[SCM] WebKit Debian packaging branch, debian/unstable, updated. debian/1.1.15-1-40151-g37bb677
cblu
cblu at 268f45cc-cd09-0410-ab3c-d52691b4dbfc
Sat Sep 26 07:23:21 UTC 2009
The following commit has been merged in the debian/unstable branch:
commit 29041afede9da0051975111c64e4512e8c9e9308
Author: cblu <cblu at 268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Date: Mon Feb 3 19:28:33 2003 +0000
Fixed: 3163073 - SECURITY: Need to check if filename in encoded download is safe
Reviewed by kocienda, darin, mjs.
* Downloads.subproj/WebDownloadHandler.m:
(-[WebDownloadHandler createFileIfNecessary]): call _web_filenameByFixingIllegalCharacters on the encoded filename
git-svn-id: http://svn.webkit.org/repository/webkit/trunk@3545 268f45cc-cd09-0410-ab3c-d52691b4dbfc
diff --git a/WebKit/ChangeLog b/WebKit/ChangeLog
index 85f6553..68048bf 100644
--- a/WebKit/ChangeLog
+++ b/WebKit/ChangeLog
@@ -1,3 +1,12 @@
+2003-02-03 Chris Blumenberg <cblu at apple.com>
+
+ Fixed: 3163073 - SECURITY: Need to check if filename in encoded download is safe
+
+ Reviewed by kocienda, darin, mjs.
+
+ * Downloads.subproj/WebDownloadHandler.m:
+ (-[WebDownloadHandler createFileIfNecessary]): call _web_filenameByFixingIllegalCharacters on the encoded filename
+
2003-02-01 Maciej Stachowiak <mjs at apple.com>
Reviewed by Darin and Ken.
diff --git a/WebKit/Downloads.subproj/WebDownload.m b/WebKit/Downloads.subproj/WebDownload.m
index f120e14..617c1cd 100644
--- a/WebKit/Downloads.subproj/WebDownload.m
+++ b/WebKit/Downloads.subproj/WebDownload.m
@@ -19,6 +19,7 @@
#import <WebFoundation/WebError.h>
#import <WebFoundation/WebNSFileManagerExtras.h>
+#import <WebFoundation/WebNSStringExtras.h>
#import <WebFoundation/WebResourceRequest.h>
#import <WebFoundation/WebResourceResponse.h>
@@ -167,9 +168,9 @@
NSString *path = [dataSource downloadPath];
NSObject <WebDownloadDecoder> *lastDecoder = [decoderSequence lastObject];
- NSString *filename = [lastDecoder filename];
+ NSString *filename = [[lastDecoder filename] _web_filenameByFixingIllegalCharacters];
- if (filename) {
+ if ([filename length] != 0) {
path = [[path stringByDeletingLastPathComponent] stringByAppendingPathComponent:filename];
}
diff --git a/WebKit/Downloads.subproj/WebDownloadHandler.m b/WebKit/Downloads.subproj/WebDownloadHandler.m
index f120e14..617c1cd 100644
--- a/WebKit/Downloads.subproj/WebDownloadHandler.m
+++ b/WebKit/Downloads.subproj/WebDownloadHandler.m
@@ -19,6 +19,7 @@
#import <WebFoundation/WebError.h>
#import <WebFoundation/WebNSFileManagerExtras.h>
+#import <WebFoundation/WebNSStringExtras.h>
#import <WebFoundation/WebResourceRequest.h>
#import <WebFoundation/WebResourceResponse.h>
@@ -167,9 +168,9 @@
NSString *path = [dataSource downloadPath];
NSObject <WebDownloadDecoder> *lastDecoder = [decoderSequence lastObject];
- NSString *filename = [lastDecoder filename];
+ NSString *filename = [[lastDecoder filename] _web_filenameByFixingIllegalCharacters];
- if (filename) {
+ if ([filename length] != 0) {
path = [[path stringByDeletingLastPathComponent] stringByAppendingPathComponent:filename];
}
--
WebKit Debian packaging
More information about the Pkg-webkit-commits
mailing list