diff options
| author | Allan Sandfeld Jensen <allan.jensen@qt.io> | 2019-02-13 11:11:47 +0100 |
|---|---|---|
| committer | Allan Sandfeld Jensen <allan.jensen@qt.io> | 2019-02-13 12:02:27 +0000 |
| commit | 5ee5529dea3a01ed4cfcabc7fecadf34c39dcca0 (patch) | |
| tree | cff86714637f6e80de0c985e5c7f13dff74a483e /chromium | |
| parent | 42b4075a690d594876a71f0a835e83ee50c10500 (diff) | |
| download | qtwebengine-chromium-5ee5529dea3a01ed4cfcabc7fecadf34c39dcca0.tar.gz | |
[Backport] Fix for CVE-2019-5781
Map U+0A24 to '3' in the list of IDN confusables.
Unicode character U+0A24 is easily confused with a '3'. This CL adds
this character to the list of confusable characters to use when
determining whether to render IDNs as punycode instead of their unicode
representation.
R=tommycli@chromium.org
Bug: 896725
Change-Id: Ieaa38b5977b9afb454e672461722f3c8be9a2a2c
Reviewed-on: https://chromium-review.googlesource.com/c/1297638
Reviewed-by: Tommy Li <tommycli@chromium.org>
Commit-Queue: Joe DeBlasio <jdeblasio@chromium.org>
Cr-Commit-Position: refs/heads/master@{#602383}
Reviewed-by: Michael Brüning <michael.bruning@qt.io>
Diffstat (limited to 'chromium')
| -rw-r--r-- | chromium/components/url_formatter/idn_spoof_checker.cc | 4 | ||||
| -rw-r--r-- | chromium/components/url_formatter/url_formatter_unittest.cc | 5 |
2 files changed, 7 insertions, 2 deletions
diff --git a/chromium/components/url_formatter/idn_spoof_checker.cc b/chromium/components/url_formatter/idn_spoof_checker.cc index 2931767e4b1..bf6d5c788a6 100644 --- a/chromium/components/url_formatter/idn_spoof_checker.cc +++ b/chromium/components/url_formatter/idn_spoof_checker.cc @@ -238,7 +238,7 @@ IDNSpoofChecker::IDNSpoofChecker() { // - {U+0968 (२), U+09E8 (২), U+0A68 (੨), U+0A68 (੨), U+0AE8 (૨), // U+0ce9 (೩), U+0ced (೭)} => 2, // - {U+0437 (з), U+0499 (ҙ), U+04E1 (ӡ), U+0909 (उ), U+0993 (ও), - // U+0A69 (੩), U+0AE9 (૩), U+0C69 (౩), + // U+0A24 (ਤ), U+0A69 (੩), U+0AE9 (૩), U+0C69 (౩), // U+1012 (ဒ), U+10D5 (ვ), U+10DE (პ)} => 3 // - {U+0A6B (੫)} => 4, // - {U+09EA (৪), U+0A6A (੪), U+0b6b (୫)} => 8, @@ -256,7 +256,7 @@ IDNSpoofChecker::IDNSpoofChecker() { "[৭੧૧] > q;" "[บບ] > u;" "[२২੨੨૨೩೭] > 2;" - "[зҙӡउও੩૩౩ဒვპ] > 3;" + "[зҙӡउওਤ੩૩౩ဒვპ] > 3;" "[੫] > 4;" "[৪੪୫] > 8;" "[૭୨౨] > 9;" diff --git a/chromium/components/url_formatter/url_formatter_unittest.cc b/chromium/components/url_formatter/url_formatter_unittest.cc index 012d0f02cb1..3a197c0b2b4 100644 --- a/chromium/components/url_formatter/url_formatter_unittest.cc +++ b/chromium/components/url_formatter/url_formatter_unittest.cc @@ -593,6 +593,11 @@ const IDNTestCase idn_cases[] = { L"12\u0993" L"4567890.com", false}, + // 12ਤ4567890.com + {"xn--124567890-hfu.com", + L"12\u0a24" + L"4567890.com", + false}, // 12ဒ4567890.com {"xn--124567890-6s6a.com", L"12\x1012" |