From 9943ac9e1f62030c15567266af98dc8c2e7414f2 Mon Sep 17 00:00:00 2001
From: Raphael Kubo da Costa <rakuco@FreeBSD.org>
Date: Thu, 20 Nov 2014 21:31:17 +0000
Subject: Add upstream patch for CVE-2014-8600 (insufficient input validation).

MFH:		2014Q4
Security:	890b6b22-70fa-11e4-91ae-5453ed2e2b49
---
 www/kwebkitpart/Makefile                     |  2 +-
 www/kwebkitpart/files/patch-src__webpage.cpp | 41 ++++++++++++++++++++++++++++
 2 files changed, 42 insertions(+), 1 deletion(-)
 create mode 100644 www/kwebkitpart/files/patch-src__webpage.cpp

(limited to 'www')

diff --git a/www/kwebkitpart/Makefile b/www/kwebkitpart/Makefile
index c2ef6891982f..e9d474a3449d 100644
--- a/www/kwebkitpart/Makefile
+++ b/www/kwebkitpart/Makefile
@@ -2,7 +2,7 @@
 
 PORTNAME=	kwebkitpart
 PORTVERSION=	1.3.2
-PORTREVISION=	3
+PORTREVISION=	4
 CATEGORIES=	www kde
 MASTER_SITES=	LOCAL/makc
 
diff --git a/www/kwebkitpart/files/patch-src__webpage.cpp b/www/kwebkitpart/files/patch-src__webpage.cpp
new file mode 100644
index 000000000000..231c5a304710
--- /dev/null
+++ b/www/kwebkitpart/files/patch-src__webpage.cpp
@@ -0,0 +1,41 @@
+commit 641aa7c75631084260ae89aecbdb625e918c6689
+Author: Albert Astals Cid <aacid@kde.org>
+Date:   Thu Nov 13 15:06:01 2014 +0100
+
+    Sanitize html
+    
+    As discussed by the security team
+
+--- src/webpage.cpp
++++ src/webpage.cpp
+@@ -226,23 +226,26 @@ QString WebPage::errorPage(int code, const QString& text, const KUrl& reqUrl) co
+     doc += QL1S( "<h3>" );
+     doc += i18n( "Details of the Request:" );
+     doc += QL1S( "</h3><ul><li>" );
+-    doc += i18n( "URL: %1", reqUrl.url() );
++    // escape URL twice: once for i18n, and once for HTML.
++    doc += i18n( "URL: %1", Qt::escape( Qt::escape( reqUrl.prettyUrl() ) ) );
+     doc += QL1S( "</li><li>" );
+ 
+     const QString protocol (reqUrl.protocol());
+     if ( !protocol.isNull() ) {
+-        doc += i18n( "Protocol: %1", protocol );
++        // escape protocol twice: once for i18n, and once for HTML.
++        doc += i18n( "Protocol: %1", Qt::escape( Qt::escape( protocol ) ) );
+         doc += QL1S( "</li><li>" );
+     }
+ 
+     doc += i18n( "Date and Time: %1",
+                  KGlobal::locale()->formatDateTime(QDateTime::currentDateTime(), KLocale::LongDate) );
+     doc += QL1S( "</li><li>" );
+-    doc += i18n( "Additional Information: %1" ,  text );
++    // escape text twice: once for i18n, and once for HTML.
++    doc += i18n( "Additional Information: %1", Qt::escape( Qt::escape( text ) ) );
+     doc += QL1S( "</li></ul><h3>" );
+     doc += i18n( "Description:" );
+     doc += QL1S( "</h3><p>" );
+-    doc += description;
++    doc += Qt::escape( description );
+     doc += QL1S( "</p>" );
+ 
+     if ( causes.count() ) {
-- 
cgit v1.2.3