blob: 7509414bd3172b5aaa83d5ad5de81fe097efa118 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
|
From a196623892558623e467f20b67edb78794252a09 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?M=C3=A5rten=20Nordheim?= <marten.nordheim@qt.io>
Date: Fri, 5 May 2023 11:07:26 +0200
Subject: [PATCH] Hsts: match header names case insensitively (CVE-2023-32762)
Header field names are always considered to be case-insensitive.
Pick-to: 6.5 6.5.1 6.2 5.15
Fixes: QTBUG-113392
Change-Id: Ifb4def4bb7f2ac070416cdc76581a769f1e52b43
Reviewed-by: Qt CI Bot <qt_ci_bot@qt-project.org>
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
Reviewed-by: Volker Hilsheimer <volker.hilsheimer@qt.io>
(cherry picked from commit 1b736a815be0222f4b24289cf17575fc15707305)
* asturmlechner 2023-05-23: Upstream backport to 5.15 taken from
https://www.qt.io/blog/security-advisory-qt-network
---
src/network/access/qhsts.cpp | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/src/network/access/qhsts.cpp b/src/network/access/qhsts.cpp
index 0cef0ad3dc..be7ef7ff58 100644
--- a/src/network/access/qhsts.cpp
+++ b/src/network/access/qhsts.cpp
@@ -364,8 +364,8 @@ quoted-pair = "\" CHAR
bool QHstsHeaderParser::parse(const QList<QPair<QByteArray, QByteArray>> &headers)
{
for (const auto &h : headers) {
- // We use '==' since header name was already 'trimmed' for us:
- if (h.first == "Strict-Transport-Security") {
+ // We compare directly because header name was already 'trimmed' for us:
+ if (h.first.compare("Strict-Transport-Security", Qt::CaseInsensitive) == 0) {
header = h.second;
// RFC6797, 8.1:
//
--
2.40.1
|
