Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
openSUSE:11.4:Update
namazu.import5528
namazu-2.0.18-CVE-2011-4345-XSS.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File namazu-2.0.18-CVE-2011-4345-XSS.patch of Package namazu.import5528
Index: namazu-2.0.18/nmz/codeconv.c =================================================================== --- namazu-2.0.18.orig/nmz/codeconv.c +++ namazu-2.0.18/nmz/codeconv.c @@ -400,6 +400,71 @@ zen2han(char *str) *(s + q) = '\0'; } +static void +check_eucjp(uchar *s) +{ + int i; + size_t num; + + num = strlen((char *)s); + i = 0; + while (i < num) { + if (s[i] >= 0x20 && s[i] <= 0x7e) { + i++; + } + else if (s[i] >= 0xa1 && s[i] <= 0xfe) { + if (i + 1 < num) { + if (s[i + 1] >= 0xa1 && s[i + 1] <= 0xfe) { + i += 2; + } + else { + s[i++] = ' '; + s[i++] = ' '; + } + } + else { + s[i++] = ' '; + } + } + else if (s[i] == 0x8e) { + if (i + 1 < num) { + if (s[i + 1] >= 0xa1 && s[i + 1] <= 0xdf) { + i += 2; + } + else { + s[i++] = ' '; + s[i++] = ' '; + } + } + else { + s[i++] = ' '; + } + } + else if (s[i] == 0x8f) { + if (i + 2 < num) { + if (s[i + 1] >= 0xa1 && s[i + 1] <= 0xfe + && s[i + 2] >= 0xa1 && s[i + 2] <= 0xfe) { + i += 3; + } + else { + s[i++] = ' '; + s[i++] = ' '; + s[i++] = ' '; + } + } + else if (i + 1 < num) { + s[i++] = ' '; + s[i++] = ' '; + } + else { + s[i++] = ' '; + } + } + else { + s[i++] = ' '; + } + } +} /* * @@ -422,17 +486,24 @@ nmz_codeconv_internal(char *s) in = (uchar *)s; if (!nmz_is_lang_ja()) { /* Lang != ja */ + for (i = 0; i < strlen(s); i++) { + if (s[i] < 0x20 || s[i] >= 0x7f) { + s[i] = ' '; + } + } return 0; } for (i = 0, m = 0, n = 0, f = 0; *(in + i); i++) { if (*(in + i) == ESC) { jistoeuc(in); + check_eucjp(in); return 1; } if (*(in + i) > (uchar) '\x80') m++, f = f ? 0 : 1; else if (f) { sjistoeuc(in); + check_eucjp(in); return 1; } if (*(in + i) > (uchar) '\xa0') @@ -440,10 +511,14 @@ nmz_codeconv_internal(char *s) } if (m != n) { sjistoeuc(in); + check_eucjp(in); return 1; } - if (n) + if (n) { + check_eucjp(in); return 1; + } + check_eucjp(in); return 0; } Index: namazu-2.0.18/pltests/alltests.pl.in =================================================================== --- namazu-2.0.18.orig/pltests/alltests.pl.in +++ namazu-2.0.18/pltests/alltests.pl.in @@ -44,6 +44,7 @@ my @TESTS = ( 'namazu-cgi-7.pl', 'namazu-cgi-8.pl', 'namazu-cgi-9.pl', 'namazu-cgi-10.pl', 'namazu-cgi-12.pl', + 'ja-namazu-cgi-3.pl', 'chasen-1.pl', 'chasen-2.pl', 'chasen-3.pl', 'mecab-1.pl', 'mecab-2.pl', 'mecab-3.pl', 'kakasi-1.pl', 'kakasi-2.pl', 'kakasi-3.pl', Index: namazu-2.0.18/pltests/Makefile.am =================================================================== --- namazu-2.0.18.orig/pltests/Makefile.am +++ namazu-2.0.18/pltests/Makefile.am @@ -23,6 +23,7 @@ PROGRAM = alltests.pl pltests.pl \ namazu-cgi-7.pl namazu-cgi-8.pl \ namazu-cgi-9.pl namazu-cgi-10.pl \ namazu-cgi-12.pl \ + ja-namazu-cgi-3.pl \ chasen-1.pl chasen-2.pl chasen-3.pl \ mecab-1.pl mecab-2.pl mecab-3.pl \ kakasi-1.pl kakasi-2.pl kakasi-3.pl @@ -48,6 +49,7 @@ EXTRA_DIST = pltests.pl.in \ namazu-cgi-7.pl.in namazu-cgi-8.pl.in \ namazu-cgi-9.pl.in namazu-cgi-10.pl.in \ namazu-cgi-12.pl.in \ + ja-namazu-cgi-3.pl.in \ chasen-1.pl.in chasen-2.pl.in chasen-3.pl.in \ mecab-1.pl.in mecab-2.pl.in mecab-3.pl.in \ kakasi-1.pl.in kakasi-2.pl.in kakasi-3.pl.in @@ -283,6 +285,11 @@ namazu-cgi-12.pl: namazu-cgi-12.pl.in pl sed -e 's!%PERL%!$(PERL)!g' $(srcdir)/$@.in > $@.tmp mv $@.tmp $@ chmod +x $@ + +ja-namazu-cgi-3.pl: ja-namazu-cgi-3.pl.in pltests.pl.in Makefile + sed -e 's!%PERL%!$(PERL)!g' $(srcdir)/$@.in > $@.tmp + mv $@.tmp $@ + chmod +x $@ chasen-1.pl: chasen-1.pl.in pltests.pl.in Makefile sed -e 's!%PERL%!$(PERL)!g' $(srcdir)/$@.in > $@.tmp Index: namazu-2.0.18/pltests/Makefile.in =================================================================== --- namazu-2.0.18.orig/pltests/Makefile.in +++ namazu-2.0.18/pltests/Makefile.in @@ -158,6 +158,7 @@ PROGRAM = alltests.pl pltests.pl \ namazu-cgi-7.pl namazu-cgi-8.pl \ namazu-cgi-9.pl namazu-cgi-10.pl \ namazu-cgi-12.pl \ + ja-namazu-cgi-3.pl \ chasen-1.pl chasen-2.pl chasen-3.pl \ mecab-1.pl mecab-2.pl mecab-3.pl \ kakasi-1.pl kakasi-2.pl kakasi-3.pl @@ -184,6 +185,7 @@ EXTRA_DIST = pltests.pl.in \ namazu-cgi-7.pl.in namazu-cgi-8.pl.in \ namazu-cgi-9.pl.in namazu-cgi-10.pl.in \ namazu-cgi-12.pl.in \ + ja-namazu-cgi-3.pl.in \ chasen-1.pl.in chasen-2.pl.in chasen-3.pl.in \ mecab-1.pl.in mecab-2.pl.in mecab-3.pl.in \ kakasi-1.pl.in kakasi-2.pl.in kakasi-3.pl.in @@ -590,6 +592,11 @@ namazu-cgi-12.pl: namazu-cgi-12.pl.in pl sed -e 's!%PERL%!$(PERL)!g' $(srcdir)/$@.in > $@.tmp mv $@.tmp $@ chmod +x $@ + +ja-namazu-cgi-3.pl: ja-namazu-cgi-3.pl.in pltests.pl.in Makefile + sed -e 's!%PERL%!$(PERL)!g' $(srcdir)/$@.in > $@.tmp + mv $@.tmp $@ + chmod +x $@ chasen-1.pl: chasen-1.pl.in pltests.pl.in Makefile sed -e 's!%PERL%!$(PERL)!g' $(srcdir)/$@.in > $@.tmp Index: namazu-2.0.18/tests/Makefile.am =================================================================== --- namazu-2.0.18.orig/tests/Makefile.am +++ namazu-2.0.18/tests/Makefile.am @@ -17,7 +17,10 @@ TESTS = mknmz-1 mknmz-2 mknmz-3 mknmz-4 namazu-cgi-1 namazu-cgi-2 namazu-cgi-3 namazu-cgi-4 \ namazu-cgi-5 namazu-cgi-6 namazu-cgi-7 namazu-cgi-8 \ namazu-cgi-9 namazu-cgi-10 namazu-cgi-11 \ - ja-mknmz-1 ja-namazu-cgi-1 ja-namazu-1 + ja-mknmz-1 ja-namazu-cgi-1 \ + ja-namazu-cgi-3 ja-namazu-1 + +distclean: clean-local clean-local: rm -rf test-log tmp-data tmp.