Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
openSUSE:12.2:ARM
kdelibs3
kdelibs-3.5.10-cve-2009-1698.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File kdelibs-3.5.10-cve-2009-1698.patch of Package kdelibs3
diff -ur kdelibs-3.5.10/khtml/css/cssparser.cpp kdelibs-3.5.10-cve-2009-1698/khtml/css/cssparser.cpp --- kdelibs-3.5.10/khtml/css/cssparser.cpp 2007-01-15 12:34:04.000000000 +0100 +++ kdelibs-3.5.10-cve-2009-1698/khtml/css/cssparser.cpp 2009-07-26 05:46:39.000000000 +0200 @@ -1344,6 +1344,14 @@ if ( args->size() != 1) return false; Value *a = args->current(); + if (a->unit != CSSPrimitiveValue::CSS_IDENT) { + isValid=false; + break; + } + if (qString(a->string)[0] == '-') { + isValid=false; + break; + } parsedValue = new CSSPrimitiveValueImpl(domString(a->string), CSSPrimitiveValue::CSS_ATTR); } else @@ -1396,7 +1404,8 @@ CounterImpl *counter = new CounterImpl; Value *i = args->current(); -// if (i->unit != CSSPrimitiveValue::CSS_IDENT) goto invalid; + if (i->unit != CSSPrimitiveValue::CSS_IDENT) goto invalid; + if (qString(i->string)[0] == '-') goto invalid; counter->m_identifier = domString(i->string); if (counters) { i = args->next(); diff -ur kdelibs-3.5.10/khtml/css/css_valueimpl.cpp kdelibs-3.5.10-cve-2009-1698/khtml/css/css_valueimpl.cpp --- kdelibs-3.5.10/khtml/css/css_valueimpl.cpp 2006-07-22 10:16:49.000000000 +0200 +++ kdelibs-3.5.10-cve-2009-1698/khtml/css/css_valueimpl.cpp 2009-07-26 05:45:36.000000000 +0200 @@ -736,7 +736,9 @@ text = getValueName(m_value.ident); break; case CSSPrimitiveValue::CSS_ATTR: - // ### + text = "attr("; + text += DOMString( m_value.string ); + text += ")"; break; case CSSPrimitiveValue::CSS_COUNTER: text = "counter(";
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor
