From fcc5224904648a8e6eb528d7603154160a20022f Mon Sep 17 00:00:00 2001 From: V3n3RiX Date: Wed, 2 Feb 2022 01:39:05 +0000 Subject: gentoo resync : 02.02.2022 --- .../ktexteditor-5.90.0-CVE-2022-23853-1.patch | 104 ++++++++++++++++ .../ktexteditor-5.90.0-CVE-2022-23853-2.patch | 55 ++++++++ .../files/ktexteditor-5.90.0-KDEBUG-447972.patch | 26 ++++ .../files/ktexteditor-5.90.0-revert-5dce70a9.patch | 138 +++++++++++++++++++++ 4 files changed, 323 insertions(+) create mode 100644 kde-frameworks/ktexteditor/files/ktexteditor-5.90.0-CVE-2022-23853-1.patch create mode 100644 kde-frameworks/ktexteditor/files/ktexteditor-5.90.0-CVE-2022-23853-2.patch create mode 100644 kde-frameworks/ktexteditor/files/ktexteditor-5.90.0-KDEBUG-447972.patch create mode 100644 kde-frameworks/ktexteditor/files/ktexteditor-5.90.0-revert-5dce70a9.patch (limited to 'kde-frameworks/ktexteditor/files') diff --git a/kde-frameworks/ktexteditor/files/ktexteditor-5.90.0-CVE-2022-23853-1.patch b/kde-frameworks/ktexteditor/files/ktexteditor-5.90.0-CVE-2022-23853-1.patch new file mode 100644 index 000000000000..854cf0da4b2e --- /dev/null +++ b/kde-frameworks/ktexteditor/files/ktexteditor-5.90.0-CVE-2022-23853-1.patch @@ -0,0 +1,104 @@ +From 804e49444c093fe58ec0df2ab436565e50dc147e Mon Sep 17 00:00:00 2001 +From: Christoph Cullmann +Date: Thu, 20 Jan 2022 09:46:34 +0100 +Subject: [PATCH] only start programs in user's path + +don't use QProcess with just program name +first search the right program in the user's path +--- + src/document/katedocument.cpp | 29 ++++++++++++++++------------ + src/swapfile/kateswapdiffcreator.cpp | 17 ++++++++++++---- + 2 files changed, 30 insertions(+), 16 deletions(-) + +diff --git a/src/document/katedocument.cpp b/src/document/katedocument.cpp +index 01f74da1..05d0e91b 100644 +--- a/src/document/katedocument.cpp ++++ b/src/document/katedocument.cpp +@@ -72,6 +72,7 @@ + #include + #include + #include ++#include + #include + #include + #include +@@ -5054,18 +5055,22 @@ void KTextEditor::DocumentPrivate::slotDelayedHandleModOnHd() + // skip that, if document is modified! + // only do that, if the file is still there, else reload makes no sense! + if (m_modOnHd && !isModified() && QFile::exists(url().toLocalFile())) { +- QProcess git; +- const QStringList args{QStringLiteral("cat-file"), QStringLiteral("-e"), QString::fromUtf8(oldDigest)}; +- git.start(QStringLiteral("git"), args); +- if (git.waitForStarted()) { +- git.closeWriteChannel(); +- if (git.waitForFinished()) { +- if (git.exitCode() == 0) { +- // this hash exists still in git => just reload +- m_modOnHd = false; +- m_modOnHdReason = OnDiskUnmodified; +- m_prevModOnHdReason = OnDiskUnmodified; +- documentReload(); ++ // we only want to use git from PATH, cache this ++ static const QString fullGitPath = QStandardPaths::findExecutable(QStringLiteral("git")); ++ if (!fullGitPath.isEmpty()) { ++ QProcess git; ++ const QStringList args{QStringLiteral("cat-file"), QStringLiteral("-e"), QString::fromUtf8(oldDigest)}; ++ git.start(fullGitPath, args); ++ if (git.waitForStarted()) { ++ git.closeWriteChannel(); ++ if (git.waitForFinished()) { ++ if (git.exitCode() == 0) { ++ // this hash exists still in git => just reload ++ m_modOnHd = false; ++ m_modOnHdReason = OnDiskUnmodified; ++ m_prevModOnHdReason = OnDiskUnmodified; ++ documentReload(); ++ } + } + } + } +diff --git a/src/swapfile/kateswapdiffcreator.cpp b/src/swapfile/kateswapdiffcreator.cpp +index 5c515c45..a185123a 100644 +--- a/src/swapfile/kateswapdiffcreator.cpp ++++ b/src/swapfile/kateswapdiffcreator.cpp +@@ -14,6 +14,7 @@ + #include + + #include ++#include + #include + + // BEGIN SwapDiffCreator +@@ -85,17 +86,25 @@ void SwapDiffCreator::viewDiff() + connect(&m_proc, &QProcess::readyRead, this, &SwapDiffCreator::slotDataAvailable, Qt::UniqueConnection); + connect(&m_proc, &QProcess::finished, this, &SwapDiffCreator::slotDiffFinished, Qt::UniqueConnection); + +- // try to start diff process, if we can't be started be done with error +- m_proc.start(QStringLiteral("diff"), QStringList() << QStringLiteral("-u") << m_originalFile.fileName() << m_recoveredFile.fileName()); +- if (!m_proc.waitForStarted()) { ++ // use diff from PATH only => inform if not found at all ++ const QString fullDiffPath = QStandardPaths::findExecutable(QStringLiteral("diff")); ++ if (fullDiffPath.isEmpty()) { + KMessageBox::sorry(nullptr, +- i18n("The diff command could not be started. Please make sure that " ++ i18n("The diff command could not be found. Please make sure that " + "diff(1) is installed and in your PATH."), + i18n("Error Creating Diff")); + deleteLater(); + return; + } + ++ // try to start the diff program, might fail, too ++ m_proc.start(fullDiffPath, QStringList() << QStringLiteral("-u") << m_originalFile.fileName() << m_recoveredFile.fileName()); ++ if (!m_proc.waitForStarted()) { ++ KMessageBox::sorry(nullptr, i18n("The diff command '%1' could not be started.").arg(fullDiffPath), i18n("Error Creating Diff")); ++ deleteLater(); ++ return; ++ } ++ + // process is up and running, we can write data to it + QTextStream ts(&m_proc); + int lineCount = recoverDoc.lines(); +-- +GitLab + diff --git a/kde-frameworks/ktexteditor/files/ktexteditor-5.90.0-CVE-2022-23853-2.patch b/kde-frameworks/ktexteditor/files/ktexteditor-5.90.0-CVE-2022-23853-2.patch new file mode 100644 index 000000000000..8cccfe3a95b0 --- /dev/null +++ b/kde-frameworks/ktexteditor/files/ktexteditor-5.90.0-CVE-2022-23853-2.patch @@ -0,0 +1,55 @@ +From c80f935c345de2e2fb10635202800839ca9697bf Mon Sep 17 00:00:00 2001 +From: Christoph Cullmann +Date: Thu, 20 Jan 2022 10:30:20 +0100 +Subject: [PATCH] only execute diff in path + +--- + src/dialogs/katedialogs.cpp | 5 +++-- + src/dialogs/katedialogs.h | 1 + + 2 files changed, 4 insertions(+), 2 deletions(-) + +diff --git a/src/dialogs/katedialogs.cpp b/src/dialogs/katedialogs.cpp +index 5b949f36..63a58aee 100644 +--- a/src/dialogs/katedialogs.cpp ++++ b/src/dialogs/katedialogs.cpp +@@ -1317,6 +1317,7 @@ KateModOnHdPrompt::KateModOnHdPrompt(KTextEditor::DocumentPrivate *doc, KTextEdi + : QObject(doc) + , m_doc(doc) + , m_modtype(modtype) ++ , m_fullDiffPath(QStandardPaths::findExecutable(QStringLiteral("diff"))) + , m_proc(nullptr) + , m_diffFile(nullptr) + , m_diffAction(nullptr) +@@ -1334,7 +1335,7 @@ KateModOnHdPrompt::KateModOnHdPrompt(KTextEditor::DocumentPrivate *doc, KTextEdi + m_message->addAction(aAutoReload, false); + connect(aAutoReload, &QAction::triggered, this, &KateModOnHdPrompt::autoReloadTriggered); + +- if (!QStandardPaths::findExecutable(QStringLiteral("diff")).isEmpty()) { ++ if (!m_fullDiffPath.isEmpty()) { + m_diffAction = new QAction(i18n("View &Difference"), this); + m_diffAction->setIcon(QIcon::fromTheme(QStringLiteral("document-multiple"))); + m_diffAction->setToolTip(i18n("Shows a diff of the changes")); +@@ -1394,7 +1395,7 @@ void KateModOnHdPrompt::slotDiff() + // Start a KProcess that creates a diff + m_proc = new KProcess(this); + m_proc->setOutputChannelMode(KProcess::MergedChannels); +- *m_proc << QStringLiteral("diff") << QStringLiteral("-u") << QStringLiteral("-") << m_doc->url().toLocalFile(); ++ *m_proc << m_fullDiffPath << QStringLiteral("-u") << QStringLiteral("-") << m_doc->url().toLocalFile(); + connect(m_proc, &KProcess::readyRead, this, &KateModOnHdPrompt::slotDataAvailable); + connect(m_proc, &KProcess::finished, this, &KateModOnHdPrompt::slotPDone); + +diff --git a/src/dialogs/katedialogs.h b/src/dialogs/katedialogs.h +index 80b611d9..e5574023 100644 +--- a/src/dialogs/katedialogs.h ++++ b/src/dialogs/katedialogs.h +@@ -376,6 +376,7 @@ private: + KTextEditor::DocumentPrivate *m_doc; + QPointer m_message; + KTextEditor::ModificationInterface::ModifiedOnDiskReason m_modtype; ++ QString m_fullDiffPath; + KProcess *m_proc; + QTemporaryFile *m_diffFile; + QAction *m_diffAction; +-- +GitLab + diff --git a/kde-frameworks/ktexteditor/files/ktexteditor-5.90.0-KDEBUG-447972.patch b/kde-frameworks/ktexteditor/files/ktexteditor-5.90.0-KDEBUG-447972.patch new file mode 100644 index 000000000000..05cfbd107cd9 --- /dev/null +++ b/kde-frameworks/ktexteditor/files/ktexteditor-5.90.0-KDEBUG-447972.patch @@ -0,0 +1,26 @@ +From 863f606b1fcf3b91b256d9167a00539289246188 Mon Sep 17 00:00:00 2001 +From: Waqar Ahmed +Date: Tue, 11 Jan 2022 20:03:12 +0500 +Subject: [PATCH] Find: Update working range when replacing + +BUG: 447972 +--- + src/search/katesearchbar.cpp | 2 ++ + 1 file changed, 2 insertions(+) + +diff --git a/src/search/katesearchbar.cpp b/src/search/katesearchbar.cpp +index ed52c4cb..c1c85bd4 100644 +--- a/src/search/katesearchbar.cpp ++++ b/src/search/katesearchbar.cpp +@@ -843,6 +843,8 @@ void KateSearchBar::findOrReplaceAll() + + // Replace + lastRange = match.replace(m_replacement, false, ++m_matchCounter); ++ // update working range as text must have changed now ++ workingRangeCopy = m_workingRange->toRange(); + } else { + lastRange = match.range(); + ++m_matchCounter; +-- +GitLab + diff --git a/kde-frameworks/ktexteditor/files/ktexteditor-5.90.0-revert-5dce70a9.patch b/kde-frameworks/ktexteditor/files/ktexteditor-5.90.0-revert-5dce70a9.patch new file mode 100644 index 000000000000..140bc0cf7111 --- /dev/null +++ b/kde-frameworks/ktexteditor/files/ktexteditor-5.90.0-revert-5dce70a9.patch @@ -0,0 +1,138 @@ +From 3b31919427baf3da1ab1a24f682a4cefc7e5106f Mon Sep 17 00:00:00 2001 +From: Christoph Cullmann +Date: Sun, 16 Jan 2022 18:29:57 +0100 +Subject: [PATCH] Revert "Do not cancel mouse selection when using the + keyboard" + +This reverts commit 5dce70a9693f8cce37f733b4687bb9b303376742. + +=> this leads to regressions + +if somebody has time to properly reproduce and fix that, we can reapply +this, otherwise it is better to have some always working state without +this small usability improvement + +BUG: 447525 +BUG: 446189 + +frameworks/ktexteditor#11 +--- + src/view/kateview.cpp | 20 ++++++++++---------- + src/view/kateviewinternal.cpp | 5 ----- + src/view/kateviewinternal.h | 2 -- + 3 files changed, 10 insertions(+), 