diff options
| author | Francois Andriot <francois.andriot@free.fr> | 2013-06-01 18:08:42 +0200 |
|---|---|---|
| committer | Slávek Banko <slavek.banko@axis.cz> | 2013-06-01 18:48:44 +0200 |
| commit | 62f646f835cbf8d0fa9c12fb0a8f96c489b4e92b (patch) | |
| tree | 2ab9ad229b4dd5f7632799d283d0032cf5427ad4 | |
| parent | 6eac96c4dd6fc80088193e53801ad3da957e4138 (diff) | |
| download | tdelibs-62f646f835cbf8d0fa9c12fb0a8f96c489b4e92b.tar.gz tdelibs-62f646f835cbf8d0fa9c12fb0a8f96c489b4e92b.zip | |
Fix security issue when displaying certificate informations (CVE-2011-3365)
(cherry picked from commit a67a48107f8996a6c753fdd02d15e234dbd17ceb)
| -rw-r--r-- | kio/kssl/ksslinfodlg.cc | 21 | ||||
| -rw-r--r-- | kioslave/http/http.cc | 25 |
2 files changed, 38 insertions, 8 deletions
diff --git a/kio/kssl/ksslinfodlg.cc b/kio/kssl/ksslinfodlg.cc index ae2a4a3ae..cc4f71938 100644 --- a/kio/kssl/ksslinfodlg.cc +++ b/kio/kssl/ksslinfodlg.cc @@ -253,6 +253,14 @@ void KSSLInfoDlg::setup(KSSLCertificate *cert, layout->addWidget(new TQLabel(i18n("%1 bits used of a %2 bit cipher").arg(usedbits).arg(bits), this), 10, 1); d->m_layout->addMultiCell(layout, 2, 2, 0, 2); + ipl->setTextFormat(TQt::PlainText); + urlLabel->setTextFormat(TQt::PlainText); + d->_serialNum->setTextFormat(TQt::PlainText); + d->_csl->setTextFormat(TQt::PlainText); + d->_validFrom->setTextFormat(TQt::PlainText); + d->_validUntil->setTextFormat(TQt::PlainText); + d->_digest->setTextFormat(TQt::PlainText); + displayCert(cert); } @@ -400,32 +408,32 @@ void KSSLCertBox::setValues(TQString certName, TQWidget *mailCatcher) { if (!(tmp = cert.getValue("O")).isEmpty()) { label = new TQLabel(i18n("Organization:"), _frame); label->setAlignment(Qt::AlignLeft | Qt::AlignTop); - new TQLabel(tmp, _frame); + (new TQLabel(tmp, _frame))->setTextFormat(TQt::PlainText); } if (!(tmp = cert.getValue("OU")).isEmpty()) { label = new TQLabel(i18n("Organizational unit:"), _frame); label->setAlignment(Qt::AlignLeft | Qt::AlignTop); - new TQLabel(tmp, _frame); + (new TQLabel(tmp, _frame))->setTextFormat(TQt::PlainText); } if (!(tmp = cert.getValue("L")).isEmpty()) { label = new TQLabel(i18n("Locality:"), _frame); label->setAlignment(Qt::AlignLeft | Qt::AlignTop); - new TQLabel(tmp, _frame); + (new TQLabel(tmp, _frame))->setTextFormat(TQt::PlainText); } if (!(tmp = cert.getValue("ST")).isEmpty()) { label = new TQLabel(i18n("Federal State","State:"), _frame); label->setAlignment(Qt::AlignLeft | Qt::AlignTop); - new TQLabel(tmp, _frame); + (new TQLabel(tmp, _frame))->setTextFormat(TQt::PlainText); } if (!(tmp = cert.getValue("C")).isEmpty()) { label = new TQLabel(i18n("Country:"), _frame); label->setAlignment(Qt::AlignLeft | Qt::AlignTop); - new TQLabel(tmp, _frame); + (new TQLabel(tmp, _frame))->setTextFormat(TQt::PlainText); } if (!(tmp = cert.getValue("CN")).isEmpty()) { label = new TQLabel(i18n("Common name:"), _frame); label->setAlignment(Qt::AlignLeft | Qt::AlignTop); - new TQLabel(tmp, _frame); + (new TQLabel(tmp, _frame))->setTextFormat(TQt::PlainText); } if (!(tmp = cert.getValue("Email")).isEmpty()) { label = new TQLabel(i18n("Email:"), _frame); @@ -435,6 +443,7 @@ void KSSLCertBox::setValues(TQString certName, TQWidget *mailCatcher) { connect(mail, TQT_SIGNAL(leftClickedURL(const TQString &)), mailCatcher, TQT_SLOT(mailClicked(const TQString &))); } else { label = new TQLabel(tmp, _frame); + label->setTextFormat(TQt::PlainText); } } if (label && viewport()) { diff --git a/kioslave/http/http.cc b/kioslave/http/http.cc index 30ee723b1..0fba500d3 100644 --- a/kioslave/http/http.cc +++ b/kioslave/http/http.cc @@ -184,6 +184,27 @@ static TQString sanitizeCustomHTTPHeader(const TQString& _header) return sanitizedHeaders.stripWhiteSpace(); } +static TQString htmlEscape(const TQString &plain) +{ + TQString rich; + rich.reserve(uint(plain.length() * 1.1)); + for (uint i = 0; i < plain.length(); ++i) { + if (plain.at(i) == '<') { + rich += "<"; + } else if (plain.at(i) == '>') { + rich += ">"; + } else if (plain.at(i) == '&') { + rich += "&"; + } else if (plain.at(i) == '"') { + rich += """; + } else { + rich += plain.at(i); + } + } + rich.squeeze(); + return rich; +} + #define NO_SIZE ((KIO::filesize_t) -1) @@ -5186,7 +5207,7 @@ void HTTPProtocol::promptInfo( AuthInfo& info ) info.verifyPath = false; info.digestInfo = m_strAuthorization; info.commentLabel = i18n( "Site:" ); - info.comment = i18n("<b>%1</b> at <b>%2</b>").arg( m_strRealm ).arg( m_request.hostname ); + info.comment = i18n("<b>%1</b> at <b>%2</b>").arg( htmlEscape(m_strRealm) ).arg( m_request.hostname ); } } else if ( m_responseCode == 407 ) @@ -5203,7 +5224,7 @@ void HTTPProtocol::promptInfo( AuthInfo& info ) info.verifyPath = false; info.digestInfo = m_strProxyAuthorization; info.commentLabel = i18n( "Proxy:" ); - info.comment = i18n("<b>%1</b> at <b>%2</b>").arg( m_strProxyRealm ).arg( m_proxyURL.host() ); + info.comment = i18n("<b>%1</b> at <b>%2</b>").arg( htmlEscape(m_strProxyRealm) ).arg( m_proxyURL.host() ); } } } |