ const nsCSubstring& tempHost =
+ Substring(spec + mHost.mPos, spec + mHost.mPos + mHost.mLen);
+- if (NormalizeIDN(tempHost, encHost))
++ if ((useEncHost = NormalizeIDN(tempHost, encHost)))
+ approxLen += encHost.Length();
+ else
+ approxLen += mHost.mLen;
+ }
+
+ //
+ // generate the normalized URL string
+ //
+ mSpec.SetLength(approxLen + 32);
+ char *buf;
+ mSpec.BeginWriting(buf);
+ PRUint32 i = 0;
+@@ -530,25 +531,30 @@ nsStandardURL::BuildNormalizedSpec(const
+ mAuthority.mPos = i;
+
+ // append authority
+ if (mUsername.mLen > 0) {
+ i = AppendSegmentToBuf(buf, i, spec, mUsername, &encUsername);
+ if (mPassword.mLen >= 0) {
+ buf[i++] = ':';
+ i = AppendSegmentToBuf(buf, i, spec, mPassword, &encPassword);
+ }
+ buf[i++] = '@';
+ }
+ if (mHost.mLen > 0) {
+- i = AppendSegmentToBuf(buf, i, spec, mHost, &encHost);
++ if (useEncHost) {
++ mHost.mPos = i;
++ mHost.mLen = encHost.Length();
++ i = AppendToBuf(buf, i, encHost.get(), mHost.mLen);
++ } else
++ i = AppendSegmentToBuf(buf, i, spec, mHost);
+ net_ToLowerCase(buf + mHost.mPos, mHost.mLen);
+ if (mPort != -1 && mPort != mDefaultPort) {
+ nsCAutoString portbuf;
+ portbuf.AppendInt(mPort);
+ buf[i++] = ':';
+ i = AppendToBuf(buf, i, portbuf.get(), portbuf.Length());
+ }
+ }
+
+ // record authority length
+ mAuthority.mLen = i - mAuthority.mPos;
+