forked from gentoo/gentoo
-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
kde-plasma/kde-cli-tools: backport patch from upstream to resolve CVE…
…-2016-7787 Gentoo-bug: 595534 Package-Manager: portage-2.3.1
- Loading branch information
Michael Palimaka
committed
Sep 29, 2016
1 parent
5369f3f
commit d35f109
Showing
2 changed files
with
106 additions
and
0 deletions.
There are no files selected for viewing
44 changes: 44 additions & 0 deletions
44
kde-plasma/kde-cli-tools/files/kde-cli-tools-5.6.5-CVE-2016-7787.patch
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,44 @@ | ||
From 5eda179a099ba68a20dc21dc0da63e85a565a171 Mon Sep 17 00:00:00 2001 | ||
From: Martin Sandsmark <[email protected]> | ||
Date: Fri, 9 Sep 2016 09:05:57 +0200 | ||
Subject: [PATCH] Make sure people are not trying to sneak invisible characters | ||
on the kdesu label | ||
|
||
i18n: Sorry for the new string | ||
|
||
CCMAIL: [email protected] | ||
--- | ||
kdesu/kdesu.cpp | 10 ++++++++++ | ||
1 file changed, 10 insertions(+) | ||
|
||
diff --git a/kdesu/kdesu.cpp b/kdesu/kdesu.cpp | ||
index b7a66a2..b0efbc7 100644 | ||
--- a/kdesu/kdesu.cpp | ||
+++ b/kdesu/kdesu.cpp | ||
@@ -162,6 +162,10 @@ int main(int argc, char *argv[]) | ||
{ | ||
KMessageBox::sorry(0, i18n("Cannot execute command '%1'.", QString::fromLocal8Bit(command))); | ||
} | ||
+ if (result == -2) | ||
+ { | ||
+ KMessageBox::sorry(0, i18n("Cannot execute command '%1'. It contains invalid characters.", QString::fromLocal8Bit(command))); | ||
+ } | ||
|
||
return result; | ||
} | ||
@@ -387,6 +391,12 @@ static int startApp(QCommandLineParser& p) | ||
qDebug() << "Don't need password!!\n"; | ||
} | ||
|
||
+ for (const QChar character : QString::fromLocal8Bit(command)) { | ||
+ if (!character.isPrint() && character.category() != QChar::Other_Surrogate) { | ||
+ return -2; | ||
+ } | ||
+ } | ||
+ | ||
// Start the dialog | ||
QString password; | ||
if (needpw) | ||
-- | ||
2.7.3 | ||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,62 @@ | ||
# Copyright 1999-2016 Gentoo Foundation | ||
# Distributed under the terms of the GNU General Public License v2 | ||
# $Id$ | ||
|
||
EAPI=6 | ||
|
||
KDE_HANDBOOK="true" | ||
KDE_TEST="true" | ||
VIRTUALX_REQUIRED="test" | ||
inherit kde5 | ||
|
||
DESCRIPTION="Tools based on KDE Frameworks 5 to better interact with the system" | ||
HOMEPAGE="https://projects.kde.org/projects/kde/workspace/kde-cli-tools" | ||
KEYWORDS="~amd64 ~arm ~x86" | ||
IUSE="+kdesu X" | ||
|
||
DEPEND=" | ||
$(add_frameworks_dep kcmutils) | ||
$(add_frameworks_dep kcompletion) | ||
$(add_frameworks_dep kconfig) | ||
$(add_frameworks_dep kconfigwidgets) | ||
$(add_frameworks_dep kcoreaddons) | ||
$(add_frameworks_dep ki18n) | ||
$(add_frameworks_dep kiconthemes) | ||
$(add_frameworks_dep kio) | ||
$(add_frameworks_dep kservice) | ||
$(add_frameworks_dep kwidgetsaddons) | ||
$(add_frameworks_dep kwindowsystem) | ||
$(add_qt_dep qtdbus) | ||
$(add_qt_dep qtgui) | ||
$(add_qt_dep qtsvg) | ||
$(add_qt_dep qtwidgets) | ||
kdesu? ( $(add_frameworks_dep kdesu) ) | ||
X? ( | ||
$(add_frameworks_dep kdelibs4support) | ||
$(add_qt_dep qtx11extras) | ||
x11-libs/libX11 | ||
) | ||
" | ||
RDEPEND="${DEPEND} | ||
handbook? ( !kde-apps/kdesu[handbook] ) | ||
" | ||
|
||
# requires running kde environment | ||
RESTRICT="test" | ||
|
||
PATCHES=( "${FILESDIR}/${P}-CVE-2016-7787.patch" ) | ||
|
||
src_configure() { | ||
local mycmakeargs=( | ||
$(cmake-utils_use_find_package kdesu KF5Su) | ||
$(cmake-utils_use_find_package X KF5KDELibs4Support) | ||
$(cmake-utils_use_find_package X Qt5X11Extras) | ||
) | ||
|
||
kde5_src_configure | ||
} | ||
|
||
src_install() { | ||
kde5_src_install | ||
use kdesu && dosym /usr/$(get_libdir)/libexec/kf5/kdesu /usr/bin/kdesu5 | ||
} |