1 files changed, 35 insertions, 0 deletions

diff --git a/http/kazehakase/CVE-2007-1084.dpatch b/http/kazehakase/CVE-2007-1084.dpatch
new file mode 100644
index 0000000000..cbfa22faa4
--- /dev/null
+++ b/http/kazehakase/CVE-2007-1084.dpatch
@@ -0,0 +1,35 @@
+#! /bin/sh /usr/share/dpatch/dpatch-run
+## CVE-2007-1084.dpatch by Yavor Doganov <yavor@gnu.org>
+##
+## DP: Do not allow bookmarks with data:/javascript: URIs (CVE-2007-1084).
+
+@DPATCH@
+diff -urNad kazehakase-0.5.8~/src/actions/kz-actions.c kazehakase-0.5.8/src/actions/kz-actions.c
+--- kazehakase-0.5.8~/src/actions/kz-actions.c	2009-12-07 19:04:58.000000000 +0200
++++ kazehakase-0.5.8/src/actions/kz-actions.c	2009-12-07 19:08:12.000000000 +0200
+@@ -1010,6 +1010,25 @@
+ 
+ 	if (!uri) return;
+ 
++	/* Refuse to add a bookmark if the URI is data:/javascript:
++	   (CVE-2007-1084).  */
++	if (g_str_has_prefix(uri, "data:")
++	    || g_str_has_prefix(uri, "javascript:"))
++		{
++			GtkWidget *dialog;
++
++			dialog = gtk_message_dialog_new(NULL,
++							GTK_DIALOG_DESTROY_WITH_PARENT,
++							GTK_MESSAGE_WARNING,
++							GTK_BUTTONS_CLOSE,
++							_("Adding this bookmark is disallowed for security reasons."));
++			gtk_window_set_title(GTK_WINDOW(dialog),
++					     _("Security Warning"));
++			gtk_dialog_run(GTK_DIALOG(dialog));
++			gtk_widget_destroy(dialog);
++			return;
++		}
++
+ 	bookmark = kz_bookmark_new_with_attrs(title, uri, desc);
+ 	/* FIXME! show dialog */
+ 	if (sibling)