* idx[0-9]* ja-idx[0-9]* Index: namazu-2.0.18/tests/Makefile.in =================================================================== --- namazu-2.0.18.orig/tests/Makefile.in +++ namazu-2.0.18/tests/Makefile.in @@ -152,7 +152,8 @@ TESTS = mknmz-1 mknmz-2 mknmz-3 mknmz-4 namazu-cgi-1 namazu-cgi-2 namazu-cgi-3 namazu-cgi-4 \ namazu-cgi-5 namazu-cgi-6 namazu-cgi-7 namazu-cgi-8 \ namazu-cgi-9 namazu-cgi-10 namazu-cgi-11 \ - ja-mknmz-1 ja-namazu-cgi-1 ja-namazu-1 + ja-mknmz-1 ja-namazu-cgi-1 \ + ja-namazu-cgi-3 ja-namazu-1 EXTRA_DIST = $(TESTS) select-data commonfuncs @@ -465,6 +466,8 @@ uninstall-info: uninstall-info-recursive uninstall-info-recursive uninstall-recursive +distclean: clean-local + clean-local: rm -rf test-log tmp-data tmp.* idx[0-9]* ja-idx[0-9]* # Tell versions [3.59,3.63) of GNU make to not export all variables. Index: namazu-2.0.18/pltests/ja-namazu-cgi-3.pl.in =================================================================== --- /dev/null +++ namazu-2.0.18/pltests/ja-namazu-cgi-3.pl.in @@ -0,0 +1,90 @@ +#!%PERL% -w +# +# $Id: ja-namazu-cgi-3.pl.in,v 1.1.2.1 2011-07-18 13:32:49 opengl2772 Exp $ +# Copyright (C) 2007 Tadamasa Teranishi +# 2007,2011 Namazu Project All rights reserved. +# This is free software with ABSOLUTELY NO WARRANTY. +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation; either versions 2, or (at your option) +# any later version. +# +# This program is distributed in the hope that it will be useful +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA +# 02111-1307, USA +# +# This file must be encoded in EUC-JP encoding +# + +# +# Test for cross-site scripting vulnerability with IE6,IE7 and wrong EUC-JP chracter code. +# + +use strict; +require Cwd; +use File::Copy; +require 'pltests.pl'; + +my $cwd = Cwd::cwd(); +my $LOG = "$cwd/test-log"; +my $INDEX = "$cwd/idx1"; +my $NAMAZU = pltests::binpath('namazu.cgi'); +my $RC = pltests::binpath('.namazurc'); + +my @cmd; + +$ENV{'SCRIPT_NAME'} = 'namazu.cgi'; +$ENV{'QUERY_STRING'} = 'query=%8F%EF%9C/%20%8F%EF%9E%20%8F%EF%9C/'; + +pltests::putline($LOG, " *** starting $0"); + +if ($English::OSNAME eq "MSWin32" || $English::OSNAME eq "os2") { + pltests::putline($LOG, "Skipping because of MSWin32 or os2: $0"); + exit 77; +} + +if (pltests::get_lang() !