summaryrefslogtreecommitdiff
path: root/dev-qt/qtgui
diff options
context:
space:
mode:
authorAlex Xu (Hello71) <alex_y_xu@yahoo.ca>2020-08-22 15:07:10 -0400
committerAlex Xu (Hello71) <alex_y_xu@yahoo.ca>2020-08-22 15:07:39 -0400
commitf9e1ca249f181a3cf02a78ee5f82d011a6a24553 (patch)
tree3ae48b35e6604f8e1d5f3e1a4503911aa605368d /dev-qt/qtgui
parente80014a73b446b030c87462b2be82221a15da70c (diff)
downloadgentoo-overlay-f9e1ca249f181a3cf02a78ee5f82d011a6a24553.tar.xz
gentoo-overlay-f9e1ca249f181a3cf02a78ee5f82d011a6a24553.zip
dev-qt/qtgui: sync
Diffstat (limited to 'dev-qt/qtgui')
-rw-r--r--dev-qt/qtgui/files/qtgui-5.14.2-CVE-2020-17507.patch39
-rw-r--r--dev-qt/qtgui/qtgui-5.14.2-r2.ebuild (renamed from dev-qt/qtgui/qtgui-5.14.2.ebuild)3
-rw-r--r--dev-qt/qtgui/qtgui-5.15.0-r2.ebuild (renamed from dev-qt/qtgui/qtgui-5.15.0.ebuild)3
3 files changed, 43 insertions, 2 deletions
diff --git a/dev-qt/qtgui/files/qtgui-5.14.2-CVE-2020-17507.patch b/dev-qt/qtgui/files/qtgui-5.14.2-CVE-2020-17507.patch
new file mode 100644
index 0000000..cad9aa4
--- /dev/null
+++ b/dev-qt/qtgui/files/qtgui-5.14.2-CVE-2020-17507.patch
@@ -0,0 +1,39 @@
+From 1616c71921b73b227f56ccb3f2c49a994ec23440 Mon Sep 17 00:00:00 2001
+From: Allan Sandfeld Jensen <allan.jensen@qt.io>
+Date: Thu, 23 Jul 2020 11:48:48 +0200
+Subject: Fix buffer overflow in XBM parser
+
+Avoid parsing over the buffer limit, or interpreting non-hex
+as hex.
+
+This still leaves parsing of lines longer than 300 chars
+unreliable
+
+Change-Id: I1c57a7e530c4380f6f9040b2ec729ccd7dc7a5fb
+Reviewed-by: Robert Loehning <robert.loehning@qt.io>
+Reviewed-by: Eirik Aavitsland <eirik.aavitsland@qt.io>
+(cherry picked from commit c562c1fc19629fb505acd0f6380604840b634211)
+Reviewed-by: Qt Cherry-pick Bot <cherrypick_bot@qt-project.org>
+---
+ src/gui/image/qxbmhandler.cpp | 4 ++-
+ .../gui/image/qimagereader/tst_qimagereader.cpp | 38 ++++++++++++++++++++++
+ 2 files changed, 41 insertions(+), 1 deletion(-)
+
+diff --git a/src/gui/image/qxbmhandler.cpp b/src/gui/image/qxbmhandler.cpp
+index f06561690c..72ce7f7ecd 100644
+--- a/src/gui/image/qxbmhandler.cpp
++++ b/src/gui/image/qxbmhandler.cpp
+@@ -159,7 +159,9 @@ static bool read_xbm_body(QIODevice *device, int w, int h, QImage *outImage)
+ w = (w+7)/8; // byte width
+
+ while (y < h) { // for all encoded bytes...
+- if (p) { // p = "0x.."
++ if (p && p < (buf + readBytes - 3)) { // p = "0x.."
++ if (!isxdigit(p[2]) || !isxdigit(p[3]))
++ return false;
+ *b++ = hex2byte(p+2);
+ p += 2;
+ if (++x == w && ++y < h) {
+--
+cgit v1.2.1
+
diff --git a/dev-qt/qtgui/qtgui-5.14.2.ebuild b/dev-qt/qtgui/qtgui-5.14.2-r2.ebuild
index b63ad0f..a6063bd 100644
--- a/dev-qt/qtgui/qtgui-5.14.2.ebuild
+++ b/dev-qt/qtgui/qtgui-5.14.2-r2.ebuild
@@ -10,7 +10,7 @@ DESCRIPTION="The GUI module and platform plugins for the Qt5 framework"
SLOT=5/$(ver_cut 1-3) # bug 707658
if [[ ${QT5_BUILD_TYPE} == release ]]; then
- KEYWORDS="amd64 arm arm64 ~hppa ppc ppc64 ~sparc x86"
+ KEYWORDS="~amd64 ~arm ~arm64 ~hppa ~ppc ~ppc64 ~sparc ~x86"
fi
# TODO: linuxfb
@@ -130,6 +130,7 @@ QT5_GENTOO_PRIVATE_CONFIG=(
PATCHES=(
"${FILESDIR}/qt-5.12-gcc-avx2.patch" # bug 672946
"${FILESDIR}/${PN}-5.14.1-cmake-macro-backward-compat.patch" # bug 703306
+ "${FILESDIR}/${PN}-5.14.2-CVE-2020-17507.patch" # bug 736924
)
src_prepare() {
diff --git a/dev-qt/qtgui/qtgui-5.15.0.ebuild b/dev-qt/qtgui/qtgui-5.15.0-r2.ebuild
index 5a4acb2..18d85fe 100644
--- a/dev-qt/qtgui/qtgui-5.15.0.ebuild
+++ b/dev-qt/qtgui/qtgui-5.15.0-r2.ebuild
@@ -33,7 +33,6 @@ RDEPEND="
>=media-libs/freetype-2.6.1:2
>=media-libs/harfbuzz-1.6.0:=
sys-libs/zlib:=
- virtual/opengl
dbus? ( ~dev-qt/qtdbus-${PV} )
egl? ( media-libs/mesa[egl] )
eglfs? (
@@ -42,6 +41,7 @@ RDEPEND="
)
evdev? ( sys-libs/mtdev )
gles2-only? ( media-libs/mesa[gles2] )
+ !gles2-only? ( virtual/opengl )
jpeg? ( virtual/jpeg:0 )
libinput? (
dev-libs/libinput:=
@@ -130,6 +130,7 @@ QT5_GENTOO_PRIVATE_CONFIG=(
PATCHES=(
"${FILESDIR}/qt-5.12-gcc-avx2.patch" # bug 672946
"${FILESDIR}/${PN}-5.14.1-cmake-macro-backward-compat.patch" # bug 703306
+ "${FILESDIR}/${PN}-5.14.2-CVE-2020-17507.patch" # bug 736924
)
src_prepare() {