You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
198 lines
7.7 KiB
198 lines
7.7 KiB
diff --git a/autotests/ktexttohtmltest.cpp b/autotests/ktexttohtmltest.cpp
|
|
index 474f0ca..8fc0c56 100644
|
|
--- a/autotests/ktexttohtmltest.cpp
|
|
+++ b/autotests/ktexttohtmltest.cpp
|
|
@@ -30,6 +30,15 @@ QTEST_MAIN(KTextToHTMLTest)
|
|
|
|
Q_DECLARE_METATYPE(KTextToHTML::Options)
|
|
|
|
+#ifndef Q_OS_WIN
|
|
+void initLocale()
|
|
+{
|
|
+ setenv("LC_ALL", "en_US.utf-8", 1);
|
|
+}
|
|
+Q_CONSTRUCTOR_FUNCTION(initLocale)
|
|
+#endif
|
|
+
|
|
+
|
|
void KTextToHTMLTest::testGetEmailAddress()
|
|
{
|
|
// empty input
|
|
@@ -372,6 +381,11 @@ void KTextToHTMLTest::testHtmlConvert_data()
|
|
QTest::newRow("url-in-parenthesis-3") << "bla (http://www.kde.org - section 5.2)"
|
|
<< KTextToHTML::Options(KTextToHTML::PreserveSpaces)
|
|
<< "bla (<a href=\"http://www.kde.org\">http://www.kde.org</a> - section 5.2)";
|
|
+
|
|
+ // Fix url as foo <<url> <url>> when we concatened them.
|
|
+ QTest::newRow("url-with-url") << "foo <http://www.kde.org/ <http://www.kde.org/>>"
|
|
+ << KTextToHTML::Options(KTextToHTML::PreserveSpaces)
|
|
+ << "foo <<a href=\"http://www.kde.org/ \">http://www.kde.org/ </a><<a href=\"http://www.kde.org/\">http://www.kde.org/</a>>>";
|
|
}
|
|
|
|
|
|
diff --git a/src/lib/text/ktexttohtml.cpp b/src/lib/text/ktexttohtml.cpp
|
|
index b5e1bda..c70d062 100644
|
|
--- a/src/lib/text/ktexttohtml.cpp
|
|
+++ b/src/lib/text/ktexttohtml.cpp
|
|
@@ -228,11 +228,19 @@ QString KTextToHTMLHelper::getUrl()
|
|
|
|
url.reserve(mMaxUrlLen); // avoid allocs
|
|
int start = mPos;
|
|
+ bool previousCharIsSpace = false;
|
|
while ((mPos < mText.length()) &&
|
|
(mText[mPos].isPrint() || mText[mPos].isSpace()) &&
|
|
((afterUrl.isNull() && !mText[mPos].isSpace()) ||
|
|
(!afterUrl.isNull() && mText[mPos] != afterUrl))) {
|
|
- if (!mText[mPos].isSpace()) { // skip whitespace
|
|
+ if (mText[mPos].isSpace()) {
|
|
+ previousCharIsSpace = true;
|
|
+ } else { // skip whitespace
|
|
+ if (previousCharIsSpace && mText[mPos] == QLatin1Char('<')) {
|
|
+ url.append(QLatin1Char(' '));
|
|
+ break;
|
|
+ }
|
|
+ previousCharIsSpace = false;
|
|
url.append(mText[mPos]);
|
|
if (url.length() > mMaxUrlLen) {
|
|
break;
|
|
@@ -267,7 +275,6 @@ QString KTextToHTMLHelper::getUrl()
|
|
}
|
|
} while (url.length() > 1);
|
|
}
|
|
-
|
|
return url;
|
|
}
|
|
|
|
@@ -334,6 +341,7 @@ QString KTextToHTML::convertToHtml(const QString &plainText, const KTextToHTML::
|
|
QChar ch;
|
|
int x;
|
|
bool startOfLine = true;
|
|
+ //qDebug()<<" plainText"<<plainText;
|
|
|
|
for (helper.mPos = 0, x = 0; helper.mPos < helper.mText.length();
|
|
++helper.mPos, ++x) {
|
|
@@ -402,6 +410,7 @@ QString KTextToHTML::convertToHtml(const QString &plainText, const KTextToHTML::
|
|
const int start = helper.mPos;
|
|
if (!(flags & IgnoreUrls)) {
|
|
str = helper.getUrl();
|
|
+ //qDebug()<<" str"<<str;
|
|
if (!str.isEmpty()) {
|
|
QString hyperlink;
|
|
if (str.left(4) == QLatin1String("www.")) {
|
|
@@ -455,6 +464,7 @@ QString KTextToHTML::convertToHtml(const QString &plainText, const KTextToHTML::
|
|
|
|
result = helper.emoticonsInterface()->parseEmoticons(result, true, exclude);
|
|
}
|
|
+ //qDebug()<<" result "<<result;
|
|
|
|
return result;
|
|
}
|
|
diff --git a/autotests/ktexttohtmltest.cpp b/autotests/ktexttohtmltest.cpp
|
|
index 8fc0c56..c5690e8 100644
|
|
--- a/autotests/ktexttohtmltest.cpp
|
|
+++ b/autotests/ktexttohtmltest.cpp
|
|
@@ -386,6 +386,12 @@ void KTextToHTMLTest::testHtmlConvert_data()
|
|
