Hello community, here is the log from the commit of package mumble for openSUSE:Factory checked in at 2014-05-16 18:11:45 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/mumble (Old) and /work/SRC/openSUSE:Factory/.mumble.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "mumble" Changes: -------- --- /work/SRC/openSUSE:Factory/mumble/mumble.changes 2014-03-26 16:41:23.000000000 +0100 +++ /work/SRC/openSUSE:Factory/.mumble.new/mumble.changes 2014-05-16 18:11:47.000000000 +0200 @@ -1,0 +2,6 @@ +Thu May 15 08:13:35 UTC 2014 - [email protected] + +- new bugfix release 1.2.6 fixes security issues (CVE-2014-3756, + bnc#877971, CVE-2014-3755, bnc#877969) + +------------------------------------------------------------------- Old: ---- mumble-1.2.5.tar.gz mumble-1.2.5.tar.gz.sig New: ---- mumble-1.2.6.tar.gz mumble-1.2.6.tar.gz.sig ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ mumble.spec ++++++ --- /var/tmp/diff_new_pack.jX9v9k/_old 2014-05-16 18:11:48.000000000 +0200 +++ /var/tmp/diff_new_pack.jX9v9k/_new 2014-05-16 18:11:48.000000000 +0200 @@ -102,7 +102,7 @@ %if %{with pulseaudio} BuildRequires: pulseaudio-devel %endif -Version: 1.2.5%{?snapshot:_%snapshot} +Version: 1.2.6%{?snapshot:_%snapshot} Release: 0 %if 0%{!?snapshot:1} Source: http://downloads.sourceforge.net/project/mumble/Mumble/%{version}/mumble-%{version}.tar.gz ++++++ mumble-1.2.5.tar.gz -> mumble-1.2.6.tar.gz ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/mumble-1.2.5/CHANGES new/mumble-1.2.6/CHANGES --- old/mumble-1.2.5/CHANGES 2014-02-01 00:01:49.000000000 +0100 +++ new/mumble-1.2.6/CHANGES 2014-05-14 20:01:46.000000000 +0200 @@ -1,5 +1,12 @@ +2014-05-13 + Mikkel Krautz <[email protected]> + f49185d Bump version to 1.2.6 + e30d7ac mumble: fix Mumble-SA-2014-006. + c7aecb2 mumble: fix Mumble-SA-2014-005. + 2014-01-31 Mikkel Krautz <[email protected]> + c3c13f9 Update changelog 269e93e mumble: fix Mumble-SA-2014-002 (CVE-2014-0045). 7e31c32 mumble: fix Mumble-SA-2014-001 (CVE-2014-0044). f5ebe9d Bump version to 1.2.5 diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/mumble-1.2.5/g15helper/g15helper.plist new/mumble-1.2.6/g15helper/g15helper.plist --- old/mumble-1.2.5/g15helper/g15helper.plist 2014-02-01 00:01:49.000000000 +0100 +++ new/mumble-1.2.6/g15helper/g15helper.plist 2014-05-14 20:01:46.000000000 +0200 @@ -13,7 +13,7 @@ <key>CFBundleSignature</key> <string>G15H</string> <key>CFBundleVersion</key> - <string>1.2.5</string> + <string>1.2.6</string> <key>NSHumanReadableCopyright</key> <string>Copyright (c) 2009 Mikkel Krautz <[email protected]></string> </dict> diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/mumble-1.2.5/g15helper/g15helper.rc new/mumble-1.2.6/g15helper/g15helper.rc --- old/mumble-1.2.5/g15helper/g15helper.rc 2014-02-01 00:01:49.000000000 +0100 +++ new/mumble-1.2.6/g15helper/g15helper.rc 2014-05-14 20:01:46.000000000 +0200 @@ -15,8 +15,8 @@ #endif VS_VERSION_INFO VERSIONINFO - FILEVERSION 1,2,5,0 - PRODUCTVERSION 1,2,5,0 + FILEVERSION 1,2,6,0 + PRODUCTVERSION 1,2,6,0 FILEFLAGSMASK VS_FFI_FILEFLAGSMASK FILEFLAGS (VER_DEBUG|VER_RELEASE) FILEOS VOS_NT_WINDOWS32 @@ -29,8 +29,8 @@ BEGIN VALUE "CompanyName", "Mikkel Krautz" VALUE "FileDescription", "Mumble G15 LCD Helper" - VALUE "FileVersion", "1.2.5" - VALUE "ProductVersion", "1.2.5" + VALUE "FileVersion", "1.2.6" + VALUE "ProductVersion", "1.2.6" VALUE "LegalCopyright", "Copyright (C) 2008-2011, Mikkel Krautz <[email protected]>" VALUE "OriginalFilename", "mumble-g15-helper.exe" VALUE "ProductName", "Mumble G15 LCD Helper" diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/mumble-1.2.5/macx/common.pri new/mumble-1.2.6/macx/common.pri --- old/mumble-1.2.5/macx/common.pri 2014-02-01 00:01:49.000000000 +0100 +++ new/mumble-1.2.6/macx/common.pri 2014-05-14 20:01:46.000000000 +0200 @@ -1,6 +1,6 @@ # Common OSX overlay settings. -VERSION = 1.2.5 +VERSION = 1.2.6 DEFINES *= VERSION=\\\"$$VERSION\\\" diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/mumble-1.2.5/macx/osax/osax.plist new/mumble-1.2.6/macx/osax/osax.plist --- old/mumble-1.2.5/macx/osax/osax.plist 2014-02-01 00:01:49.000000000 +0100 +++ new/mumble-1.2.6/macx/osax/osax.plist 2014-05-14 20:01:46.000000000 +0200 @@ -13,7 +13,7 @@ <key>CFBundlePackageType</key> <string>osax</string> <key>CFbundleVersion</key> - <string>1.2.5</string> + <string>1.2.6</string> <key>CFBundleSignature</key> <string>MUOL</string> <key>CSResourcesFileMapped</key> diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/mumble-1.2.5/overlay/overlay.pro new/mumble-1.2.6/overlay/overlay.pro --- old/mumble-1.2.5/overlay/overlay.pro 2014-02-01 00:01:49.000000000 +0100 +++ new/mumble-1.2.6/overlay/overlay.pro 2014-05-14 20:01:46.000000000 +0200 @@ -1,6 +1,6 @@ include (../compiler.pri) -VERSION = 1.2.5 +VERSION = 1.2.6 TARGET_EXT = .dll TEMPLATE = lib CONFIG -= qt diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/mumble-1.2.5/overlay_gl/overlay_gl.pro new/mumble-1.2.6/overlay_gl/overlay_gl.pro --- old/mumble-1.2.5/overlay_gl/overlay_gl.pro 2014-02-01 00:01:49.000000000 +0100 +++ new/mumble-1.2.6/overlay_gl/overlay_gl.pro 2014-05-14 20:01:46.000000000 +0200 @@ -5,7 +5,7 @@ CONFIG -= qt CONFIG *= debug_and_release TARGET = mumble$(TARGET_ADD) -VERSION = 1.2.5 +VERSION = 1.2.6 SOURCES = overlay.c LIBS *= -lrt -ldl QMAKE_CFLAGS *= -fvisibility=hidden $(CFLAGS_ADD) diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/mumble-1.2.5/src/Version.h new/mumble-1.2.6/src/Version.h --- old/mumble-1.2.5/src/Version.h 2014-02-01 00:01:49.000000000 +0100 +++ new/mumble-1.2.6/src/Version.h 2014-05-14 20:01:46.000000000 +0200 @@ -36,7 +36,7 @@ #define MUMTEXT(X) MUMXTEXT(X) #ifndef MUMBLE_VERSION -#define MUMBLE_VERSION 1.2.5 +#define MUMBLE_VERSION 1.2.6 #endif #ifndef MUMBLE_VERSION #define MUMBLE_RELEASE "Compiled " __DATE__ " " __TIME__ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/mumble-1.2.5/src/mumble/ALSAAudio.cpp new/mumble-1.2.6/src/mumble/ALSAAudio.cpp --- old/mumble-1.2.5/src/mumble/ALSAAudio.cpp 2014-02-01 00:01:49.000000000 +0100 +++ new/mumble-1.2.6/src/mumble/ALSAAudio.cpp 2014-05-14 20:01:46.000000000 +0200 @@ -362,7 +362,7 @@ snd_pcm_close(capture_handle); capture_handle = NULL; } - g.mw->msgBox(tr("Opening chosen ALSA Input failed: %1").arg(QLatin1String(snd_strerror(err)))); + g.mw->msgBox(tr("Opening chosen ALSA Input failed: %1").arg(Qt::escape(QLatin1String(snd_strerror(err))))); return; } @@ -497,7 +497,7 @@ snd_pcm_writei(pcm_handle, zerobuff, period_size); if (! bOk) { - g.mw->msgBox(tr("Opening chosen ALSA Output failed: %1").arg(QLatin1String(snd_strerror(err)))); + g.mw->msgBox(tr("Opening chosen ALSA Output failed: %1").arg(Qt::escape(QLatin1String(snd_strerror(err))))); if (pcm_handle) { snd_pcm_close(pcm_handle); pcm_handle = NULL; diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/mumble-1.2.5/src/mumble/ASIOInput.cpp new/mumble-1.2.6/src/mumble/ASIOInput.cpp --- old/mumble-1.2.5/src/mumble/ASIOInput.cpp 2014-02-01 00:01:49.000000000 +0100 +++ new/mumble-1.2.6/src/mumble/ASIOInput.cpp 2014-05-14 20:01:46.000000000 +0200 @@ -268,7 +268,7 @@ char err[255]; iasio->getErrorMessage(err); SleepEx(10, false); - QMessageBox::critical(this, QLatin1String("Mumble"), tr("ASIO Initialization failed: %1").arg(QLatin1String(err)), QMessageBox::Ok, QMessageBox::NoButton); + QMessageBox::critical(this, QLatin1String("Mumble"), tr("ASIO Initialization failed: %1").arg(Qt::escape(QLatin1String(err))), QMessageBox::Ok, QMessageBox::NoButton); } iasio->Release(); } else { @@ -293,7 +293,7 @@ char err[255]; iasio->getErrorMessage(err); SleepEx(10, false); - QMessageBox::critical(this, QLatin1String("Mumble"), tr("ASIO Initialization failed: %1").arg(QLatin1String(err)), QMessageBox::Ok, QMessageBox::NoButton); + QMessageBox::critical(this, QLatin1String("Mumble"), tr("ASIO Initialization failed: %1").arg(Qt::escape(QLatin1String(err))), QMessageBox::Ok, QMessageBox::NoButton); } iasio->Release(); } else { diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/mumble-1.2.5/src/mumble/ASIOInput.ui new/mumble-1.2.6/src/mumble/ASIOInput.ui --- old/mumble-1.2.5/src/mumble/ASIOInput.ui 2014-02-01 00:01:49.000000000 +0100 +++ new/mumble-1.2.6/src/mumble/ASIOInput.ui 2014-05-14 20:01:46.000000000 +0200 @@ -99,6 +99,9 @@ <property name="text"> <string/> </property> + <property name="textFormat"> + <enum>Qt::PlainText</enum> + </property> </widget> </item> <item row="1" column="0"> @@ -119,6 +122,9 @@ <property name="text"> <string/> </property> + <property name="textFormat"> + <enum>Qt::PlainText</enum> + </property> </widget> </item> </layout> diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/mumble-1.2.5/src/mumble/AudioConfigDialog.cpp new/mumble-1.2.6/src/mumble/AudioConfigDialog.cpp --- old/mumble-1.2.5/src/mumble/AudioConfigDialog.cpp 2014-02-01 00:01:49.000000000 +0100 +++ new/mumble-1.2.6/src/mumble/AudioConfigDialog.cpp 2014-05-14 20:01:46.000000000 +0200 @@ -368,7 +368,7 @@ foreach(audioDevice d, ql) { qcbDevice->addItem(d.first, d.second); - qcbDevice->setItemData(idx, d.first, Qt::ToolTipRole); + qcbDevice->setItemData(idx, Qt::escape(d.first), Qt::ToolTipRole); ++idx; } @@ -512,7 +512,7 @@ foreach(audioDevice d, ql) { qcbDevice->addItem(d.first, d.second); - qcbDevice->setItemData(idx, d.first, Qt::ToolTipRole); + qcbDevice->setItemData(idx, Qt::escape(d.first), Qt::ToolTipRole); ++idx; } bool canmute = aor->canMuteOthers(); diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/mumble-1.2.5/src/mumble/AudioOutputSample.cpp new/mumble-1.2.6/src/mumble/AudioOutputSample.cpp --- old/mumble-1.2.5/src/mumble/AudioOutputSample.cpp 2014-02-01 00:01:49.000000000 +0100 +++ new/mumble-1.2.6/src/mumble/AudioOutputSample.cpp 2014-05-14 20:01:46.000000000 +0200 @@ -214,7 +214,7 @@ if (sf == NULL) { QMessageBox::critical(NULL, tr("Invalid sound file"), - tr("The file '%1' cannot be used by Mumble. Please select a file with a compatible format and encoding.").arg(file)); + tr("The file '%1' cannot be used by Mumble. Please select a file with a compatible format and encoding.").arg(Qt::escape(file))); return QString(); } delete sf; diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/mumble-1.2.5/src/mumble/Cert.cpp new/mumble-1.2.6/src/mumble/Cert.cpp --- old/mumble-1.2.5/src/mumble/Cert.cpp 2014-02-01 00:01:49.000000000 +0100 +++ new/mumble-1.2.6/src/mumble/Cert.cpp 2014-05-14 20:01:46.000000000 +0200 @@ -54,6 +54,7 @@ grid->addWidget(l, 0, 0, 1, 1, Qt::AlignRight); qlSubjectName = new QLabel(); + qlSubjectName->setTextFormat(Qt::PlainText); qlSubjectName->setWordWrap(true); grid->addWidget(qlSubjectName, 0, 1, 1, 1); @@ -61,6 +62,7 @@ grid->addWidget(l, 1, 0, 1, 1, Qt::AlignRight); qlSubjectEmail = new QLabel(); + qlSubjectEmail->setTextFormat(Qt::PlainText); qlSubjectEmail->setWordWrap(true); grid->addWidget(qlSubjectEmail, 1, 1, 1, 1); @@ -68,6 +70,7 @@ grid->addWidget(l, 2, 0, 1, 1, Qt::AlignRight); qlIssuerName = new QLabel(); + qlIssuerName->setTextFormat(Qt::PlainText); qlIssuerName->setWordWrap(true); grid->addWidget(qlIssuerName, 2, 1, 1, 1); @@ -103,12 +106,12 @@ qlSubjectName->setText(tmpName); if (emails.count() > 0) - qlSubjectEmail->setText(emails.join(QLatin1String("<br />"))); + qlSubjectEmail->setText(emails.join(QLatin1String("\n"))); else qlSubjectEmail->setText(tr("(none)")); if (qscCert.expiryDate() <= QDateTime::currentDateTime()) - qlExpiry->setText(QString::fromLatin1("<font color=\"red\"><b>%1</b></font>").arg(qscCert.expiryDate().toString(Qt::SystemLocaleDate))); + qlExpiry->setText(QString::fromLatin1("<font color=\"red\"><b>%1</b></font>").arg(Qt::escape(qscCert.expiryDate().toString(Qt::SystemLocaleDate)))); else qlExpiry->setText(qscCert.expiryDate().toString(Qt::SystemLocaleDate)); diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/mumble-1.2.5/src/mumble/ConnectDialog.cpp new/mumble-1.2.6/src/mumble/ConnectDialog.cpp --- old/mumble-1.2.5/src/mumble/ConnectDialog.cpp 2014-02-01 00:01:49.000000000 +0100 +++ new/mumble-1.2.6/src/mumble/ConnectDialog.cpp 2014-05-14 20:01:46.000000000 +0200 @@ -439,7 +439,7 @@ } else if (role == Qt::ToolTipRole) { QStringList qsl; foreach(const QHostAddress &qha, qlAddresses) - qsl << qha.toString(); + qsl << Qt::escape(qha.toString()); double ploss = 100.0; @@ -449,18 +449,18 @@ QString qs; qs += QLatin1String("<table>") + - QString::fromLatin1("<tr><th align=left>%1</th><td>%2</td></tr>").arg(ConnectDialog::tr("Servername"), qsName) + - QString::fromLatin1("<tr><th align=left>%1</th><td>%2</td></tr>").arg(ConnectDialog::tr("Hostname"), qsHostname); + QString::fromLatin1("<tr><th align=left>%1</th><td>%2</td></tr>").arg(ConnectDialog::tr("Servername"), Qt::escape(qsName)) + + QString::fromLatin1("<tr><th align=left>%1</th><td>%2</td></tr>").arg(ConnectDialog::tr("Hostname"), Qt::escape(qsHostname)); if (! qsBonjourHost.isEmpty()) - qs += QString::fromLatin1("<tr><th align=left>%1</th><td>%2</td></tr>").arg(ConnectDialog::tr("Bonjour name"), qsBonjourHost); + qs += QString::fromLatin1("<tr><th align=left>%1</th><td>%2</td></tr>").arg(ConnectDialog::tr("Bonjour name"), Qt::escape(qsBonjourHost)); qs += QString::fromLatin1("<tr><th align=left>%1</th><td>%2</td></tr>").arg(ConnectDialog::tr("Port")).arg(usPort) + QString::fromLatin1("<tr><th align=left>%1</th><td>%2</td></tr>").arg(ConnectDialog::tr("Addresses"), qsl.join(QLatin1String(", "))); if (! qsUrl.isEmpty()) - qs += QString::fromLatin1("<tr><th align=left>%1</th><td>%2</td></tr>").arg(ConnectDialog::tr("Website"), qsUrl); + qs += QString::fromLatin1("<tr><th align=left>%1</th><td>%2</td></tr>").arg(ConnectDialog::tr("Website"), Qt::escape(qsUrl)); if (uiSent > 0) { qs += QString::fromLatin1("<tr><th align=left>%1</th><td>%2</td></tr>").arg(ConnectDialog::tr("Packet loss"), QString::fromLatin1("%1% (%2/%3)").arg(ploss, 0, 'f', 1).arg(uiRecv).arg(uiSent)); @@ -634,7 +634,7 @@ mime->setUrls(urls); mime->setText(qs); - mime->setHtml(QString::fromLatin1("<a href=\"%1\">%2</a>").arg(qs).arg(name)); + mime->setHtml(QString::fromLatin1("<a href=\"%1\">%2</a>").arg(qs).arg(Qt::escape(name))); return mime; } diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/mumble-1.2.5/src/mumble/Database.cpp new/mumble-1.2.6/src/mumble/Database.cpp --- old/mumble-1.2.5/src/mumble/Database.cpp 2014-02-01 00:01:49.000000000 +0100 +++ new/mumble-1.2.6/src/mumble/Database.cpp 2014-05-14 20:01:46.000000000 +0200 @@ -117,7 +117,7 @@ QFileInfo fi(db.databaseName()); if (! fi.isWritable()) { - QMessageBox::critical(NULL, QLatin1String("Mumble"), tr("The database '%1' is read-only. Mumble cannot store server settings (i.e. SSL certificates) until you fix this problem.").arg(fi.filePath()), QMessageBox::Ok | QMessageBox::Default, QMessageBox::NoButton); + QMessageBox::critical(NULL, QLatin1String("Mumble"), tr("The database '%1' is read-only. Mumble cannot store server settings (i.e. SSL certificates) until you fix this problem.").arg(Qt::escape(fi.filePath())), QMessageBox::Ok | QMessageBox::Default, QMessageBox::NoButton); qWarning("Database: Database is read-only"); } diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/mumble-1.2.5/src/mumble/LCD.cpp new/mumble-1.2.6/src/mumble/LCD.cpp --- old/mumble-1.2.5/src/mumble/LCD.cpp 2014-02-01 00:01:49.000000000 +0100 +++ new/mumble-1.2.6/src/mumble/LCD.cpp 2014-05-14 20:01:46.000000000 +0200 @@ -111,7 +111,7 @@ qtwi->setFlags(Qt::ItemIsEnabled |Qt::ItemIsUserCheckable); qtwi->setText(0, d->name()); - qtwi->setToolTip(0, d->name()); + qtwi->setToolTip(0, Qt::escape(d->name())); QSize lcdsize = d->size(); QString qsSize = QString::fromLatin1("%1x%2").arg(lcdsize.width()).arg(lcdsize.height()); diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/mumble-1.2.5/src/mumble/Log.cpp new/mumble-1.2.6/src/mumble/Log.cpp --- old/mumble-1.2.5/src/mumble/Log.cpp 2014-02-01 00:01:49.000000000 +0100 +++ new/mumble-1.2.6/src/mumble/Log.cpp 2014-05-14 20:01:46.000000000 +0200 @@ -39,6 +39,7 @@ #include "Global.h" #include "MainWindow.h" #include "NetworkConfig.h" +#include "RichTextEditor.h" #include "ServerHandler.h" #include "TextToSpeech.h" @@ -255,7 +256,7 @@ } QString Log::formatChannel(::Channel *c) { - return QString::fromLatin1("<a href='channelid://%1/%3' class='log-channel'>%2</a>").arg(c->iId).arg(c->qsName).arg(QString::fromLatin1(g.sh->qbaDigest.toBase64())); + return QString::fromLatin1("<a href='channelid://%1/%3' class='log-channel'>%2</a>").arg(c->iId).arg(Qt::escape(c->qsName)).arg(QString::fromLatin1(g.sh->qbaDigest.toBase64())); } QString Log::formatClientUser(ClientUser *cu, LogColorType t) { @@ -267,10 +268,11 @@ } if (cu) { + QString name = Qt::escape(cu->qsName); if (cu->qsHash.isEmpty()) { - return QString::fromLatin1("<a href='clientid://%2/%4' class='log-user log-%1'>%3</a>").arg(className).arg(cu->uiSession).arg(cu->qsName).arg(QString::fromLatin1(g.sh->qbaDigest.toBase64())); + return QString::fromLatin1("<a href='clientid://%2/%4' class='log-user log-%1'>%3</a>").arg(className).arg(cu->uiSession).arg(name).arg(QString::fromLatin1(g.sh->qbaDigest.toBase64())); } else { - return QString::fromLatin1("<a href='clientid://%2' class='log-user log-%1'>%3</a>").arg(className).arg(cu->qsHash).arg(cu->qsName); + return QString::fromLatin1("<a href='clientid://%2' class='log-user log-%1'>%3</a>").arg(className).arg(cu->qsHash).arg(name); } } else { return QString::fromLatin1("<span class='log-server log-%1'>%2</span>").arg(className).arg(tr("the server")); @@ -346,13 +348,23 @@ QString Log::validHtml(const QString &html, bool allowReplacement, QTextCursor *tc) { QDesktopWidget dw; - ValidDocument qtd(allowReplacement); + LogDocument qtd; bool valid = false; + qtd.setAllowHTTPResources(allowReplacement); + qtd.setOnlyLoadDataURLs(true); + QRectF qr = dw.availableGeometry(dw.screenNumber(g.mw)); qtd.setTextWidth(qr.width() / 2); qtd.setDefaultStyleSheet(qApp->styleSheet()); + // Call documentLayout on our LogDocument to ensure + // it has a layout