File CVE-2011-2725.patch of Package kdeutils4

Overview Repositories Revisions Requests Users Attributes Meta

File CVE-2011-2725.patch of Package kdeutils4

diff -up kdeutils-4.7.2/ark/part/part.cpp.orig kdeutils-4.7.2/ark/part/part.cpp
--- kdeutils-4.7.2/ark/part/part.cpp.orig	2011-10-18 16:57:02.000000000 +0200
+++ kdeutils-4.7.2/ark/part/part.cpp	2011-10-18 16:57:45.000000000 +0200
@@ -558,8 +558,15 @@ void Part::slotPreviewExtracted(KJob *jo
     if (!job->error()) {
         const ArchiveEntry& entry =
             m_model->entryForIndex(m_view->selectionModel()->currentIndex());
-        const QString fullName =
-            m_previewDir->name() + QLatin1Char( '/' ) + entry[ FileName ].toString();
+
+        QString fullName =
+            m_previewDir->name() + QLatin1Char('/') + entry[FileName].toString();
+
+        // Make sure a maliciously crafted archive with parent folders named ".." do
+        // not cause the previewed file path to be located outside the temporary
+        // directory, resulting in a directory traversal issue.
+        fullName.remove(QLatin1String("../"));
+
         ArkViewer::view(fullName, widget());
     } else {
         KMessageBox::error(widget(), job->errorString());

Places

File CVE-2011-2725.patch of Package kdeutils4

Places