Go to:
Gentoo Home
Documentation
Forums
Lists
Bugs
Planet
Store
Wiki
Get Gentoo!
Gentoo's Bugzilla – Attachment 114905 Details for
Bug 172746
{kde-base/kdelibs-3.5.5-r10|x11-libs/qt} UTF 8 issues (CVE-2007-0242)
Home
|
New
–
[Ex]
|
Browse
|
Search
|
Privacy Policy
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
[patch]
kdelibs-kjs.diff
kdelibs-kjs.diff (text/plain), 1.31 KB, created by
Sune Kloppenborg Jeppesen (RETIRED)
on 2007-03-30 06:23:43 UTC
(
hide
)
Description:
kdelibs-kjs.diff
Filename:
MIME Type:
Creator:
Sune Kloppenborg Jeppesen (RETIRED)
Created:
2007-03-30 06:23:43 UTC
Size:
1.31 KB
patch
obsolete
>------------------------------------------------------------------------ >r645387 | porten | 2007-03-22 15:01:13 +0100 (Thu, 22 Mar 2007) | 4 lines > >substitute some of the invalid sequences with the standard replacement >char. this matches Mozilla but not IE which leaves them unchanged (or >throws an exception) > >------------------------------------------------------------------------ >--- kjs/function.cpp >+++ kjs/function.cpp >@@ -244,11 +244,15 @@ UString decodeURI(ExecState *exec, UStri > } > > // UTF-8 transform >+ const unsigned long replacementChar = 0xFFFD; > unsigned long V; > if (n == 2) { > unsigned long yyyyy = octets[0] & 0x1F; > unsigned long zzzzzz = octets[1] & 0x3F; > V = (yyyyy << 6) | zzzzzz; >+ // 2-byte sequence overlong for this value? >+ if (V < 0xFF) >+ V = replacementChar; > C = UChar((unsigned short)V); > } > else if (n == 3) { >@@ -256,6 +260,11 @@ UString decodeURI(ExecState *exec, UStri > unsigned long yyyyyy = octets[1] & 0x3F; > unsigned long zzzzzz = octets[2] & 0x3F; > V = (xxxx << 12) | (yyyyyy << 6) | zzzzzz; >+ // 3-byte sequence overlong for this value, >+ // an invalid value or UTF-16 surrogate? >+ if (V < 0x800 || V == 0xFFFE || V == 0xFFFF || >+ (V >= 0xD800 && V <= 0xDFFF)) >+ V = replacementChar; > C = UChar((unsigned short)V); > } > else {
You cannot view the attachment while viewing its details because your browser does not support IFRAMEs.
View the attachment on a separate page
.
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 172746
: 114905 |
114906
|
114907