You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
118 lines
5.4 KiB
118 lines
5.4 KiB
From a06cef31cc4c908bc9b76bd9d103fe9c60e0953f Mon Sep 17 00:00:00 2001
|
|
From: Montel Laurent <montel@kde.org>
|
|
Date: Tue, 11 Oct 2016 11:11:08 +0200
|
|
Subject: [PATCH] Add more autotests
|
|
|
|
---
|
|
autotests/ktexttohtmltest.cpp | 15 +++++++++++++++
|
|
1 file changed, 15 insertions(+)
|
|
|
|
diff --git a/autotests/ktexttohtmltest.cpp b/autotests/ktexttohtmltest.cpp
|
|
index c5690e8..0179a00 100644
|
|
--- a/autotests/ktexttohtmltest.cpp
|
|
+++ b/autotests/ktexttohtmltest.cpp
|
|
@@ -392,6 +392,21 @@ void KTextToHTMLTest::testHtmlConvert_data()
|
|
<< KTextToHTML::Options(KTextToHTML::PreserveSpaces)
|
|
<< "https://\"><!--";
|
|
|
|
+ QTest::newRow("url-exec-html-2") << "https://192.168.1.1:\"><!--"
|
|
+ << KTextToHTML::Options(KTextToHTML::PreserveSpaces)
|
|
+ << "https://192.168.1.1:\"><!--";
|
|
+
|
|
+ QTest::newRow("url-exec-html-3") << "https://<IP>:\"><!--"
|
|
+ << KTextToHTML::Options(KTextToHTML::PreserveSpaces)
|
|
+ << "https://<IP>:\"><!--";
|
|
+
|
|
+ QTest::newRow("url-exec-html-4") << "https://<IP>:/\"><!--"
|
|
+ << KTextToHTML::Options(KTextToHTML::PreserveSpaces)
|
|
+ << "https://<IP>:/\"><!--";
|
|
+
|
|
+ QTest::newRow("url-exec-html-5") << "https://<IP>:/\"><script>alert(1);</script><!--"
|
|
+ << KTextToHTML::Options(KTextToHTML::PreserveSpaces)
|
|
+ << "https://<IP>:/\"><script>alert(1);</script><!--";
|
|
}
|
|
|
|
|
|
--
|
|
2.7.3
|
|
|
|
From 5e13d2439dbf540fdc840f0b0ab5b3ebf6642c6a Mon Sep 17 00:00:00 2001
|
|
From: Montel Laurent <montel@kde.org>
|
|
Date: Tue, 11 Oct 2016 11:40:10 +0200
|
|
Subject: [PATCH] Display bad url
|
|
|
|
---
|
|
autotests/ktexttohtmltest.cpp | 14 +++++++++-----
|
|
src/lib/text/ktexttohtml.cpp | 18 +++++++++++++++++-
|
|
2 files changed, 26 insertions(+), 6 deletions(-)
|
|
|
|
diff --git a/autotests/ktexttohtmltest.cpp b/autotests/ktexttohtmltest.cpp
|
|
index 0179a00..ccac29a 100644
|
|
--- a/autotests/ktexttohtmltest.cpp
|
|
+++ b/autotests/ktexttohtmltest.cpp
|
|
@@ -390,23 +390,27 @@ void KTextToHTMLTest::testHtmlConvert_data()
|
|
//Fix url exploit
|
|
QTest::newRow("url-exec-html") << "https://\"><!--"
|
|
<< KTextToHTML::Options(KTextToHTML::PreserveSpaces)
|
|
- << "https://\"><!--";
|
|
+ << "https://"><!--";
|
|
|
|
QTest::newRow("url-exec-html-2") << "https://192.168.1.1:\"><!--"
|
|
<< KTextToHTML::Options(KTextToHTML::PreserveSpaces)
|
|
- << "https://192.168.1.1:\"><!--";
|
|
+ << "https://192.168.1.1:"><!--";
|
|
|
|
QTest::newRow("url-exec-html-3") << "https://<IP>:\"><!--"
|
|
<< KTextToHTML::Options(KTextToHTML::PreserveSpaces)
|
|
- << "https://<IP>:\"><!--";
|
|
+ << "https://<IP>:"><!--";
|
|
|
|
QTest::newRow("url-exec-html-4") << "https://<IP>:/\"><!--"
|
|
<< KTextToHTML::Options(KTextToHTML::PreserveSpaces)
|
|
- << "https://<IP>:/\"><!--";
|
|
+ << "https://<IP>:/"><!--";
|
|
|
|
QTest::newRow("url-exec-html-5") << "https://<IP>:/\"><script>alert(1);</script><!--"
|
|
<< KTextToHTML::Options(KTextToHTML::PreserveSpaces)
|
|
- << "https://<IP>:/\"><script>alert(1);</script><!--";
|
|
+ << "https://<IP>:/"><script>alert(1);</script><!--";
|
|
+
|
|
+ QTest::newRow("url-exec-html-6") << "https://<IP>:/\"><script>alert(1);</script><!--\nTest2"
|
|
+ << KTextToHTML::Options(KTextToHTML::PreserveSpaces)
|
|
+ << "https://<IP>:/"><script>alert(1);</script><!--\nTest2";
|
|
}
|
|
|
|
|
|
diff --git a/src/lib/text/ktexttohtml.cpp b/src/lib/text/ktexttohtml.cpp
|
|
index 97c5eab..30e0b5d 100644
|
|
--- a/src/lib/text/ktexttohtml.cpp
|
|
+++ b/src/lib/text/ktexttohtml.cpp
|
|
@@ -423,7 +423,23 @@ QString KTextToHTML::convertToHtml(const QString &plainText, const KTextToHTML::
|
|
bool badUrl = false;
|
|
str = helper.getUrl(&badUrl);
|
|
if (badUrl) {
|
|
- return helper.mText;
|
|
+ QString resultBadUrl;
|
|
+ const int helperTextSize(helper.mText.count());
|
|
+ for (int i = 0; i < helperTextSize; ++i) {
|
|
+ const QChar chBadUrl = helper.mText[i];
|
|
+ if (chBadUrl == QLatin1Char('&')) {
|
|
+ resultBadUrl += QLatin1String("&");
|
|
+ } else if (chBadUrl == QLatin1Char('"')) {
|
|
+ resultBadUrl += QLatin1String(""");
|
|
+ } else if (chBadUrl == QLatin1Char('<')) {
|
|
+ resultBadUrl += QLatin1String("<");
|
|
+ } else if (chBadUrl == QLatin1Char('>')) {
|
|
+ resultBadUrl += QLatin1String(">");
|
|
+ } else {
|
|
+ resultBadUrl += chBadUrl;
|
|
+ }
|
|
+ }
|
|
+ return resultBadUrl;
|
|
}
|
|
if (!str.isEmpty()) {
|
|
QString hyperlink;
|
|
--
|
|
2.7.3
|
|
|