summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorAndreas Sturmlechner <asturm@gentoo.org>2023-05-06 20:17:56 +0200
committerAndreas Sturmlechner <asturm@gentoo.org>2023-05-06 20:17:56 +0200
commit9ef3c826d27668a617a0ccc9a24d50b48fd37730 (patch)
tree043c2fabc067025c86bafe697c32ffb0522614a8 /dev-qt/qtsvg
parentmedia-video/subtitlecomposer: drop 0.7.1 (diff)
downloadgentoo-9ef3c826d27668a617a0ccc9a24d50b48fd37730.tar.gz
gentoo-9ef3c826d27668a617a0ccc9a24d50b48fd37730.tar.bz2
gentoo-9ef3c826d27668a617a0ccc9a24d50b48fd37730.zip
dev-qt/qtsvg: QSvgFont: Initialize used member, remove unused
"Fixed undefined behavior from using uninitialized variable." Signed-off-by: Andreas Sturmlechner <asturm@gentoo.org>
Diffstat (limited to 'dev-qt/qtsvg')
-rw-r--r--dev-qt/qtsvg/files/qtsvg-5.15.9-fix-ub-ossfuzz-22618.patch59
-rw-r--r--dev-qt/qtsvg/qtsvg-5.15.9-r1.ebuild27
2 files changed, 86 insertions, 0 deletions
diff --git a/dev-qt/qtsvg/files/qtsvg-5.15.9-fix-ub-ossfuzz-22618.patch b/dev-qt/qtsvg/files/qtsvg-5.15.9-fix-ub-ossfuzz-22618.patch
new file mode 100644
index 000000000000..adc43d7c3fba
--- /dev/null
+++ b/dev-qt/qtsvg/files/qtsvg-5.15.9-fix-ub-ossfuzz-22618.patch
@@ -0,0 +1,59 @@
+From 837b5163e17edbd3a9f098e9a1ab73febab419b4 Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Robert=20L=C3=B6hning?= <robert.loehning@qt.io>
+Date: Mon, 24 Apr 2023 15:27:17 +0200
+Subject: [PATCH] QSvgFont: Initialize used member, remove unused
+
+Credit to OSS-Fuzz
+
+[ChangeLog][QtSvg] Fixed undefined behavior from using uninitialized
+variable.
+
+Pick-to: 6.5 6.2 5.15
+Coverity-Id: 22618
+Change-Id: Id52277bb0e2845f4d342e187dbb8093e9276b70c
+Reviewed-by: Eskil Abrahamsen Blomfeldt <eskil.abrahamsen-blomfeldt@qt.io>
+(cherry picked from commit ff22c3ccf8ccf813fdcfda23f7740ba73ba5ce0a)
+---
+ src/svg/qsvgfont_p.h | 5 ++---
+ src/svg/qsvghandler.cpp | 2 +-
+ 2 files changed, 3 insertions(+), 4 deletions(-)
+
+diff --git a/src/svg/qsvgfont_p.h b/src/svg/qsvgfont_p.h
+index fd0a3fab..fcffbe85 100644
+--- a/src/svg/qsvgfont_p.h
++++ b/src/svg/qsvgfont_p.h
+@@ -74,6 +74,7 @@ public:
+ class Q_SVG_PRIVATE_EXPORT QSvgFont : public QSvgRefCounted
+ {
+ public:
++ static constexpr qreal DEFAULT_UNITS_PER_EM = 1000;
+ QSvgFont(qreal horizAdvX);
+
+ void setFamilyName(const QString &name);
+@@ -86,9 +87,7 @@ public:
+ void draw(QPainter *p, const QPointF &point, const QString &str, qreal pixelSize, Qt::Alignment alignment) const;
+ public:
+ QString m_familyName;
+- qreal m_unitsPerEm;
+- qreal m_ascent;
+- qreal m_descent;
++ qreal m_unitsPerEm = DEFAULT_UNITS_PER_EM;
+ qreal m_horizAdvX;
+ QHash<QChar, QSvgGlyph> m_glyphs;
+ };
+diff --git a/src/svg/qsvghandler.cpp b/src/svg/qsvghandler.cpp
+index 8dda5632..222b6d89 100644
+--- a/src/svg/qsvghandler.cpp
++++ b/src/svg/qsvghandler.cpp
+@@ -2671,7 +2671,7 @@ static bool parseFontFaceNode(QSvgStyleProperty *parent,
+
+ qreal unitsPerEm = toDouble(unitsPerEmStr);
+ if (!unitsPerEm)
+- unitsPerEm = 1000;
++ unitsPerEm = QSvgFont::DEFAULT_UNITS_PER_EM;
+
+ if (!name.isEmpty())
+ font->setFamilyName(name);
+--
+GitLab
+
diff --git a/dev-qt/qtsvg/qtsvg-5.15.9-r1.ebuild b/dev-qt/qtsvg/qtsvg-5.15.9-r1.ebuild
new file mode 100644
index 000000000000..96f2aa87d916
--- /dev/null
+++ b/dev-qt/qtsvg/qtsvg-5.15.9-r1.ebuild
@@ -0,0 +1,27 @@
+# Copyright 1999-2023 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=8
+
+if [[ ${PV} != *9999* ]]; then
+ QT5_KDEPATCHSET_REV=1
+ KEYWORDS="~amd64 ~arm ~arm64 ~hppa ~loong ~ppc ~ppc64 ~riscv ~sparc ~x86"
+fi
+
+inherit qt5-build
+
+DESCRIPTION="SVG rendering library for the Qt5 framework"
+
+IUSE=""
+
+RDEPEND="
+ =dev-qt/qtcore-${QT5_PV}*
+ =dev-qt/qtgui-${QT5_PV}*
+ =dev-qt/qtwidgets-${QT5_PV}*
+ sys-libs/zlib:=
+"
+DEPEND="${RDEPEND}
+ test? ( =dev-qt/qtxml-${QT5_PV}* )
+"
+
+PATCHES=( "${FILESDIR}/${P}-fix-ub-ossfuzz-22618.patch" )