backing it. With a layout set on + // the document, it will attempt to load all the + // resources it contains as soon as we call setHtml(), + // allowing our validation checks for things such as + // data URL images to run. + (void) qtd.documentLayout(); qtd.setHtml(html); valid = qtd.isValid(); @@ -437,7 +449,7 @@ if (qdDate != dt.date()) { qdDate = dt.date(); tc.insertBlock(); - tc.insertHtml(tr("[Date changed to %1]\n").arg(qdDate.toString(Qt::DefaultLocaleShortDate))); + tc.insertHtml(tr("[Date changed to %1]\n").arg(Qt::escape(qdDate.toString(Qt::DefaultLocaleShortDate)))); tc.movePosition(QTextCursor::End); } @@ -450,7 +462,7 @@ } else if (! g.mw->qteLog->document()->isEmpty()) { tc.insertBlock(); } - tc.insertHtml(Log::msgColor(QString::fromLatin1("[%1] ").arg(dt.time().toString(Qt::DefaultLocaleShortDate)), Log::Time)); + tc.insertHtml(Log::msgColor(QString::fromLatin1("[%1] ").arg(Qt::escape(dt.time().toString(Qt::DefaultLocaleShortDate))), Log::Time)); validHtml(console, true, &tc); tc.movePosition(QTextCursor::End); g.mw->qteLog->setTextCursor(tc); @@ -546,65 +558,85 @@ } } -ValidDocument::ValidDocument(bool allowhttp, QObject *p) : QTextDocument(p) { - bValid = true; - qslValidImage << QLatin1String("data"); - if (allowhttp) { - qslValidImage << QLatin1String("http"); - qslValidImage << QLatin1String("https"); - } -} - -QVariant ValidDocument::loadResource(int type, const QUrl &url) { - QVariant v = QLatin1String("PlaceHolder"); - if ((type == QTextDocument::ImageResource) && qslValidImage.contains(url.scheme())) - return QTextDocument::loadResource(type, url); - bValid = false; - return v; -} - -bool ValidDocument::isValid() const { - return bValid; -} - -LogDocument::LogDocument(QObject *p) : QTextDocument(p) { +LogDocument::LogDocument(QObject *p) + : QTextDocument(p) + , m_valid(true) + , m_onlyLoadDataURLs(false) + , m_allowHTTPResources(true) { } QVariant LogDocument::loadResource(int type, const QUrl &url) { - if (type != QTextDocument::ImageResource) + if (type != QTextDocument::ImageResource) { + m_valid = false; return QLatin1String("No external resources allowed."); - if (g.s.iMaxImageSize <= 0) - return QLatin1String("Image download disabled."); - - if (url.scheme() == QLatin1String("data")) { - QVariant v = QTextDocument::loadResource(type, url); - addResource(type, url, v); - return v; } - qWarning() << "LogDocument::loadResource " << type << url.toString(); + if (url.scheme() != QLatin1String("data") && g.s.iMaxImageSize <= 0) { + m_valid = false; + return QLatin1String("Image download disabled."); + } QImage qi(1, 1, QImage::Format_Mono); addResource(type, url, qi); - if (! url.isValid() || url.isRelative()) + if (! url.isValid() || url.isRelative()) { + m_valid = false; return qi; + } - if ((url.scheme() != QLatin1String("http")) && (url.scheme() != QLatin1String("https"))) + QStringList allowedSchemes; + allowedSchemes << QLatin1String("data"); + if (m_allowHTTPResources) { + allowedSchemes << QLatin1String("http"); + allowedSchemes << QLatin1String("https"); + } + + if (!allowedSchemes.contains(url.scheme())) { + m_valid = false; return qi; + } + + bool shouldLoad = true; + if (m_onlyLoadDataURLs && url.scheme() != QLatin1String("data")) { + shouldLoad = false; + } + + if (shouldLoad) { + QNetworkReply *rep = Network::get(url); + connect(rep, SIGNAL(metaDataChanged()), this, SLOT(receivedHead())); + connect(rep, SIGNAL(finished()), this, SLOT(finished())); + + // Handle data URLs immediately without a roundtrip to the event loop. + // We need this to perform proper validation for data URL images when + // a LogDocument is used inside Log::validHtml(). + if (url.scheme() == QLatin1String("data")) { + QCoreApplication::sendPostedEvents(rep, 0); + } + } - QNetworkReply *rep = Network::get(url); - connect(rep, SIGNAL(metaDataChanged()), this, SLOT(receivedHead())); - connect(rep, SIGNAL(finished()), this, SLOT(finished())); return qi; } +void LogDocument::setAllowHTTPResources(bool allowHTTPResources) { + m_allowHTTPResources = allowHTTPResources; +} + +void LogDocument::setOnlyLoadDataURLs(bool onlyLoadDataURLs) { + m_onlyLoadDataURLs = onlyLoadDataURLs; +} + +bool LogDocument::isValid() { + return m_valid; +} + void LogDocument::receivedHead() { QNetworkReply *rep = qobject_cast<QNetworkReply *>(sender()); - QVariant length = rep->header(QNetworkRequest::ContentLengthHeader); - if (length == QVariant::Invalid || length.toInt() > g.s.iMaxImageSize) { - qWarning() << "Image "<< rep->url().toString() <<" (" << length.toInt() << " byte) to big, request aborted. "; - rep->abort(); + if (rep->url().scheme() != QLatin1String("data")) { + QVariant length = rep->header(QNetworkRequest::ContentLengthHeader); + if (length == QVariant::Invalid || length.toInt() > g.s.iMaxImageSize) { + m_valid = false; + rep->abort(); + } } } @@ -612,14 +644,42 @@ QNetworkReply *rep = qobject_cast<QNetworkReply *>(sender()); if (rep->error() == QNetworkReply::NoError) { - QVariant qv = rep->readAll(); + QByteArray ba = rep->readAll(); + QByteArray fmt; QImage qi; - if (qi.loadFromData(qv.toByteArray()) && qi.width() <= g.s.iMaxImageWidth && qi.height() <= g.s.iMaxImageHeight) { - addResource(QTextDocument::ImageResource, rep->request().url(), qi); - g.mw->qteLog->setDocument(this); - } else qWarning() << "Image "<< rep->url().toString() <<" (" << qi.width() << "x" << qi.height() <<") to large."; - } else qWarning() << "Image "<< rep->url().toString() << " download failed."; + // Sniff the format instead of relying on the MIME type. + // There are many misconfigured servers out there and + // Mumble has historically sniffed the received data + // instead of strictly requiring a correct Content-Type. + if (RichTextImage::isValidImage(ba, fmt)) { + if (qi.loadFromData(ba, fmt)) { + bool ok = true; + if (rep->url().scheme() != QLatin1String("data")) { + ok = (qi.width() <= g.s.iMaxImageWidth && qi.height() <= g.s.iMaxImageHeight); + } + if (ok) { + addResource(QTextDocument::ImageResource, rep->request().url(), qi); + + // Force a re-layout of the QTextEdit the next + // time we enter the event loop. + // We must not trigger a re-layout immediately. + // Doing so can trigger crashes deep inside Qt + // if the QTextDocument has just been set on the + // text edit widget. + QTextEdit *qte = qobject_cast<QTextEdit *>(parent()); + if (qte != NULL) { + QEvent *e = new QEvent(QEvent::FontChange); + QApplication::postEvent(qte, e); + } + } else { + m_valid = false; + } + } + } else { + m_valid = false; + } + } rep->deleteLater(); } diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/mumble-1.2.5/src/mumble/Log.h new/mumble-1.2.6/src/mumble/Log.h --- old/mumble-1.2.5/src/mumble/Log.h 2014-02-01 00:01:49.000000000 +0100 +++ new/mumble-1.2.6/src/mumble/Log.h 2014-05-14 20:01:46.000000000 +0200 @@ -100,29 +100,23 @@ void log(MsgType t, const QString &console, const QString &terse=QString(), bool ownMessage = false); }; -class ValidDocument : public QTextDocument { - private: - Q_OBJECT - Q_DISABLE_COPY(ValidDocument) - protected: - QStringList qslValidImage; - bool bValid; - QVariant loadResource(int, const QUrl &); - public: - ValidDocument(bool httpimages, QObject *p = NULL); - bool isValid() const; -}; - class LogDocument : public QTextDocument { private: Q_OBJECT Q_DISABLE_COPY(LogDocument) public: LogDocument(QObject *p = NULL); - QVariant loadResource(int, const QUrl &); + virtual QVariant loadResource(int, const QUrl &); + void setAllowHTTPResources(bool allowHttpResources); + void setOnlyLoadDataURLs(bool onlyLoadDataURLs); + bool isValid(); public slots: void receivedHead(); void finished(); + private: + bool m_allowHTTPResources; + bool m_valid; + bool m_onlyLoadDataURLs; }; #endif diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/mumble-1.2.5/src/mumble/MainWindow.cpp new/mumble-1.2.6/src/mumble/MainWindow.cpp --- old/mumble-1.2.5/src/mumble/MainWindow.cpp 2014-02-01 00:01:49.000000000 +0100 +++ new/mumble-1.2.6/src/mumble/MainWindow.cpp 2014-05-14 20:01:46.000000000 +0200 @@ -54,6 +54,7 @@ #include "Overlay.h" #include "Plugins.h" #include "PTTButtonWidget.h" +#include "RichTextEditor.h" #include "ServerHandler.h" #include "TextMessage.h" #include "Tokens.h" @@ -650,7 +651,7 @@ } void MainWindow::openUrl(const QUrl &url) { - g.l->log(Log::Information, tr("Opening URL %1").arg(url.toString())); + g.l->log(Log::Information, tr("Opening URL %1").arg(Qt::escape(url.toString()))); if (url.scheme() == QLatin1String("file")) { QFile f(url.toLocalFile()); if (! f.exists() || ! f.open(QIODevice::ReadOnly)) { @@ -738,7 +739,7 @@ g.s.qsLastServer = name; rtLast = MumbleProto::Reject_RejectType_None; qaServerDisconnect->setEnabled(true); - g.l->log(Log::Information, tr("Connecting to server %1.").arg(Log::msgColor(host, Log::Server))); + g.l->log(Log::Information, tr("Connecting to server %1.").arg(Log::msgColor(Qt::escape(host), Log::Server))); g.sh->setConnectionInfo(host, port, user, pw); g.sh->start(QThread::TimeCriticalPriority); } @@ -930,7 +931,7 @@ qsDesiredChannel = QString(); rtLast = MumbleProto::Reject_RejectType_None; qaServerDisconnect->setEnabled(true); - g.l->log(Log::Information, tr("Connecting to server %1.").arg(Log::msgColor(cd->qsServer, Log::Server))); + g.l->log(Log::Information, tr("Connecting to server %1.").arg(Log::msgColor(Qt::escape(cd->qsServer), Log::Server))); g.sh->setConnectionInfo(cd->qsServer, cd->usPort, cd->qsUsername, cd->qsPassword); g.sh->start(QThread::TimeCriticalPriority); } @@ -1006,7 +1007,7 @@ return; QMessageBox::StandardButton result; - result = QMessageBox::question(this, tr("Register yourself as %1").arg(p->qsName), tr("<p>You are about to register yourself on this server. This action cannot be undone, and your username cannot be changed once this is done. You will forever be known as '%1' on this server.</p><p>Are you sure you want to register yourself?</p>").arg(p->qsName), QMessageBox::Yes|QMessageBox::No); + result = QMessageBox::question(this, tr("Register yourself as %1").arg(p->qsName), tr("<p>You are about to register yourself on this server. This action cannot be undone, and your username cannot be changed once this is done. You will forever be known as '%1' on this server.</p><p>Are you sure you want to register yourself?</p>").arg(Qt::escape(p->qsName)), QMessageBox::Yes|QMessageBox::No); if (result == QMessageBox::Yes) g.sh->registerUser(p->uiSession); @@ -1091,7 +1092,7 @@ qsVersion.append(tr("<p>No build information or OS version available.</p>")); } else { qsVersion.append(tr("<p>%1 (%2)<br />%3</p>") - .arg(g.sh->qsRelease, g.sh->qsOS, g.sh->qsOSVersion)); + .arg(Qt::escape(g.sh->qsRelease), Qt::escape(g.sh->qsOS), Qt::escape(g.sh->qsOSVersion))); } QString host, uname, pw; @@ -1100,10 +1101,10 @@ g.sh->getConnectionInfo(host,port,uname,pw); QString qsControl=tr("<h2>Control channel</h2><p>Encrypted with %1 bit %2<br />%3 ms average latency (%4 deviation)</p><p>Remote host %5 (port %6)</p>").arg(QString::number(qsc.usedBits()), - qsc.name(), + Qt::escape(qsc.name()), QString::fromLatin1("%1").arg(boost::accumulators::mean(g.sh->accTCP), 0, 'f', 2), QString::fromLatin1("%1").arg(sqrt(boost::accumulators::variance(g.sh->accTCP)),0,'f',2), - host, + Qt::escape(host), QString::number(port)); QString qsVoice, qsCrypt, qsAudio; @@ -1360,9 +1361,9 @@ QMessageBox::StandardButton result; if (session == g.uiSession) - result = QMessageBox::question(this, tr("Register yourself as %1").arg(p->qsName), tr("<p>You are about to register yourself on this server. This action cannot be undone, and your username cannot be changed once this is done. You will forever be known as '%1' on this server.</p><p>Are you sure you want to register yourself?</p>").arg(p->qsName), QMessageBox::Yes|QMessageBox::No); + result = QMessageBox::question(this, tr("Register yourself as %1").arg(p->qsName), tr("<p>You are about to register yourself on this server. This action cannot be undone, and your username cannot be changed once this is done. You will forever be known as '%1' on this server.