gentoo resync : 02.02.2022

1 files changed, 104 insertions, 0 deletions

diff --git a/kde-frameworks/ktexteditor/files/ktexteditor-5.90.0-CVE-2022-23853-1.patch b/kde-frameworks/ktexteditor/files/ktexteditor-5.90.0-CVE-2022-23853-1.patch
new file mode 100644
index 000000000000..854cf0da4b2e
--- /dev/null
+++ b/kde-frameworks/ktexteditor/files/ktexteditor-5.90.0-CVE-2022-23853-1.patch
@@ -0,0 +1,104 @@
+From 804e49444c093fe58ec0df2ab436565e50dc147e Mon Sep 17 00:00:00 2001
+From: Christoph Cullmann <cullmann@kde.org>
+Date: Thu, 20 Jan 2022 09:46:34 +0100
+Subject: [PATCH] only start programs in user's path
+
+don't use QProcess with just program name
+first search the right program in the user's path
+---
+ src/document/katedocument.cpp        | 29 ++++++++++++++++------------
+ src/swapfile/kateswapdiffcreator.cpp | 17 ++++++++++++----
+ 2 files changed, 30 insertions(+), 16 deletions(-)
+
+diff --git a/src/document/katedocument.cpp b/src/document/katedocument.cpp
+index 01f74da1..05d0e91b 100644
+--- a/src/document/katedocument.cpp
++++ b/src/document/katedocument.cpp
+@@ -72,6 +72,7 @@
+ #include <QMimeDatabase>
+ #include <QProcess>
+ #include <QRegularExpression>
++#include <QStandardPaths>
+ #include <QTemporaryFile>
+ #include <QTextCodec>
+ #include <QTextStream>
+@@ -5054,18 +5055,22 @@ void KTextEditor::DocumentPrivate::slotDelayedHandleModOnHd()
+         // skip that, if document is modified!
+         // only do that, if the file is still there, else reload makes no sense!
+         if (m_modOnHd && !isModified() && QFile::exists(url().toLocalFile())) {
+-            QProcess git;
+-            const QStringList args{QStringLiteral("cat-file"), QStringLiteral("-e"), QString::fromUtf8(oldDigest)};
+-            git.start(QStringLiteral("git"), args);
+-            if (git.waitForStarted()) {
+-                git.closeWriteChannel();
+-                if (git.waitForFinished()) {
+-                    if (git.exitCode() == 0) {
+-                        // this hash exists still in git => just reload
+-                        m_modOnHd = false;
+-                        m_modOnHdReason = OnDiskUnmodified;
+-                        m_prevModOnHdReason = OnDiskUnmodified;
+-                        documentReload();
++            // we only want to use git from PATH, cache this
++            static const QString fullGitPath = QStandardPaths::findExecutable(QStringLiteral("git"));
++            if (!fullGitPath.isEmpty()) {
++                QProcess git;
++                const QStringList args{QStringLiteral("cat-file"), QStringLiteral("-e"), QString::fromUtf8(oldDigest)};
++                git.start(fullGitPath, args);
++                if (git.waitForStarted()) {
++                    git.closeWriteChannel();
++                    if (git.waitForFinished()) {
++                        if (git.exitCode() == 0) {
++                            // this hash exists still in git => just reload
++                            m_modOnHd = false;
++                            m_modOnHdReason = OnDiskUnmodified;
++                            m_prevModOnHdReason = OnDiskUnmodified;
++                            documentReload();
++                        }
+                     }
+                 }
+             }
+diff --git a/src/swapfile/kateswapdiffcreator.cpp b/src/swapfile/kateswapdiffcreator.cpp
+index 5c515c45..a185123a 100644
+--- a/src/swapfile/kateswapdiffcreator.cpp
++++ b/src/swapfile/kateswapdiffcreator.cpp
+@@ -14,6 +14,7 @@
+ #include <KMessageBox>
+ 
+ #include <QDir>
++#include <QStandardPaths>
+ #include <QTextCodec>
+ 
+ // BEGIN SwapDiffCreator
+@@ -85,17 +86,25 @@ void SwapDiffCreator::viewDiff()
+     connect(&m_proc, &QProcess::readyRead, this, &SwapDiffCreator::slotDataAvailable, Qt::UniqueConnection);
+     connect(&m_proc, &QProcess::finished, this, &SwapDiffCreator::slotDiffFinished, Qt::UniqueConnection);
+ 
+-    // try to start diff process, if we can't be started be done with error
+-    m_proc.start(QStringLiteral("diff"), QStringList() << QStringLiteral("-u") << m_originalFile.fileName() << m_recoveredFile.fileName());
+-    if (!m_proc.waitForStarted()) {
++    // use diff from PATH only => inform if not found at all
++    const QString fullDiffPath = QStandardPaths::findExecutable(QStringLiteral("diff"));
++    if (fullDiffPath.isEmpty()) {
+         KMessageBox::sorry(nullptr,
+-                           i18n("The diff command could not be started. Please make sure that "
++                           i18n("The diff command could not be found. Please make sure that "
+                                 "diff(1) is installed and in your PATH."),
+                            i18n("Error Creating Diff"));
+         deleteLater();
+         return;
+     }
+ 
++    // try to start the diff program, might fail, too
++    m_proc.start(fullDiffPath, QStringList() << QStringLiteral("-u") << m_originalFile.fileName() << m_recoveredFile.fileName());
++    if (!m_proc.waitForStarted()) {
++        KMessageBox::sorry(nullptr, i18n("The diff command '%1' could not be started.").arg(fullDiffPath), i18n("Error Creating Diff"));
++        deleteLater();
++        return;
++    }
++
+     // process is up and running, we can write data to it
+     QTextStream ts(&m_proc);
+     int lineCount = recoverDoc.lines();
+-- 
+GitLab
+