libreoffice/SOURCES/CVE-2019-9852.patch

From 3a827091172b9ce3982323b838ed55d896d585d4 Mon Sep 17 00:00:00 2001
From: Stephan Bergmann <sbergman@redhat.com>
Date: Sat, 3 Aug 2019 16:37:48 +0100
Subject: [PATCH 3/3] keep name percent-encoded
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Change-Id: I470c4b24192c3e3c9b556a9bbb3b084359e0033b
Reviewed-on: https://gerrit.libreoffice.org/77006
Tested-by: Jenkins
Reviewed-by: Caolán McNamara <caolanm@redhat.com>
Tested-by: Caolán McNamara <caolanm@redhat.com>
(cherry picked from commit 315c51731384230194af26b86a976bf5d06c9dcc)
Reviewed-on: https://gerrit.libreoffice.org/77090
Reviewed-by: Thorsten Behrens <Thorsten.Behrens@CIB.de>
Tested-by: Thorsten Behrens <Thorsten.Behrens@CIB.de>
---
 scripting/source/pyprov/pythonscript.py | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/scripting/source/pyprov/pythonscript.py b/scripting/source/pyprov/pythonscript.py
index f1b2bfc75ee3..64e1337d642e 100644
--- a/scripting/source/pyprov/pythonscript.py
+++ b/scripting/source/pyprov/pythonscript.py
@@ -219,7 +219,9 @@ class MyUriHelper:
 
             # path to the .py file + "$functionname, arguments, etc
             xStorageUri = self.m_uriRefFac.parse(scriptURI)
-            sStorageUri = xStorageUri.getName().replace( "|", "/" );
+            # getName will apply url-decoding to the name, so encode back
+            sStorageUri = xStorageUri.getName().replace("%", "%25")
+            sStorageUri = sStorageUri.replace( "|", "/" )
 
             # path to the .py file, relative to the base
             sFileUri = sStorageUri[0:sStorageUri.find("$")]
-- 
2.21.0