[pkgsrc/trunk]: pkgsrc/net/kdenetwork4 KGet does not properly sanitise the "n...

[markd <markd%pkgsrc.org@localhost>]

details:   https://anonhg.NetBSD.org/pkgsrc/rev/99930c069dd0
branches:  trunk
changeset: 588357:99930c069dd0
user:      markd <markd%pkgsrc.org@localhost>
date:      Sat May 07 22:25:08 2011 +0000

description:
KGet does not properly sanitise the "name" attribute of the "file" element
of metalink files before using it to download files.
http://secunia.com/advisories/44124/

diffstat:

 net/kdenetwork4/Makefile                                             |   4 +-
 net/kdenetwork4/distinfo                                             |   3 +-
 net/kdenetwork4/patches/patch-kget_ui_metalinkcreator_metalinker.cpp |  21 ++++++++++
 3 files changed, 25 insertions(+), 3 deletions(-)

diffs (52 lines):

diff -r 40930393194d -r 99930c069dd0 net/kdenetwork4/Makefile
--- a/net/kdenetwork4/Makefile  Sat May 07 22:16:16 2011 +0000
+++ b/net/kdenetwork4/Makefile  Sat May 07 22:25:08 2011 +0000
@@ -1,7 +1,7 @@
-# $NetBSD: Makefile,v 1.22 2011/04/22 13:44:23 obache Exp $
+# $NetBSD: Makefile,v 1.23 2011/05/07 22:25:08 markd Exp $
 
 DISTNAME=      kdenetwork-${_KDE_VERSION}
-PKGREVISION=   2
+PKGREVISION=   3
 CATEGORIES=    net
 COMMENT=       Network modules for the KDE integrated X11 desktop
 
diff -r 40930393194d -r 99930c069dd0 net/kdenetwork4/distinfo
--- a/net/kdenetwork4/distinfo  Sat May 07 22:16:16 2011 +0000
+++ b/net/kdenetwork4/distinfo  Sat May 07 22:25:08 2011 +0000
@@ -1,4 +1,4 @@
-$NetBSD: distinfo,v 1.16 2011/01/23 07:55:15 markd Exp $
+$NetBSD: distinfo,v 1.17 2011/05/07 22:25:08 markd Exp $
 
 SHA1 (kdenetwork-4.5.5.tar.bz2) = 2c7dd0bc1809ac477f46ddb966f232ca3f60bc0a
 RMD160 (kdenetwork-4.5.5.tar.bz2) = 769829e255830bf360d9796c0ea9dcb12faeac0b
@@ -7,3 +7,4 @@
 SHA1 (patch-ab) = 0743b3b6c994623c507b8bcd52ee01dad31cf56f
 SHA1 (patch-ae) = 765d48550d2d8b7a59a1593a669b0909fef3bd96
 SHA1 (patch-af) = 5afe11d2691c0f3e9510d2cd1df5b4f736abafbe
+SHA1 (patch-kget_ui_metalinkcreator_metalinker.cpp) = 1c3aaf24097c25120ff95b329e0995bc91843214
diff -r 40930393194d -r 99930c069dd0 net/kdenetwork4/patches/patch-kget_ui_metalinkcreator_metalinker.cpp
--- /dev/null   Thu Jan 01 00:00:00 1970 +0000
+++ b/net/kdenetwork4/patches/patch-kget_ui_metalinkcreator_metalinker.cpp      Sat May 07 22:25:08 2011 +0000
@@ -0,0 +1,21 @@
+$NetBSD: patch-kget_ui_metalinkcreator_metalinker.cpp,v 1.1 2011/05/07 22:25:09 markd Exp $
+
+http://secunia.com/advisories/44124/
+
+--- kget/ui/metalinkcreator/metalinker.cpp     2011/04/09 09:24:33     1227468
++++ kget/ui/metalinkcreator/metalinker.cpp     2011/04/09 09:25:23     1227469
+@@ -583,7 +583,13 @@
+         return false;
+     }
+ 
+-    if (name.contains(QRegExp("$(\\.\\.?)?/")) || name.contains("/../") || name.endsWith("/..")) {
++    if (name.endsWith('/')) {
++        kError(5001) << "Name attribute of Metalink::File does not contain a file name:" << name;
++        return false;
++    }
++
++    const QStringList components = name.split('/');
++    if (name.startsWith('/') || components.contains("..") || components.contains(".")) {
+         kError(5001) << "Name attribute of Metalink::File contains directory traversal directives:" << name;
+         return false;
+     }