rpms/qt5-qtbase
7
0
Fork 0
Code Issues Pull Requests Releases Activity
e7496ce04f
qt5-qtbase/CVE-2023-32762-qtbase-5.15.patch
Jan Grulich b347b50161 Fix specific overflow in qtextlayout 
Fix incorrect parsing of the strict-transport-security (HSTS) header
Fix buffer over-read via a crafted reply from a DNS server
Resolves: bz#2209492
2023-05-24 12:48:45 +02:00

14 lines
627 B
Diff
Raw Blame History

--- a/src/network/access/qhsts.cpp
+++ b/src/network/access/qhsts.cpp
@@ -364,8 +364,8 @@ quoted-pair = "\" CHAR
bool QHstsHeaderParser::parse(const QList<QPair<QByteArray, QByteArray>> &headers)
{
for (const auto &h : headers) {
- // We use '==' since header name was already 'trimmed' for us:
- if (h.first == "Strict-Transport-Security") {
+ // We compare directly because header name was already 'trimmed' for us:
+ if (h.first.compare("Strict-Transport-Security", Qt::CaseInsensitive) == 0) {
header = h.second;
// RFC6797, 8.1:
//
Reference in New Issue View Git Blame Copy Permalink