Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status
summaryrefslogtreecommitdiff
path: root/kde-base/kdelibs/files/4.2.4-CVE-2009-1698.patch
diff options
context:
space:
mode:
Diffstat (limited to 'kde-base/kdelibs/files/4.2.4-CVE-2009-1698.patch')
-rw-r--r--kde-base/kdelibs/files/4.2.4-CVE-2009-1698.patch41
1 files changed, 41 insertions, 0 deletions
diff --git a/kde-base/kdelibs/files/4.2.4-CVE-2009-1698.patch b/kde-base/kdelibs/files/4.2.4-CVE-2009-1698.patch
new file mode 100644
index 000000000000..0754c5f02ea0
--- /dev/null
+++ b/kde-base/kdelibs/files/4.2.4-CVE-2009-1698.patch
@@ -0,0 +1,41 @@
+--- branches/KDE/4.3/kdelibs/khtml/css/css_valueimpl.cpp 2009/07/26 03:39:55 1002474
++++ branches/KDE/4.3/kdelibs/khtml/css/css_valueimpl.cpp 2009/07/26 03:40:47 1002475
+@@ -1212,7 +1212,9 @@
+ text = getValueName(m_value.ident);
+ break;
+ case CSSPrimitiveValue::CSS_ATTR:
+- // ###
++ text = "attr(";
++ text += DOMString( m_value.string );
++ text += ")";
+ break;
+ case CSSPrimitiveValue::CSS_COUNTER:
+ text = "counter(";
+
+--- branches/KDE/4.3/kdelibs/khtml/css/cssparser.cpp 2009/07/26 03:39:55 1002474
++++ branches/KDE/4.3/kdelibs/khtml/css/cssparser.cpp 2009/07/26 03:40:47 1002475
+@@ -1513,6 +1513,14 @@
+ if ( args->size() != 1)
+ return false;
+ Value *a = args->current();
++ if (a->unit != CSSPrimitiveValue::CSS_IDENT) {
++ isValid=false;
++ break;
++ }
++ if (qString(a->string)[0] == '-') {
++ isValid=false;
++ break;
++ }
+ parsedValue = new CSSPrimitiveValueImpl(domString(a->string), CSSPrimitiveValue::CSS_ATTR);
+ }
+ else
+@@ -1565,7 +1573,8 @@
+
+ CounterImpl *counter = new CounterImpl;
+ Value *i = args->current();
+-// if (i->unit != CSSPrimitiveValue::CSS_IDENT) goto invalid;
++ if (i->unit != CSSPrimitiveValue::CSS_IDENT) goto invalid;
++ if (qString(i->string)[0] == '-') goto invalid;
+ counter->m_identifier = domString(i->string);
+ if (counters) {
+ i = args->next();