</p><p>Are you sure you want to register yourself?</p>").arg(Qt::escape(p->qsName)), QMessageBox::Yes|QMessageBox::No); else - result = QMessageBox::question(this, tr("Register user %1").arg(p->qsName), tr("<p>You are about to register %1 on the server. This action cannot be undone, the username cannot be changed, and as a registered user, %1 will have access to the server even if you change the server password.</p><p>From this point on, %1 will be authenticated with the certificate currently in use.</p><p>Are you sure you want to register %1?</p>").arg(p->qsName), QMessageBox::Yes|QMessageBox::No); + result = QMessageBox::question(this, tr("Register user %1").arg(p->qsName), tr("<p>You are about to register %1 on the server. This action cannot be undone, the username cannot be changed, and as a registered user, %1 will have access to the server even if you change the server password.</p><p>From this point on, %1 will be authenticated with the certificate currently in use.</p><p>Are you sure you want to register %1?</p>").arg(Qt::escape(p->qsName)), QMessageBox::Yes|QMessageBox::No); if (result == QMessageBox::Yes) { p = ClientUser::get(session); @@ -1498,7 +1499,7 @@ unsigned int session = p->uiSession; int ret = QMessageBox::question(this, QLatin1String("Mumble"), - tr("Are you sure you want to reset the comment of user %1?").arg(p->qsName), + tr("Are you sure you want to reset the comment of user %1?").arg(Qt::escape(p->qsName)), QMessageBox::Yes, QMessageBox::No); if (ret == QMessageBox::Yes) { g.sh->setUserComment(session, QString()); @@ -1689,7 +1690,7 @@ int id = c->iId; - ret=QMessageBox::question(this, QLatin1String("Mumble"), tr("Are you sure you want to delete %1 and all its sub-channels?").arg(c->qsName), QMessageBox::Yes, QMessageBox::No); + ret=QMessageBox::question(this, QLatin1String("Mumble"), tr("Are you sure you want to delete %1 and all its sub-channels?").arg(Qt::escape(c->qsName)), QMessageBox::Yes, QMessageBox::No); c = Channel::get(id); if (!c) @@ -2444,7 +2445,7 @@ if (! g.sh->qlErrors.isEmpty()) { foreach(QSslError e, g.sh->qlErrors) - g.l->log(Log::Warning, tr("SSL Verification failed: %1").arg(e.errorString())); + g.l->log(Log::Warning, tr("SSL Verification failed: %1").arg(Qt::escape(e.errorString()))); if (! g.sh->qscCert.isEmpty()) { QSslCertificate c = g.sh->qscCert.at(0); QString basereason; @@ -2455,7 +2456,7 @@ } QStringList qsl; foreach(QSslError e, g.sh->qlErrors) - qsl << QString::fromLatin1("<li>%1</li>").arg(e.errorString()); + qsl << QString::fromLatin1("<li>%1</li>").arg(Qt::escape(e.errorString())); QMessageBox qmb(QMessageBox::Warning, QLatin1String("Mumble"), tr("<p>%1.<br />The specific errors with this certificate are: </p><ol>%2</ol>" @@ -2488,7 +2489,7 @@ if (! reason.isEmpty()) { - g.l->log(Log::ServerDisconnected, tr("Server connection failed: %1.").arg(reason)); + g.l->log(Log::ServerDisconnected, tr("Server connection failed: %1.").arg(Qt::escape(reason))); } else { g.l->log(Log::ServerDisconnected, tr("Disconnected from server.")); } @@ -2635,10 +2636,10 @@ if (!g.s.bChatBarUseSelection || c == NULL) // If no channel selected fallback to current one c = ClientUser::get(g.uiSession)->cChannel; - qteChat->setDefaultText(tr("<center>Type message to channel '%1' here</center>").arg(c->qsName)); + qteChat->setDefaultText(tr("<center>Type message to channel '%1' here</center>").arg(Qt::escape(c->qsName))); } else { // User target - qteChat->setDefaultText(tr("<center>Type message to user '%1' here</center>").arg(p->qsName)); + qteChat->setDefaultText(tr("<center>Type message to user '%1' here</center>").arg(Qt::escape(p->qsName))); } updateMenuPermissions(); @@ -2743,7 +2744,7 @@ if (g.s.qsImagePath.isEmpty() || ! QDir::root().exists(g.s.qsImagePath)) g.s.qsImagePath = QDesktopServices::storageLocation(QDesktopServices::PicturesLocation); - QString fname = QFileDialog::getOpenFileName(this, tr("Choose image file"), g.s.qsImagePath, tr("Images (*.png *.jpg *.jpeg *.svg)")); + QString fname = QFileDialog::getOpenFileName(this, tr("Choose image file"), g.s.qsImagePath, tr("Images (*.png *.jpg *.jpeg)")); if (fname.isNull()) return retval; @@ -2763,7 +2764,17 @@ QBuffer qb(&qba); qb.open(QIODevice::ReadOnly); - QImageReader qir(&qb, fi.suffix().toUtf8()); + QImageReader qir; + qir.setAutoDetectImageFormat(false); + + QByteArray fmt; + if (!RichTextImage::isValidImage(qba, fmt)) { + QMessageBox::warning(this, tr("Failed to load image"), tr("Image format not recognized.")); + return retval; + } + + qir.setFormat(fmt); + qir.setDevice(&qb); QImage img = qir.read(); if (img.isNull()) { diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/mumble-1.2.5/src/mumble/Messages.cpp new/mumble-1.2.6/src/mumble/Messages.cpp --- old/mumble-1.2.5/src/mumble/Messages.cpp 2014-02-01 00:01:49.000000000 +0100 +++ new/mumble-1.2.6/src/mumble/Messages.cpp 2014-05-14 20:01:46.000000000 +0200 @@ -88,7 +88,7 @@ void MainWindow::msgReject(const MumbleProto::Reject &msg) { rtLast = msg.type(); - QString reason(u8(msg.reason()));; + QString reason; switch (rtLast) { case MumbleProto::Reject_RejectType_InvalidUsername: @@ -104,6 +104,7 @@ reason = tr("Wrong password"); break; default: + reason = Qt::escape(u8(msg.reason())); break; } @@ -150,7 +151,7 @@ ClientUser *p=ClientUser::get(g.uiSession); connect(p, SIGNAL(talkingChanged()), this, SLOT(talkingChanged())); - qstiIcon->setToolTip(tr("Mumble: %1").arg(Channel::get(0)->qsName)); + qstiIcon->setToolTip(tr("Mumble: %1").arg(Qt::escape(Channel::get(0)->qsName))); // Update QActions and menues on_qmServer_aboutToShow(); @@ -214,7 +215,7 @@ g.s.bTTS = true; quint32 oflags = g.s.qmMessages.value(Log::PermissionDenied); g.s.qmMessages[Log::PermissionDenied] = (oflags | Settings::LogTTS) & (~Settings::LogSoundfile); - g.l->log(Log::PermissionDenied, QString::fromAscii(g.ccHappyEaster + 39).arg(u)); + g.l->log(Log::PermissionDenied, QString::fromAscii(g.ccHappyEaster + 39).arg(Qt::escape(u))); g.s.qmMessages[Log::PermissionDenied] = oflags; g.s.bDeaf = bold; g.s.bTTS = bold2; @@ -239,7 +240,7 @@ break; case MumbleProto::PermissionDenied_DenyType_UserName: { if (msg.has_name()) - g.l->log(Log::PermissionDenied, tr("Invalid username: %1.").arg(u8(msg.name()))); + g.l->log(Log::PermissionDenied, tr("Invalid username: %1.").arg(Qt::escape(u8(msg.name())))); else g.l->log(Log::PermissionDenied, tr("Invalid username.")); } @@ -254,7 +255,7 @@ break; default: { if (msg.has_reason()) - g.l->log(Log::PermissionDenied, tr("Denied: %1.").arg(u8(msg.reason()))); + g.l->log(Log::PermissionDenied, tr("Denied: %1.").arg(Qt::escape(u8(msg.reason())))); else g.l->log(Log::PermissionDenied, tr("Permission denied.")); } @@ -503,7 +504,7 @@ ACTOR_INIT; SELF_INIT; - QString reason = u8(msg.reason()); + QString reason = Qt::escape(u8(msg.reason())); if (pDst == pSelf) { if (msg.ban()) diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/mumble-1.2.5/src/mumble/Overlay.cpp new/mumble-1.2.6/src/mumble/Overlay.cpp --- old/mumble-1.2.5/src/mumble/Overlay.cpp 2014-02-01 00:01:49.000000000 +0100 +++ new/mumble-1.2.6/src/mumble/Overlay.cpp 2014-05-14 20:01:46.000000000 +0200 @@ -40,6 +40,7 @@ #include "MainWindow.h" #include "Message.h" #include "OverlayText.h" +#include "RichTextEditor.h" #include "ServerHandler.h" #include "User.h" #include "WebFetch.h" @@ -101,7 +102,7 @@ #endif if (! qlsServer->listen(pipepath)) { - QMessageBox::warning(NULL, QLatin1String("Mumble"), tr("Failed to create communication with overlay at %2: %1. No overlay will be available.").arg(qlsServer->errorString(),pipepath), QMessageBox::Ok, QMessageBox::NoButton); + QMessageBox::warning(NULL, QLatin1String("Mumble"), tr("Failed to create communication with overlay at %2: %1. No overlay will be available.").arg(Qt::escape(qlsServer->errorString()), Qt::escape(pipepath)), QMessageBox::Ok, QMessageBox::NoButton); } else { qWarning() << "Overlay: Listening on" << qlsServer->fullServerName(); connect(qlsServer, SIGNAL(newConnection()), this, SLOT(newConnection())); @@ -272,15 +273,21 @@ qb.open(QIODevice::ReadOnly); QImageReader qir; - if (cp->qbaTexture.startsWith("<?xml")) - qir.setFormat("svg"); - qir.setDevice(&qb); - if (! qir.canRead() || (qir.size().width() > 1024) || (qir.size().height() > 1024)) { - valid = false; + qir.setAutoDetectImageFormat(false); + + QByteArray fmt; + if (RichTextImage::isValidImage(cp->qbaTexture, fmt)) { + qir.setFormat(fmt); + qir.setDevice(&qb); + if (! qir.canRead() || (qir.size().width() > 1024) || (qir.size().height() > 1024)) { + valid = false; + } else { + cp->qbaTextureFormat = qir.format(); + QImage qi = qir.read(); + valid = ! qi.isNull(); + } } else { - cp->qbaTextureFormat = qir.format(); - QImage qi = qir.read(); - valid = ! qi.isNull(); + valid = false; } } if (! valid) { @@ -331,4 +338,4 @@ else verifyTexture(cu, false); } -} \ No newline at end of file +} diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/mumble-1.2.5/src/mumble/Plugins.cpp new/mumble-1.2.6/src/mumble/Plugins.cpp --- old/mumble-1.2.5/src/mumble/Plugins.cpp 2014-02-01 00:01:49.000000000 +0100 +++ new/mumble-1.2.6/src/mumble/Plugins.cpp 2014-05-14 20:01:46.000000000 +0200 @@ -165,7 +165,7 @@ i->setCheckState(1, pi->enabled ? Qt::Checked : Qt::Unchecked); i->setText(0, pi->description); if (pi->p->longdesc) - i->setToolTip(0, QString::fromStdWString(pi->p->longdesc())); + i->setToolTip(0, Qt::escape(QString::fromStdWString(pi->p->longdesc()))); i->setData(0, Qt::UserRole, pi->filename); } qtwPlugins->setCurrentItem(qtwPlugins->topLevelItem(0)); @@ -381,7 +381,7 @@ QReadLocker lock(&qrwlPlugins); if (prevlocked) { - g.l->log(Log::Information, tr("%1 lost link.").arg(prevlocked->shortname)); + g.l->log(Log::Information, tr("%1 lost link.").arg(Qt::escape(prevlocked->shortname))); prevlocked = NULL; } @@ -455,7 +455,7 @@ if (pi->enabled) { if (pi->p2 ? pi->p2->trylock(pids) : pi->p->trylock()) { pi->shortname = QString::fromStdWString(pi->p->shortname); - g.l->log(Log::Information, tr("%1 linked.").arg(pi->shortname)); + g.l->log(Log::Information, tr("%1 linked.").arg(Qt::escape(pi->shortname))); pi->locked = true; bUnlink = false; locked = pi; @@ -630,15 +630,15 @@ if (f.open(QIODevice::WriteOnly)) { f.write(data); f.close(); - g.mw->msgBox(tr("Downloaded new or updated plugin to %1.").arg(f.fileName())); + g.mw->msgBox(tr("Downloaded new or updated plugin to %1.").arg(Qt::escape(f.fileName()))); } else { f.setFileName(qsUserPlugins + QLatin1String("/") + fname); if (f.open(QIODevice::WriteOnly)) { f.write(data); f.close(); - g.mw->msgBox(tr("Downloaded new or updated plugin to %1.").arg(f.fileName())); + g.mw->msgBox(tr("Downloaded new or updated plugin to %1.").arg(Qt::escape(f.fileName()))); } else { - g.mw->msgBox(tr("Failed to install new plugin to %1.").arg(f.fileName())); + g.mw->msgBox(tr("Failed to install new plugin to %1.").arg(Qt::escape(f.fileName()))); } } diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/mumble-1.2.5/src/mumble/RichTextEditor.cpp new/mumble-1.2.6/src/mumble/RichTextEditor.cpp --- old/mumble-1.2.5/src/mumble/RichTextEditor.cpp 2014-02-01 00:01:49.000000000 +0100 +++ new/mumble-1.2.6/src/mumble/RichTextEditor.cpp 2014-05-14 20:01:46.000000000 +0200 @@ -37,6 +37,8 @@ #include "MainWindow.h" RichTextHtmlEdit::RichTextHtmlEdit(QWidget *p) : QTextEdit(p) { + m_document = new LogDocument(this); + setDocument(m_document); } /* On nix, some programs send utf8, some send wchar_t. Some zeroterminate once, some twice, some not at all. @@ -627,3 +629,20 @@ bChanged = false; return qptePlainText->toPlainText(); } + +bool RichTextImage::isValidImage(const QByteArray &ba, QByteArray &fmt) { + QBuffer qb; + qb.setData(ba); + if (!qb.open(QIODevice::ReadOnly)) { + return false; + } + + QByteArray detectedFormat = QImageReader::imageFormat(&qb).toLower(); + if (detectedFormat == QByteArray("png") || detectedFormat == QByteArray("jpg") + || detectedFormat == QByteArray("jpeg") || detectedFormat == QByteArray("gif")) { + fmt = detectedFormat; + return true; + } + + return false; +} diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/mumble-1.2.5/src/mumble/RichTextEditor.h new/mumble-1.2.6/src/mumble/RichTextEditor.h --- old/mumble-1.2.5/src/mumble/RichTextEditor.h 2014-02-01 00:01:49.000000000 +0100 +++ new/mumble-1.2.6/src/mumble/RichTextEditor.h 2014-05-14 20:01:46.000000000 +0200 @@ -33,6 +33,8 @@ #include <QtGui/QTextEdit> +class LogDocument; + class RichTextHtmlEdit : public QTextEdit { private: Q_OBJECT @@ -41,6 +43,8 @@ void insertFromMimeData(const QMimeData *source); public: RichTextHtmlEdit(QWidget *p); + private: + LogDocument *m_document; }; #include "ui_RichTextEditor.h" @@ -89,4 +93,9 @@ void onCurrentChanged(int); }; +class RichTextImage { + public: + static bool isValidImage(const QByteArray &buf, QByteArray &fmt); +}; + #endif diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/mumble-1.2.5/src/mumble/ServerHandler.cpp new/mumble-1.2.6/src/mumble/ServerHandler.cpp --- old/mumble-1.2.5/src/mumble/ServerHandler.cpp 2014-02-01 00:01:49.000000000 +0100 +++ new/mumble-1.2.6/src/mumble/ServerHandler.cpp 2014-05-14 20:01:46.000000000 +0200 @@ -43,6 +43,7 @@ #include "NetworkConfig.h" #include "OSInfo.h" #include "PacketDataStream.h" +#include "RichTextEditor.h" #include "SSL.h" #include "User.h" @@ -679,11 +680,19 @@ texture = qba; } else { QByteArray raw = qba; + QBuffer qb(& raw); qb.open(QIODevice::ReadOnly); + QImageReader qir; - if (qba.startsWith("<?xml")) - qir.setFormat("svg"); + qir.setDecideFormatFromContent(false); + + QByteArray fmt; + if (!RichTextImage::isValidImage(qba, fmt)) { + return; + } + + qir.setFormat(fmt); qir.setDevice(&qb); QSize sz = qir.size(); diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/mumble-1.2.5/src/mumble/VersionCheck.cpp new/mumble-1.2.6/src/mumble/VersionCheck.cpp --- old/mumble-1.2.5/src/mumble/VersionCheck.cpp 2014-02-01 00:01:49.000000000 +0100 +++ new/mumble-1.2.6/src/mumble/VersionCheck.cpp 2014-05-14 20:01:46.000000000 +0200 @@ -169,7 +169,7 @@ file.remove(); } } else { - g.mw->msgBox(tr("Downloading new snapshot from %1 to %2").arg(fetch.toString(), filename)); + g.mw->msgBox(tr("Downloading new snapshot from %1 to %2").arg(Qt::escape(fetch.toString()), Qt::escape(filename))); WebFetch::fetch(fetch, this, SLOT(fetched(QByteArray,QUrl))); return; } diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/mumble-1.2.5/src/mumble/mumble.plist new/mumble-1.2.6/src/mumble/mumble.plist --- old/mumble-1.2.5/src/mumble/mumble.plist 2014-02-01 00:01:49.000000000 +0100 +++ new/mumble-1.2.6/src/mumble/mumble.plist 2014-05-14 20:01:46.000000000 +0200 @@ -26,7 +26,7 @@ </dict> </array> <key>CFBundleVersion</key> - <string>1.2.5</string> + <string>1.2.6</string> <key>NSHumanReadableCopyright</key> <string>Copyright (c) 2005-2010 Thorvald Natvig <[email protected]></string> </dict> diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/mumble-1.2.5/src/mumble/mumble.rc new/mumble-1.2.6/src/mumble/mumble.rc --- old/mumble-1.2.5/src/mumble/mumble.rc 2014-02-01 00:01:49.000000000 +0100 +++ new/mumble-1.2.6/src/mumble/mumble.rc 2014-05-14 20:01:46.000000000 +0200 @@ -15,8 +15,8 @@ #endif VS_VERSION_INFO VERSIONINFO - FILEVERSION 1,2,5,0 - PRODUCTVERSION 1,2,5,0 + FILEVERSION 1,2,6,0 + PRODUCTVERSION 1,2,6,0 FILEFLAGSMASK VS_FFI_FILEFLAGSMASK FILEFLAGS (VER_DEBUG|VER_RELEASE) FILEOS VOS_NT_WINDOWS32 @@ -29,8 +29,8 @@ BEGIN VALUE "CompanyName", "Thorvald Natvig" VALUE "FileDescription", "Mumble - Low-latency VoIP client" - VALUE "FileVersion", "1.2.5" - VALUE "ProductVersion", "1.2.5" + VALUE "FileVersion", "1.2.6" + VALUE "ProductVersion", "1.2.6" VALUE "LegalCopyright", "Copyright (C) 2005-2011, Thorvald Natvig <[email protected]>" VALUE "OriginalFilename", "mumble.exe" VALUE "ProductName", "Mumble" diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/mumble-1.2.5/src/mumble.pri new/mumble-1.2.6/src/mumble.pri --- old/mumble-1.2.5/src/mumble.pri 2014-02-01 00:01:49.000000000 +0100 +++ new/mumble-1.2.6/src/mumble.pri 2014-05-14 20:01:46.000000000 +0200 @@ -1,6 +1,6 @@ include(../compiler.pri) -VERSION = 1.2.5 +VERSION = 1.2.6 DIST = mumble.pri Message.h PacketDataStream.h CryptState.h Timer.h Version.h OSInfo.h SSL.h Mumble.proto CONFIG += qt thread debug_and_release warn_on DEFINES *= MUMBLE_VERSION_STRING=$$VERSION diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/mumble-1.2.5/src/murmur/murmur.plist new/mumble-1.2.6/src/murmur/murmur.plist --- old/mumble-1.2.5/src/murmur/murmur.plist 2014-02-01 00:01:49.000000000 +0100 +++ new/mumble-1.2.6/src/murmur/murmur.plist 2014-05-14 20:01:47.000000000 +0200 @@ -13,7 +13,7 @@ <key>CFBundleSignature</key> <string>MMUR</string> <key>CFBundleVersion</key> - <string>1.2.5</string> + <string>1.2.6</string> <key>NSHumanReadableCopyright</key> <string>Copyright (c) 2005-2010 Thorvald Natvig <[email protected]></string> </dict> diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/mumble-1.2.5/src/murmur/murmur.rc new/mumble-1.2.6/src/murmur/murmur.rc --- old/mumble-1.2.5/src/murmur/murmur.rc 2014-02-01 00:01:49.000000000 +0100 +++ new/mumble-1.2.6/src/murmur/murmur.rc 2014-05-14 20:01:47.000000000 +0200 @@ -15,8 +15,8 @@ #endif VS_VERSION_INFO VERSIONINFO - FILEVERSION 1,2,5,0 - PRODUCTVERSION 1,2,5,0 + FILEVERSION 1,2,6,0 + PRODUCTVERSION 1,2,6,0 FILEFLAGSMASK VS_FFI_FILEFLAGSMASK FILEFLAGS (VER_DEBUG|VER_RELEASE) FILEOS VOS_NT_WINDOWS32 @@ -29,8 +29,8 @@ BEGIN VALUE "CompanyName", "Thorvald Natvig" VALUE "FileDescription", "Murmur - Low-latency VoIP server" - VALUE "FileVersion", "1.2.5" - VALUE "ProductVersion", "1.2.5" + VALUE "FileVersion", "1.2.6" + VALUE "ProductVersion", "1.2.6" VALUE "LegalCopyright", "Copyright (C) 2005-2011, Thorvald Natvig <[email protected]>" VALUE "OriginalFilename", "murmur.exe" VALUE "ProductName", "Mumble" -- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