17 deletions(-) + +diff --git a/src/view/kateview.cpp b/src/view/kateview.cpp +index 6b88eb75..56348480 100644 +--- a/src/view/kateview.cpp ++++ b/src/view/kateview.cpp +@@ -3063,9 +3063,9 @@ void KTextEditor::ViewPrivate::shiftCursorRight() + void KTextEditor::ViewPrivate::wordLeft() + { + if (currentTextLine().isRightToLeft()) { +- m_viewInternal->wordNext(m_viewInternal->isUserSelecting()); ++ m_viewInternal->wordNext(); + } else { +- m_viewInternal->wordPrev(m_viewInternal->isUserSelecting()); ++ m_viewInternal->wordPrev(); + } + } + +@@ -3081,9 +3081,9 @@ void KTextEditor::ViewPrivate::shiftWordLeft() + void KTextEditor::ViewPrivate::wordRight() + { + if (currentTextLine().isRightToLeft()) { +- m_viewInternal->wordPrev(m_viewInternal->isUserSelecting()); ++ m_viewInternal->wordPrev(); + } else { +- m_viewInternal->wordNext(m_viewInternal->isUserSelecting()); ++ m_viewInternal->wordNext(); + } + } + +@@ -3098,7 +3098,7 @@ void KTextEditor::ViewPrivate::shiftWordRight() + + void KTextEditor::ViewPrivate::home() + { +- m_viewInternal->home(m_viewInternal->isUserSelecting()); ++ m_viewInternal->home(); + } + + void KTextEditor::ViewPrivate::shiftHome() +@@ -3108,7 +3108,7 @@ void KTextEditor::ViewPrivate::shiftHome() + + void KTextEditor::ViewPrivate::end() + { +- m_viewInternal->end(m_viewInternal->isUserSelecting()); ++ m_viewInternal->end(); + } + + void KTextEditor::ViewPrivate::shiftEnd() +@@ -3118,7 +3118,7 @@ void KTextEditor::ViewPrivate::shiftEnd() + + void KTextEditor::ViewPrivate::up() + { +- m_viewInternal->cursorUp(m_viewInternal->isUserSelecting()); ++ m_viewInternal->cursorUp(); + } + + void KTextEditor::ViewPrivate::shiftUp() +@@ -3128,7 +3128,7 @@ void KTextEditor::ViewPrivate::shiftUp() + + void KTextEditor::ViewPrivate::down() + { +- m_viewInternal->cursorDown(m_viewInternal->isUserSelecting()); ++ m_viewInternal->cursorDown(); + } + + void KTextEditor::ViewPrivate::shiftDown() +@@ -3168,7 +3168,7 @@ void KTextEditor::ViewPrivate::shiftBottomOfView() + + void KTextEditor::ViewPrivate::pageUp() + { +- m_viewInternal->pageUp(m_viewInternal->isUserSelecting()); ++ m_viewInternal->pageUp(); + } + + void KTextEditor::ViewPrivate::shiftPageUp() +@@ -3178,7 +3178,7 @@ void KTextEditor::ViewPrivate::shiftPageUp() + + void KTextEditor::ViewPrivate::pageDown() + { +- m_viewInternal->pageDown(m_viewInternal->isUserSelecting()); ++ m_viewInternal->pageDown(); + } + + void KTextEditor::ViewPrivate::shiftPageDown() +diff --git a/src/view/kateviewinternal.cpp b/src/view/kateviewinternal.cpp +index d642938a..c8d479d6 100644 +--- a/src/view/kateviewinternal.cpp ++++ b/src/view/kateviewinternal.cpp +@@ -4077,11 +4077,6 @@ void KateViewInternal::viewSelectionChanged() + m_selectionCached.setStart(KTextEditor::Cursor::invalid()); + } + +-bool KateViewInternal::isUserSelecting() const +-{ +- return m_selChangedByUser; +-} +- + KateLayoutCache *KateViewInternal::cache() const + { + return m_layoutCache; +diff --git a/src/view/kateviewinternal.h b/src/view/kateviewinternal.h +index 66b137b6..8639dcef 100644 +--- a/src/view/kateviewinternal.h ++++ b/src/view/kateviewinternal.h +@@ -228,8 +228,6 @@ public: + return m_leftBorder; + } + +- bool isUserSelecting() const; +- + // EVENT HANDLING STUFF - IMPORTANT + private: + void fixDropEvent(QDropEvent *event); +-- +GitLab + -- cgit v1.2.3