QTest::newRow("url-with-url") << "foo <http://www.kde.org/ <http://www.kde.org/>>"
|
|
<< KTextToHTML::Options(KTextToHTML::PreserveSpaces)
|
|
<< "foo <<a href=\"http://www.kde.org/ \">http://www.kde.org/ </a><<a href=\"http://www.kde.org/\">http://www.kde.org/</a>>>";
|
|
+
|
|
+ //Fix url exploit
|
|
+ QTest::newRow("url-exec-html") << "https://\"><!--"
|
|
+ << KTextToHTML::Options(KTextToHTML::PreserveSpaces)
|
|
+ << "https://\"><!--";
|
|
+
|
|
}
|
|
|
|
|
|
diff --git a/src/lib/text/ktexttohtml.cpp b/src/lib/text/ktexttohtml.cpp
|
|
index c70d062..97c5eab 100644
|
|
--- a/src/lib/text/ktexttohtml.cpp
|
|
+++ b/src/lib/text/ktexttohtml.cpp
|
|
@@ -156,7 +156,6 @@ bool KTextToHTMLHelper::atUrl()
|
|
(allowedSpecialChars.indexOf(mText[mPos - 1]) != -1))) {
|
|
return false;
|
|
}
|
|
-
|
|
QChar ch = mText[mPos];
|
|
return
|
|
(ch == QLatin1Char('h') && (mText.mid(mPos, 7) == QLatin1String("http://") ||
|
|
@@ -192,7 +191,7 @@ bool KTextToHTMLHelper::isEmptyUrl(const QString &url)
|
|
url == QLatin1String("news://");
|
|
}
|
|
|
|
-QString KTextToHTMLHelper::getUrl()
|
|
+QString KTextToHTMLHelper::getUrl(bool *badurl)
|
|
{
|
|
QString url;
|
|
if (atUrl()) {
|
|
@@ -229,6 +228,7 @@ QString KTextToHTMLHelper::getUrl()
|
|
url.reserve(mMaxUrlLen); // avoid allocs
|
|
int start = mPos;
|
|
bool previousCharIsSpace = false;
|
|
+ bool previousCharIsADoubleQuote = false;
|
|
while ((mPos < mText.length()) &&
|
|
(mText[mPos].isPrint() || mText[mPos].isSpace()) &&
|
|
((afterUrl.isNull() && !mText[mPos].isSpace()) ||
|
|
@@ -241,6 +241,18 @@ QString KTextToHTMLHelper::getUrl()
|
|
break;
|
|
}
|
|
previousCharIsSpace = false;
|
|
+ if (mText[mPos] == QLatin1Char('>') && previousCharIsADoubleQuote) {
|
|
+ //it's an invalid url
|
|
+ if (badurl) {
|
|
+ *badurl = true;
|
|
+ }
|
|
+ return QString();
|
|
+ }
|
|
+ if (mText[mPos] == QLatin1Char('"')) {
|
|
+ previousCharIsADoubleQuote = true;
|
|
+ } else {
|
|
+ previousCharIsADoubleQuote = false;
|
|
+ }
|
|
url.append(mText[mPos]);
|
|
if (url.length() > mMaxUrlLen) {
|
|
break;
|
|
@@ -341,7 +353,6 @@ QString KTextToHTML::convertToHtml(const QString &plainText, const KTextToHTML::
|
|
QChar ch;
|
|
int x;
|
|
bool startOfLine = true;
|
|
- //qDebug()<<" plainText"<<plainText;
|
|
|
|
for (helper.mPos = 0, x = 0; helper.mPos < helper.mText.length();
|
|
++helper.mPos, ++x) {
|
|
@@ -409,8 +420,11 @@ QString KTextToHTML::convertToHtml(const QString &plainText, const KTextToHTML::
|
|
} else {
|
|
const int start = helper.mPos;
|
|
if (!(flags & IgnoreUrls)) {
|
|
- str = helper.getUrl();
|
|
- //qDebug()<<" str"<<str;
|
|
+ bool badUrl = false;
|
|
+ str = helper.getUrl(&badUrl);
|
|
+ if (badUrl) {
|
|
+ return helper.mText;
|
|
+ }
|
|
if (!str.isEmpty()) {
|
|
QString hyperlink;
|
|
if (str.left(4) == QLatin1String("www.")) {
|
|
@@ -464,7 +478,6 @@ QString KTextToHTML::convertToHtml(const QString &plainText, const KTextToHTML::
|
|
|
|
result = helper.emoticonsInterface()->parseEmoticons(result, true, exclude);
|
|
}
|
|
- //qDebug()<<" result "<<result;
|
|
|
|
return result;
|
|
}
|
|
diff --git a/src/lib/text/ktexttohtml_p.h b/src/lib/text/ktexttohtml_p.h
|
|
index 74ad7a0..fc43613 100644
|
|
--- a/src/lib/text/ktexttohtml_p.h
|
|
+++ b/src/lib/text/ktexttohtml_p.h
|
|
@@ -49,7 +49,7 @@ public:
|
|
QString getEmailAddress();
|
|
bool atUrl();
|
|
bool isEmptyUrl(const QString &url);
|
|
- QString getUrl();
|
|
+ QString getUrl(bool *badurl = Q_NULLPTR);
|
|
QString pngToDataUrl(const QString &pngPath);
|
|
QString highlightedText();
|
|
|