From 765f5b09d1e6f9c925e7d78b7d97665a2dd2241c Mon Sep 17 00:00:00 2001
From: fake <fake@rapidnetworks.de>
Date: Wed, 5 Jan 2005 12:02:41 +0000
Subject: [PATCH] fake: 	kdelibs: SECURITY fix, add kioslave patch, 	fixing
 CAN-2004-1165

[2005010509415605577] (https://www.rocklinux.net/submaster)



git-svn-id: http://www.rocklinux.org/svn/rock-linux/trunk@5467 c5f82cb5-29bc-0310-9cd0-bff59a50e3bc
---
 .../kdelibs/post-3.3.2-kdelibs-kioslave.patch   | 17 +++++++++++++++++
 1 file changed, 17 insertions(+)
 create mode 100644 package/kde/kdelibs/post-3.3.2-kdelibs-kioslave.patch

diff --git a/package/kde/kdelibs/post-3.3.2-kdelibs-kioslave.patch b/package/kde/kdelibs/post-3.3.2-kdelibs-kioslave.patch
new file mode 100644
index 000000000..5abcc8b53
--- /dev/null
+++ b/package/kde/kdelibs/post-3.3.2-kdelibs-kioslave.patch
@@ -0,0 +1,17 @@
+--- ./kioslave/ftp/ftp.cc	21 Sep 2004 16:17:56 -0000	1.213.2.1
++++ ./kioslave/ftp/ftp.cc	26 Dec 2004 00:29:54 -0000	1.213.2.2
+@@ -751,6 +751,14 @@ bool Ftp::ftpSendCmd( const QCString& cm
+ {
+   assert(m_control != NULL);    // must have control connection socket
+ 
++  if ( cmd.find( '\r' ) != -1 || cmd.find( '\n' ) != -1)
++  {
++    kdWarning(7102) << "Invalid command received (contains CR or LF): "
++                    << cmd.data() << endl;
++    error( ERR_UNSUPPORTED_ACTION, m_host );
++    return false;
++  }
++
+   // Don't print out the password...
+   bool isPassCmd = (cmd.left(4).lower() == "pass");
+   if ( !isPassCmd )