aboutsummaryrefslogtreecommitdiffstats
path: root/x11/kdelibs4
diff options
context:
space:
mode:
authortcberner <tcberner@FreeBSD.org>2016-08-28 03:30:03 +0800
committertcberner <tcberner@FreeBSD.org>2016-08-28 03:30:03 +0800
commit7640f0eff15a073fcbd8ed8cbbc05fb37e6b277a (patch)
treee1c8cc6631abea99645b54fc5fb3517dc92c4543 /x11/kdelibs4
parente6400a2fe3cfc11f6f8c2998ee75c97a586fafae (diff)
downloadfreebsd-ports-gnome-7640f0eff15a073fcbd8ed8cbbc05fb37e6b277a.tar.gz
freebsd-ports-gnome-7640f0eff15a073fcbd8ed8cbbc05fb37e6b277a.tar.zst
freebsd-ports-gnome-7640f0eff15a073fcbd8ed8cbbc05fb37e6b277a.zip
Add upstream patch for a security issue in karchive:
Directory traversal vulnerability in KArchive before 5.24, as used in KDE Frameworks, allows remote attackers to write to arbitrary files via a ../ (dot dot slash) in a filename in an archive file, related to KNewsstuff downloads. Review the patch is from: https://git.reviewboard.kde.org/r/128749/ Original KF5 review: https://git.reviewboard.kde.org/r/128185/ CVE: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6232 Approved by: rakuco (mentor) Security: 4472ab39-6c66-11e6-9ca5-50e549ebab6c, CVE-2016-6232 MFH: 2016Q3
Diffstat (limited to 'x11/kdelibs4')
-rw-r--r--x11/kdelibs4/Makefile2
-rw-r--r--x11/kdelibs4/files/patch-git_dd1c2da44
2 files changed, 45 insertions, 1 deletions
diff --git a/x11/kdelibs4/Makefile b/x11/kdelibs4/Makefile
index e0daf79cee9f..73ec13993021 100644
--- a/x11/kdelibs4/Makefile
+++ b/x11/kdelibs4/Makefile
@@ -3,7 +3,7 @@
PORTNAME= kdelibs
PORTVERSION= ${KDE4_KDELIBS_VERSION}
-PORTREVISION= 6
+PORTREVISION= 7
CATEGORIES= x11 kde
MASTER_SITES= KDE/${KDE4_APPLICATIONS_BRANCH}/applications/${KDE4_APPLICATIONS_VERSION}/src
DIST_SUBDIR= KDE/${PORTVERSION}
diff --git a/x11/kdelibs4/files/patch-git_dd1c2da b/x11/kdelibs4/files/patch-git_dd1c2da
new file mode 100644
index 000000000000..f70609e81c86
--- /dev/null
+++ b/x11/kdelibs4/files/patch-git_dd1c2da
@@ -0,0 +1,44 @@
+From dd1c2da9d26fd4cfc7fe0a25f413e536d56cf2db Mon Sep 17 00:00:00 2001
+From: Albert Astals Cid <aacid@kde.org>
+Date: Fri, 26 Aug 2016 00:30:34 +0200
+Subject: [PATCH] Backport karchive fix for out of directory files
+
+REVIEW: 128749
+---
+ kdecore/io/karchive.cpp | 15 +++++++++++++--
+
+diff --git kdecore/io/karchive.cpp kdecore/io/karchive.cpp
+index eb0bf2e..d3f8c67 100644
+--- kdecore/io/karchive.cpp
++++ kdecore/io/karchive.cpp
+@@ -800,6 +800,7 @@ static bool sortByPosition( const KArchiveFile* file1, const KArchiveFile* file2
+ void KArchiveDirectory::copyTo(const QString& dest, bool recursiveCopy ) const
+ {
+ QDir root;
++ const QString destDir(QDir(dest).absolutePath()); // get directory path without any "." or ".."
+
+ QList<const KArchiveFile*> fileList;
+ QMap<qint64, QString> fileToDir;
+@@ -809,10 +810,20 @@ void KArchiveDirectory::copyTo(const QString& dest, bool recursiveCopy ) const
+ QStack<QString> dirNameStack;
+
+ dirStack.push( this ); // init stack at current directory
+- dirNameStack.push( dest ); // ... with given path
++ dirNameStack.push( destDir ); // ... with given path
+ do {
+ const KArchiveDirectory* curDir = dirStack.pop();
+- const QString curDirName = dirNameStack.pop();
++
++ // extract only to specified folder if it is located within archive's extraction folder
++ // otherwise put file under root position in extraction folder
++ QString curDirName = dirNameStack.pop();
++ if (!QDir(curDirName).absolutePath().startsWith(destDir)) {
++ qWarning() << "Attempted export into folder" << curDirName
++ << "which is outside of the extraction root folder" << destDir << "."
++ << "Changing export of contained files to extraction root folder.";
++ curDirName = destDir;
++ }
++
+ root.mkdir(curDirName);
+
+ const QStringList dirEntries = curDir->entries();