import qt5-qtbase-5.12.5-8.el8
This commit is contained in:
CentOS Sources
parent
1a866aae43
commit
fab01b4e2b
70
SOURCES/qtbase-fix-buffer-overflow-in-xbm-parser.patch
Normal file
70
SOURCES/qtbase-fix-buffer-overflow-in-xbm-parser.patch
Normal file
@ -0,0 +1,70 @@
|
|||||||
|
diff --git a/src/gui/image/qxbmhandler.cpp b/src/gui/image/qxbmhandler.cpp
|
||||||
|
index 7ba44049..8c4be4f0 100644
|
||||||
|
--- a/src/gui/image/qxbmhandler.cpp
|
||||||
|
+++ b/src/gui/image/qxbmhandler.cpp
|
||||||
|
@@ -158,7 +158,9 @@ static bool read_xbm_body(QIODevice *device, int w, int h, QImage *outImage)
|
||||||
|
w = (w+7)/8; // byte width
|
||||||
|
|
||||||
|
while (y < h) { // for all encoded bytes...
|
||||||
|
- if (p) { // p = "0x.."
|
||||||
|
+ if (p && p < (buf + readBytes - 3)) { // p = "0x.."
|
||||||
|
+ if (!isxdigit(p[2]) || !isxdigit(p[3]))
|
||||||
|
+ return false;
|
||||||
|
*b++ = hex2byte(p+2);
|
||||||
|
p += 2;
|
||||||
|
if (++x == w && ++y < h) {
|
||||||
|
diff --git a/tests/auto/gui/image/qimagereader/tst_qimagereader.cpp b/tests/auto/gui/image/qimagereader/tst_qimagereader.cpp
|
||||||
|
index 1eee2f27..f801f3cd 100644
|
||||||
|
--- a/tests/auto/gui/image/qimagereader/tst_qimagereader.cpp
|
||||||
|
+++ b/tests/auto/gui/image/qimagereader/tst_qimagereader.cpp
|
||||||
|
@@ -167,6 +167,8 @@ private slots:
|
||||||
|
void devicePixelRatio_data();
|
||||||
|
void devicePixelRatio();
|
||||||
|
|
||||||
|
+ void xbmBufferHandling();
|
||||||
|
+
|
||||||
|
private:
|
||||||
|
QString prefix;
|
||||||
|
QTemporaryDir m_temporaryDir;
|
||||||
|
@@ -2002,5 +2004,41 @@ void tst_QImageReader::devicePixelRatio()
|
||||||
|
QCOMPARE(img.devicePixelRatio(), dpr);
|
||||||
|
}
|
||||||
|
|
||||||
|
+void tst_QImageReader::xbmBufferHandling()
|
||||||
|
+{
|
||||||
|
+ uint8_t original_buffer[256];
|
||||||
|
+ for (int i = 0; i < 256; ++i)
|
||||||
|
+ original_buffer[i] = i;
|
||||||
|
+
|
||||||
|
+ QImage image(original_buffer, 256, 8, QImage::Format_MonoLSB);
|
||||||
|
+ image.setColorTable({0xff000000, 0xffffffff});
|
||||||
|
+
|
||||||
|
+ QByteArray buffer;
|
||||||
|
+ {
|
||||||
|
+ QBuffer buf(&buffer);
|
||||||
|
+ QImageWriter writer(&buf, "xbm");
|
||||||
|
+ writer.write(image);
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
+ QCOMPARE(QImage::fromData(buffer, "xbm"), image);
|
||||||
|
+
|
||||||
|
+ auto i = buffer.indexOf(',');
|
||||||
|
+ buffer.insert(i + 1, " ");
|
||||||
|
+ QCOMPARE(QImage::fromData(buffer, "xbm"), image);
|
||||||
|
+ buffer.insert(i + 1, " ");
|
||||||
|
+ QCOMPARE(QImage::fromData(buffer, "xbm"), image);
|
||||||
|
+ buffer.insert(i + 1, " ");
|
||||||
|
+#if 0 // Lines longer than 300 chars not supported currently
|
||||||
|
+ QCOMPARE(QImage::fromData(buffer, "xbm"), image);
|
||||||
|
+#endif
|
||||||
|
+
|
||||||
|
+ i = buffer.lastIndexOf("\n ");
|
||||||
|
+ buffer.truncate(i + 1);
|
||||||
|
+ buffer.append(QByteArray(297, ' '));
|
||||||
|
+ buffer.append("0x");
|
||||||
|
+ // Only check we get no buffer overflow
|
||||||
|
+ QImage::fromData(buffer, "xbm");
|
||||||
|
+}
|
||||||
|
+
|
||||||
|
QTEST_MAIN(tst_QImageReader)
|
||||||
|
#include "tst_qimagereader.moc"
|
||||||
@ -3,9 +3,7 @@
|
|||||||
%global multilib_basearchs x86_64 %{?mips64} ppc64 s390x sparc64
|
%global multilib_basearchs x86_64 %{?mips64} ppc64 s390x sparc64
|
||||||
|
|
||||||
# support openssl-1.1
|
# support openssl-1.1
|
||||||
%if 0%{?fedora} > 26
|
|
||||||
%global openssl11 1
|
%global openssl11 1
|
||||||
%endif
|
|
||||||
%global openssl -openssl-linked
|
%global openssl -openssl-linked
|
||||||
|
|
||||||
%global no_feature_statx -no-feature-statx
|
%global no_feature_statx -no-feature-statx
|
||||||
@ -42,7 +40,7 @@ BuildRequires: pkgconfig(libsystemd)
|
|||||||
Name: qt5-qtbase
|
Name: qt5-qtbase
|
||||||
Summary: Qt5 - QtBase components
|
Summary: Qt5 - QtBase components
|
||||||
Version: 5.12.5
|
Version: 5.12.5
|
||||||
Release: 6%{?dist}
|
Release: 8%{?dist}
|
||||||
|
|
||||||
# See LGPL_EXCEPTIONS.txt, for exception details
|
# See LGPL_EXCEPTIONS.txt, for exception details
|
||||||
License: LGPLv2 with exceptions or GPLv3 with exceptions
|
License: LGPLv2 with exceptions or GPLv3 with exceptions
|
||||||
@ -130,6 +128,8 @@ Patch202: qtbase-add-expansion-limit-for-entities.patch
|
|||||||
# CVE-2020-13962 qt5-qtbase: qt5: incorrectly calls SSL_shutdown() in OpenSSL mid-handshake causing denial of service in TLS applications
|
# CVE-2020-13962 qt5-qtbase: qt5: incorrectly calls SSL_shutdown() in OpenSSL mid-handshake causing denial of service in TLS applications
|
||||||
Patch203: qtbase-openssl-handle-ssl-shutdown-errors-properly.patch
|
Patch203: qtbase-openssl-handle-ssl-shutdown-errors-properly.patch
|
||||||
|
|
||||||
|
# CVE-2020-17507 qt5-qtbase: qt: buffer over-read in read_xbm_body in gui/image/qxbmhandler.cpp
|
||||||
|
Patch204: qtbase-fix-buffer-overflow-in-xbm-parser.patch
|
||||||
|
|
||||||
# Do not check any files in %%{_qt5_plugindir}/platformthemes/ for requires.
|
# Do not check any files in %%{_qt5_plugindir}/platformthemes/ for requires.
|
||||||
# Those themes are there for platform integration. If the required libraries are
|
# Those themes are there for platform integration. If the required libraries are
|
||||||
@ -167,24 +167,12 @@ BuildRequires: pkgconfig(libproxy-1.0)
|
|||||||
BuildRequires: pkgconfig(ice) pkgconfig(sm)
|
BuildRequires: pkgconfig(ice) pkgconfig(sm)
|
||||||
BuildRequires: pkgconfig(libpng)
|
BuildRequires: pkgconfig(libpng)
|
||||||
BuildRequires: pkgconfig(libudev)
|
BuildRequires: pkgconfig(libudev)
|
||||||
%if 0%{?fedora} == 26
|
BuildRequires: openssl-devel
|
||||||
BuildRequires: compat-openssl10-devel
|
|
||||||
%else
|
|
||||||
BuildRequires: openssl-devel%{?openssl11: >= 1.1}
|
|
||||||
%endif
|
|
||||||
BuildRequires: pkgconfig(libpulse) pkgconfig(libpulse-mainloop-glib)
|
BuildRequires: pkgconfig(libpulse) pkgconfig(libpulse-mainloop-glib)
|
||||||
%if 0%{?fedora}
|
|
||||||
BuildRequires: pkgconfig(libinput)
|
BuildRequires: pkgconfig(libinput)
|
||||||
BuildRequires: pkgconfig(xcb-xkb) >= 1.10
|
BuildRequires: pkgconfig(xcb-xkb) >= 1.10
|
||||||
BuildRequires: pkgconfig(xkbcommon) >= 0.4.1
|
BuildRequires: pkgconfig(xkbcommon) >= 0.4.1
|
||||||
BuildRequires: pkgconfig(xkbcommon-x11) >= 0.4.1
|
BuildRequires: pkgconfig(xkbcommon-x11) >= 0.4.1
|
||||||
%else
|
|
||||||
# not Fedora
|
|
||||||
%if 0%{?rhel} == 6
|
|
||||||
%global xcb -qt-xcb
|
|
||||||
%endif
|
|
||||||
Provides: bundled(libxkbcommon) = 0.4.1
|
|
||||||
%endif
|
|
||||||
BuildRequires: pkgconfig(xkeyboard-config)
|
BuildRequires: pkgconfig(xkeyboard-config)
|
||||||
%if 0%{?fedora} || 0%{?rhel} > 6
|
%if 0%{?fedora} || 0%{?rhel} > 6
|
||||||
%global egl 1
|
%global egl 1
|
||||||
@ -399,6 +387,8 @@ Qt5 libraries used for drawing widgets and OpenGL items.
|
|||||||
%patch201 -p1 -b .do-not-load-plugin-from-pwd
|
%patch201 -p1 -b .do-not-load-plugin-from-pwd
|
||||||
%patch202 -p1 -b .add-expansion-limit-for-entities
|
%patch202 -p1 -b .add-expansion-limit-for-entities
|
||||||
%patch203 -p1 -b .openssl-handle-ssl-shutdown-errors-properly
|
%patch203 -p1 -b .openssl-handle-ssl-shutdown-errors-properly
|
||||||
|
%patch204 -p1 -b .fix-buffer-overflow-in-xbm-parser
|
||||||
|
|
||||||
|
|
||||||
# move some bundled libs to ensure they're not accidentally used
|
# move some bundled libs to ensure they're not accidentally used
|
||||||
pushd src/3rdparty
|
pushd src/3rdparty
|
||||||
@ -756,6 +746,7 @@ fi
|
|||||||
%dir %{_qt5_plugindir}/script/
|
%dir %{_qt5_plugindir}/script/
|
||||||
%dir %{_qt5_plugindir}/sqldrivers/
|
%dir %{_qt5_plugindir}/sqldrivers/
|
||||||
%dir %{_qt5_plugindir}/styles/
|
%dir %{_qt5_plugindir}/styles/
|
||||||
|
%{_qt5_plugindir}/generic/libqlibinputplugin.so
|
||||||
%{_qt5_plugindir}/sqldrivers/libqsqlite.so
|
%{_qt5_plugindir}/sqldrivers/libqsqlite.so
|
||||||
%{_qt5_libdir}/cmake/Qt5Sql/Qt5Sql_QSQLiteDriverPlugin.cmake
|
%{_qt5_libdir}/cmake/Qt5Sql/Qt5Sql_QSQLiteDriverPlugin.cmake
|
||||||
|
|
||||||
@ -841,6 +832,7 @@ fi
|
|||||||
%{_qt5_libdir}/cmake/Qt5DBus/Qt5DBusConfig*.cmake
|
%{_qt5_libdir}/cmake/Qt5DBus/Qt5DBusConfig*.cmake
|
||||||
%{_qt5_libdir}/cmake/Qt5DBus/Qt5DBusMacros.cmake
|
%{_qt5_libdir}/cmake/Qt5DBus/Qt5DBusMacros.cmake
|
||||||
%{_qt5_libdir}/cmake/Qt5Gui/Qt5GuiConfig*.cmake
|
%{_qt5_libdir}/cmake/Qt5Gui/Qt5GuiConfig*.cmake
|
||||||
|
%{_qt5_libdir}/cmake/Qt5Gui/Qt5Gui_QLibInputPlugin.cmake
|
||||||
%{_qt5_libdir}/cmake/Qt5Network/Qt5NetworkConfig*.cmake
|
%{_qt5_libdir}/cmake/Qt5Network/Qt5NetworkConfig*.cmake
|
||||||
%{_qt5_libdir}/cmake/Qt5OpenGL/Qt5OpenGLConfig*.cmake
|
%{_qt5_libdir}/cmake/Qt5OpenGL/Qt5OpenGLConfig*.cmake
|
||||||
%{_qt5_libdir}/cmake/Qt5PrintSupport/Qt5PrintSupportConfig*.cmake
|
%{_qt5_libdir}/cmake/Qt5PrintSupport/Qt5PrintSupportConfig*.cmake
|
||||||
@ -1034,6 +1026,14 @@ fi
|
|||||||
|
|
||||||
|
|
||||||
%changelog
|
%changelog
|
||||||
|
* Mon Oct 05 2020 Jan Grulich <jgrulich@redhat.com> - 5.12.5-8
|
||||||
|
- Build against system xkb and openssl 1.1
|
||||||
|
Resolves: bz#1882375
|
||||||
|
|
||||||
|
* Thu Sep 24 2020 Jan Grulich <jgrulich@redhat.com> - 5.12.5-7
|
||||||
|
- Fix buffer overflow in XBM parser
|
||||||
|
Resolves: bz#1870364
|
||||||
|
|
||||||
* Tue Jul 14 2020 Jan Grulich <jgrulich@redhat.com> - 5.12.5-6
|
* Tue Jul 14 2020 Jan Grulich <jgrulich@redhat.com> - 5.12.5-6
|
||||||
- OpenSSL: handle SSL_shutdown's errors properly
|
- OpenSSL: handle SSL_shutdown's errors properly
|
||||||
Resolves: bz#1851538
|
Resolves: bz#1851538
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user