diff options
author | Allan Sandfeld Jensen <allan.jensen@qt.io> | 2019-10-17 11:09:33 +0200 |
---|---|---|
committer | Allan Sandfeld Jensen <allan.jensen@qt.io> | 2019-10-21 08:12:54 +0000 |
commit | 32d77d99be3f461a13c393167d61e107c800a364 (patch) | |
tree | 9769cdd2b27f779452d214c785f6557fc1904282 | |
parent | 4f553e3a0c6270e66a64ec88f2212d4bc55742e8 (diff) | |
download | qtwebengine-chromium-32d77d99be3f461a13c393167d61e107c800a364.tar.gz |
[Backport] CVE-2019-13674
Added Georgian d to confusables mapping
Added Georgian d to mapping of frequently confused symbol
based on idn spoofing possibility of d4000.com
Bug: 896533
Change-Id: I2c308379ffa9d4b67923dee3d40700c0c733a696
Reviewed-by: Tommy Li <tommycli@chromium.org>
Reviewed-by: Mustafa Emre Acer <meacer@chromium.org>
Commit-Queue: Cynthia Liang <liangcyn@google.com>
Cr-Commit-Position: refs/heads/master@{#677585}
Reviewed-by: Michael Brüning <michael.bruning@qt.io>
4 files changed, 18 insertions, 5 deletions
diff --git a/chromium/components/url_formatter/idn_spoof_checker.cc b/chromium/components/url_formatter/idn_spoof_checker.cc index eba177be41b..6318a4165ef 100644 --- a/chromium/components/url_formatter/idn_spoof_checker.cc +++ b/chromium/components/url_formatter/idn_spoof_checker.cc @@ -199,8 +199,8 @@ IDNSpoofChecker::IDNSpoofChecker() { // - {U+0493 (ғ), U+04FB (ӻ)} => f // - {U+04AB (ҫ), U+1004 (င)} => c // - U+04B1 (ұ) => y - // - U+03C7 (χ), U+04B3 (ҳ), U+04FD (ӽ), U+04FF (ӿ) => x - // - U+0503 (ԃ) => d + // - {U+03C7 (χ), U+04B3 (ҳ), U+04FD (ӽ), U+04FF (ӿ)} => x + // - {U+0503 (ԃ), U+10EB (ძ)} => d // - {U+050D (ԍ), U+100c (ဌ)} => g // - {U+0D1F (ട), U+0E23 (ร), U+0EA3 (ຣ), U+0EAE (ຮ)} => s // - U+1042 (၂) => j @@ -224,7 +224,7 @@ IDNSpoofChecker::IDNSpoofChecker() { "[ŧтҭԏ] > t; [ƅьҍв] > b; [ωшщพฟພຟ] > w;" "[мӎ] > m; [єҽҿၔ] > e; ґ > r; [ғӻ] > f;" "[ҫင] > c; ұ > y; [χҳӽӿ] > x;" - "ԃ > d; [ԍဌ] > g; [ടรຣຮ] > s; ၂ > j;" + "[ԃძ] > d; [ԍဌ] > g; [ടรຣຮ] > s; ၂ > j;" "[०০੦૦ଠ୦೦] > o;" "[৭੧૧] > q;" "[บບ] > u;" @@ -232,8 +232,7 @@ IDNSpoofChecker::IDNSpoofChecker() { "[зҙӡउওਤ੩૩౩ဒვპ] > 3;" "[੫] > 4;" "[৪੪୫] > 8;" - "[૭୨౨] > 9;" - ), + "[૭୨౨] > 9;"), UTRANS_FORWARD, parse_error, status)); DCHECK(U_SUCCESS(status)) << "Spoofchecker initalization failed due to an error: " diff --git a/chromium/components/url_formatter/top_domains/test_domains.list b/chromium/components/url_formatter/top_domains/test_domains.list index 33a13ab49a1..b0b96dca31d 100644 --- a/chromium/components/url_formatter/top_domains/test_domains.list +++ b/chromium/components/url_formatter/top_domains/test_domains.list @@ -1,3 +1,4 @@ +d4000.com digklmo68.com digklmo68.co.uk islkpx123.com diff --git a/chromium/components/url_formatter/top_domains/test_domains.skeletons b/chromium/components/url_formatter/top_domains/test_domains.skeletons index b4c6cb41847..221316a3260 100644 --- a/chromium/components/url_formatter/top_domains/test_domains.skeletons +++ b/chromium/components/url_formatter/top_domains/test_domains.skeletons @@ -9,6 +9,7 @@ # Each entry is the skeleton of a top domain for the confusability check # in components/url_formatter/url_formatter.cc. +d4OOO.corn, d4000.com digklrno68.corn, digklmo68.com digklrno68.co.uk, digklmo68.co.uk islkpxl23.corn, islkpx123.com diff --git a/chromium/components/url_formatter/url_formatter_unittest.cc b/chromium/components/url_formatter/url_formatter_unittest.cc index 1a309905b4e..de4eed0bf0a 100644 --- a/chromium/components/url_formatter/url_formatter_unittest.cc +++ b/chromium/components/url_formatter/url_formatter_unittest.cc @@ -135,6 +135,13 @@ const IDNTestCase idn_cases[] = { {"xn---123-kbjl2j0bl2k.in", L"\x0939\x093f\x0928\x094d\x0926\x0940-123.in", true}, + // URL test with mostly numbers and one confusable character + // Georgian 'd' 4000.com + {"xn--4000-pfr.com", + L"\x10eb" + L"4000.com", + false}, + // What used to be 5 Aspirational scripts in the earlier versions of UAX 31. // UAX 31 does not define aspirational scripts any more. // See http://www.unicode.org/reports/tr31/#Aspirational_Use_Scripts . @@ -170,6 +177,11 @@ const IDNTestCase idn_cases[] = { {"xn--hllo-bpa7979ih5m.cn", L"h\x00e9llo\x4e2d\x56fd.cn", false}, // <Greek rho><Cyrillic a><Cyrillic u>.ru {"xn--2xa6t2b.ru", L"\x03c1\x0430\x0443.ru", false}, + // Georgian + Latin + {"xn--abcef-vuu.test", + L"abc\x10eb" + L"ef.test", + false}, // Hangul + Latin {"xn--han-eb9ll88m.kr", L"\xd55c\xae00han.kr", true}, // Hangul + Latin + Han with IDN ccTLD |