File xmlgraphics-batik-CVE-2019-17566.patch of Package xmlgraphics-batik.15494
--- batik-1.10/batik-svgrasterizer/src/main/java/org/apache/batik/apps/rasterizer/Main.java 2018-05-11 13:45:44.000000000 +0200
+++ batik-1.10/batik-svgrasterizer/src/main/java/org/apache/batik/apps/rasterizer/Main.java 2020-06-16 17:14:43.603968449 +0200
@@ -501,6 +501,12 @@
public static String CL_OPTION_CONSTRAIN_SCRIPT_ORIGIN_DESCRIPTION
= Messages.get("Main.cl.option.constrain.script.origin.description", "No description");
+ public static String CL_OPTION_BLOCK_EXTERNAL_RESOURCES
+ = Messages.get("Main.cl.option.block.external.resources", "-blockExternalResources");
+
+ public static String CL_OPTION_BLOCK_EXTERNAL_RESOURCES_DESCRIPTION
+ = Messages.get("Main.cl.option.block.external.resources.description", "No description");
+
/**
* Option to turn off secure execution of scripts
*/
@@ -829,6 +835,17 @@
return CL_OPTION_SECURITY_OFF_DESCRIPTION;
}
});
+
+ optionMap.put(CL_OPTION_BLOCK_EXTERNAL_RESOURCES,
+ new NoValueOptionHandler(){
+ public void handleOption(SVGConverter c){
+ c.allowExternalResources = false;
+ }
+
+ public String getOptionDescription(){
+ return CL_OPTION_BLOCK_EXTERNAL_RESOURCES_DESCRIPTION;
+ }
+ });
}
/**
--- batik-1.10/batik-svgrasterizer/src/main/java/org/apache/batik/apps/rasterizer/SVGConverter.java 2018-05-11 13:45:44.000000000 +0200
+++ batik-1.10/batik-svgrasterizer/src/main/java/org/apache/batik/apps/rasterizer/SVGConverter.java 2020-06-16 17:15:10.583969053 +0200
@@ -253,6 +253,8 @@
the document which references them. */
protected boolean constrainScriptOrigin = true;
+ protected boolean allowExternalResources = true;
+
/** Controls whether scripts should be run securely or not */
protected boolean securityOff = false;
@@ -925,6 +927,10 @@
map.put(ImageTranscoder.KEY_CONSTRAIN_SCRIPT_ORIGIN, Boolean.FALSE);
}
+ if (!allowExternalResources) {
+ map.put(ImageTranscoder.KEY_ALLOW_EXTERNAL_RESOURCES, Boolean.FALSE);
+ }
+
return map;
}
--- batik-1.10/batik-transcoder/src/main/java/org/apache/batik/transcoder/SVGAbstractTranscoder.java 2018-05-11 13:45:44.000000000 +0200
+++ batik-1.10/batik-transcoder/src/main/java/org/apache/batik/transcoder/SVGAbstractTranscoder.java 2020-06-16 17:15:37.591969657 +0200
@@ -33,8 +33,10 @@
import org.apache.batik.bridge.BridgeContext;
import org.apache.batik.bridge.BridgeException;
import org.apache.batik.bridge.DefaultScriptSecurity;
+import org.apache.batik.bridge.ExternalResourceSecurity;
import org.apache.batik.bridge.GVTBuilder;
import org.apache.batik.bridge.NoLoadScriptSecurity;
+import org.apache.batik.bridge.NoLoadExternalResourceSecurity;
import org.apache.batik.bridge.RelaxedScriptSecurity;
import org.apache.batik.bridge.SVGUtilities;
import org.apache.batik.bridge.ScriptSecurity;
@@ -877,6 +879,9 @@
= new BooleanKey();
+ public static final TranscodingHints.Key KEY_ALLOW_EXTERNAL_RESOURCES
+ = new BooleanKey();
+
/**
* A user agent implementation for <code>PrintTranscoder</code>.
*/
@@ -1109,5 +1114,19 @@
}
}
+ public ExternalResourceSecurity getExternalResourceSecurity(ParsedURL resourceURL, ParsedURL docURL) {
+ if (isAllowExternalResources()) {
+ return super.getExternalResourceSecurity(resourceURL, docURL);
+ }
+ return new NoLoadExternalResourceSecurity();
+ }
+
+ public boolean isAllowExternalResources() {
+ Boolean b = (Boolean)SVGAbstractTranscoder.this.hints.get(KEY_ALLOW_EXTERNAL_RESOURCES);
+ if (b != null) {
+ return b;
+ }
+ return true;
+ }
}
}