~ /^ja/) { + pltests::putline($LOG, "Skipping because of LANG does not begin with ja: $0"); + exit 77; +} + +if (-f $RC) { + unlink("$RC"); +} +pltests::putline($RC, "Index $INDEX"); +pltests::duprcs($RC); + +my $ascii = '[\x00-\x7F]'; +my $twoBytes = '(?:[\x8E\xA1-\xFE][\xA1-\xFE])'; +my $threeBytes = '(?:\x8F[\xA1-\xFE][xA1-\xFE])'; +my $character = "(?:$ascii|$twoBytes|$threeBytes)"; + +@cmd = ("$NAMAZU"); +my ($staus, $result, $conts_err) = pltests::ezsyscmd(\@cmd); +$result =~ s/$character//g; +$result =~ s/[\n\r]//g; +pltests::putline($LOG, "\"$result\""); +exit 1 if $result; + +$ENV{'QUERY_STRING'} = 'query=%8F%AF%82%20'; +@cmd = ("$NAMAZU"); +($staus, $result, $conts_err) = pltests::ezsyscmd(\@cmd); +$result =~ s/$character//g; +$result =~ s/[\n\r]//g; +pltests::putline($LOG, "\"$result\""); +exit 1 if $result; + +exit 0; + +END { + if (-f $RC) { + unlink("$RC"); + } +} Index: namazu-2.0.18/tests/ja-namazu-cgi-3 =================================================================== --- /dev/null +++ namazu-2.0.18/tests/ja-namazu-cgi-3 @@ -0,0 +1,80 @@ +#! /bin/sh +# +# Test for cross-site scripting vulnerability with IE6,IE7 and wrong EUC-JP chracter code. +# +LOG=`pwd`/test-log +echo ' *** starting ' $0 >>$LOG +. ${srcdir}/commonfuncs + +EXEC=no + +lc_all=$LC_ALL +lc_ctype=$LC_CTYPE +lang=$LANG + +for ctype in "$lc_all" "$lc_ctype" "$lang"; do + if test -n "$ctype" -a "$ctype" = "C"; then + ctype="en" + break + fi + cand=`echo "$ctype" | LC_ALL="C" perl -nle 'print $1 if /^(..)/'` + if test -n "$cand"; then + ctype=$cand + break + fi +done + +case $ctype in + ja*) + EXEC=yes + ;; +esac +if [ $EXEC = 'no' ] +then + echo "Skipping because of LANG does not begin with ja: $0" >> $LOG + exit 77 +fi + +unset LANGUAGE +unset LC_ALL +unset LC_MESSAGES +unset LC_CTYPE +unset LANG + + +pwd=`pwd` +tmprc="$pwd/../src/.namazurc" +echo "Index ../tests/idx1" > $tmprc +echo "Lang ja" >> $tmprc +duprcs +cd ../src + +perl << 'TEST' >> $LOG + my $query = 'query=%8F%EF%9C/%8F%EF%9E%20%8F%EF%9C'; + $ENV{'SCRIPT_NAME'} = 'namazu.cgi'; + $ENV{'QUERY_STRING'} = $query; + my $cmd = "./namazu.cgi"; + my $result = `$cmd 2>&1`; + + my $ascii = '[\x00-\x7F]'; + my $twoBytes = '(?:[\x8E\xA1-\xFE][\xA1-\xFE])'; + my $threeBytes = '(?:\x8F[\xA1-\xFE][xA1-\xFE])'; + my $character = "(?:$ascii|$twoBytes|$threeBytes)"; + $result =~ s/$character//g; + $result =~ s/[\n\r]//g; + print "\"$result\"\n"; + exit 1 if $result; + + $query = 'query=%8F%AF%82%20'; + $ENV{'QUERY_STRING'} = $query; + $result = `$cmd 2>&1`; + $result =~ s/$character//g; + $result =~ s/[\n\r]//g; + print "\"$result\"\n"; + exit 1 if $result; + + exit 0; +TEST +result=$? +rm -f $tmprc +exit $result
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor
