summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorFrancois Andriot <francois.andriot@free.fr>2013-06-01 18:08:42 +0200
committerSlávek Banko <slavek.banko@axis.cz>2013-06-01 18:08:42 +0200
commita67a48107f8996a6c753fdd02d15e234dbd17ceb (patch)
treec7bb3ad6be54591f3441dfc9197c39e1763c430d
parent930498ce8ad0305d1c0a32a7a383d0b909dc96c5 (diff)
downloadtdelibs-a67a48107f8996a6c753fdd02d15e234dbd17ceb.tar.gz
tdelibs-a67a48107f8996a6c753fdd02d15e234dbd17ceb.zip
Fix security issue when displaying certificate informations (CVE-2011-3365)
-rw-r--r--tdeio/kssl/ksslinfodlg.cc21
-rw-r--r--tdeioslave/http/http.cc25
2 files changed, 38 insertions, 8 deletions
diff --git a/tdeio/kssl/ksslinfodlg.cc b/tdeio/kssl/ksslinfodlg.cc
index 7567b8595..fa1e380ba 100644
--- a/tdeio/kssl/ksslinfodlg.cc
+++ b/tdeio/kssl/ksslinfodlg.cc
@@ -253,6 +253,14 @@ void KSSLInfoDlg::setup(KSSLCertificate *cert,
layout->addWidget(new TQLabel(i18n("%1 bits used of a %2 bit cipher").arg(usedbits).arg(bits), this), 10, 1);
d->m_layout->addMultiCell(layout, 2, 2, 0, 2);
+ ipl->setTextFormat(TQt::PlainText);
+ urlLabel->setTextFormat(TQt::PlainText);
+ d->_serialNum->setTextFormat(TQt::PlainText);
+ d->_csl->setTextFormat(TQt::PlainText);
+ d->_validFrom->setTextFormat(TQt::PlainText);
+ d->_validUntil->setTextFormat(TQt::PlainText);
+ d->_digest->setTextFormat(TQt::PlainText);
+
displayCert(cert);
}
@@ -400,32 +408,32 @@ void KSSLCertBox::setValues(TQString certName, TQWidget *mailCatcher) {
if (!(tmp = cert.getValue("O")).isEmpty()) {
label = new TQLabel(i18n("Organization:"), _frame);
label->setAlignment(Qt::AlignLeft | Qt::AlignTop);
- new TQLabel(tmp, _frame);
+ (new TQLabel(tmp, _frame))->setTextFormat(TQt::PlainText);
}
if (!(tmp = cert.getValue("OU")).isEmpty()) {
label = new TQLabel(i18n("Organizational unit:"), _frame);
label->setAlignment(Qt::AlignLeft | Qt::AlignTop);
- new TQLabel(tmp, _frame);
+ (new TQLabel(tmp, _frame))->setTextFormat(TQt::PlainText);
}
if (!(tmp = cert.getValue("L")).isEmpty()) {
label = new TQLabel(i18n("Locality:"), _frame);
label->setAlignment(Qt::AlignLeft | Qt::AlignTop);
- new TQLabel(tmp, _frame);
+ (new TQLabel(tmp, _frame))->setTextFormat(TQt::PlainText);
}
if (!(tmp = cert.getValue("ST")).isEmpty()) {
label = new TQLabel(i18n("Federal State","State:"), _frame);
label->setAlignment(Qt::AlignLeft | Qt::AlignTop);
- new TQLabel(tmp, _frame);
+ (new TQLabel(tmp, _frame))->setTextFormat(TQt::PlainText);
}
if (!(tmp = cert.getValue("C")).isEmpty()) {
label = new TQLabel(i18n("Country:"), _frame);
label->setAlignment(Qt::AlignLeft | Qt::AlignTop);
- new TQLabel(tmp, _frame);
+ (new TQLabel(tmp, _frame))->setTextFormat(TQt::PlainText);
}
if (!(tmp = cert.getValue("CN")).isEmpty()) {
label = new TQLabel(i18n("Common name:"), _frame);
label->setAlignment(Qt::AlignLeft | Qt::AlignTop);
- new TQLabel(tmp, _frame);
+ (new TQLabel(tmp, _frame))->setTextFormat(TQt::PlainText);
}
if (!(tmp = cert.getValue("Email")).isEmpty()) {
label = new TQLabel(i18n("Email:"), _frame);
@@ -435,6 +443,7 @@ void KSSLCertBox::setValues(TQString certName, TQWidget *mailCatcher) {
connect(mail, TQT_SIGNAL(leftClickedURL(const TQString &)), mailCatcher, TQT_SLOT(mailClicked(const TQString &)));
} else {
label = new TQLabel(tmp, _frame);
+ label->setTextFormat(TQt::PlainText);
}
}
if (label && viewport()) {
diff --git a/tdeioslave/http/http.cc b/tdeioslave/http/http.cc
index a492221d5..fd7c0bfb5 100644
--- a/tdeioslave/http/http.cc
+++ b/tdeioslave/http/http.cc
@@ -184,6 +184,27 @@ static TQString sanitizeCustomHTTPHeader(const TQString& _header)
return sanitizedHeaders.stripWhiteSpace();
}
+static TQString htmlEscape(const TQString &plain)
+{
+ TQString rich;
+ rich.reserve(uint(plain.length() * 1.1));
+ for (uint i = 0; i < plain.length(); ++i) {
+ if (plain.at(i) == '<') {
+ rich += "&lt;";
+ } else if (plain.at(i) == '>') {
+ rich += "&gt;";
+ } else if (plain.at(i) == '&') {
+ rich += "&amp;";
+ } else if (plain.at(i) == '"') {
+ rich += "&quot;";
+ } else {
+ rich += plain.at(i);
+ }
+ }
+ rich.squeeze();
+ return rich;
+}
+
#define NO_SIZE ((TDEIO::filesize_t) -1)
@@ -5186,7 +5207,7 @@ void HTTPProtocol::promptInfo( AuthInfo& info )
info.verifyPath = false;
info.digestInfo = m_strAuthorization;
info.commentLabel = i18n( "Site:" );
- info.comment = i18n("<b>%1</b> at <b>%2</b>").arg( m_strRealm ).arg( m_request.hostname );
+ info.comment = i18n("<b>%1</b> at <b>%2</b>").arg( htmlEscape(m_strRealm) ).arg( m_request.hostname );
}
}
else if ( m_responseCode == 407 )
@@ -5203,7 +5224,7 @@ void HTTPProtocol::promptInfo( AuthInfo& info )
info.verifyPath = false;
info.digestInfo = m_strProxyAuthorization;
info.commentLabel = i18n( "Proxy:" );
- info.comment = i18n("<b>%1</b> at <b>%2</b>").arg( m_strProxyRealm ).arg( m_proxyURL.host() );
+ info.comment = i18n("<b>%1</b> at <b>%2</b>").arg( htmlEscape(m_strProxyRealm) ).arg( m_proxyURL.host() );
}
}
}