File fix-CVE-2014-8600-kioslave-bookmarks.patch of Package kdebase4-runtime.1406
From: Martin Sandsmark <martin.sandsmark@kde.org>
Date: Thu, 13 Nov 2014 12:29:01 +0000
Subject: Sanitize path
X-Git-Tag: v14.11.95
X-Git-Url: http://quickgit.kde.org/?p=kde-runtime.git&a=commitdiff&h=d68703900edc8416fbcd2550cd336cbbb76decb9
---
Sanitize path
---
--- a/kioslave/bookmarks/kio_bookmarks.cpp
+++ b/kioslave/bookmarks/kio_bookmarks.cpp
@@ -22,6 +22,7 @@
#include <stdlib.h>
#include <qregexp.h>
+#include <qtextdocument.h>
#include <kapplication.h>
#include <kcmdlineargs.h>
@@ -197,7 +198,7 @@
echoImage(regexp.cap(1), regexp.cap(2), url.queryItem("size"));
} else {
echoHead();
- echo("<p class=\"message\">" + i18n("Wrong request: %1",path) + "</p>");
+ echo("<p class=\"message\">" + i18n("Bad request: %1", Qt::escape(Qt::escape(url.prettyUrl()))) + "</p>");
}
finished();
}
