From fbe60f8d39006294f85aad67feaef259d8f26115 Mon Sep 17 00:00:00 2001 From: Than Ngo Date: Mon, 20 Jan 2020 10:57:00 +0100 Subject: [PATCH] upstream patches fix following issues: Do-not-load-plugin-from-the-PWD QLibrary-Unix-do-not-attempt-to-load-a-library-relat --- 0001-Do-not-load-plugin-from-the-PWD.patch | 33 +++++++++++++++++++ ...-not-attempt-to-load-a-library-relat.patch | 21 ++++++++++++ qt5-qtbase.spec | 12 +++++-- 3 files changed, 64 insertions(+), 2 deletions(-) create mode 100644 0001-Do-not-load-plugin-from-the-PWD.patch create mode 100644 0001-QLibrary-Unix-do-not-attempt-to-load-a-library-relat.patch diff --git a/0001-Do-not-load-plugin-from-the-PWD.patch b/0001-Do-not-load-plugin-from-the-PWD.patch new file mode 100644 index 0000000..3533d5a --- /dev/null +++ b/0001-Do-not-load-plugin-from-the-PWD.patch @@ -0,0 +1,33 @@ +From 2e02b383e03c30f53ff613e431e8fe1d063d5502 Mon Sep 17 00:00:00 2001 +From: Olivier Goffart +Date: Fri, 8 Nov 2019 11:30:40 +0100 +Subject: [PATCH] Do not load plugin from the $PWD + +I see no reason why this would make sense to look for plugins in the current +directory. And when there are plugins there, it may actually be wrong + +Change-Id: I5f5aa168021fedddafce90effde0d5762cd0c4c5 +Reviewed-by: Thiago Macieira +(cherry picked from commit bf131e8d2181b3404f5293546ed390999f760404) +Reviewed-by: Volker Hilsheimer +(cherry picked from commit 52b739776daecf80a8276b49c9e4337e018d8e8b) +Reviewed-by: Olivier Goffart (Woboq GmbH) +--- + src/corelib/plugin/qpluginloader.cpp | 1 - + 1 file changed, 1 deletion(-) + +diff --git a/src/corelib/plugin/qpluginloader.cpp b/src/corelib/plugin/qpluginloader.cpp +index aab00cc7eb..15b8654391 100644 +--- a/src/corelib/plugin/qpluginloader.cpp ++++ b/src/corelib/plugin/qpluginloader.cpp +@@ -304,7 +304,6 @@ static QString locatePlugin(const QString& fileName) + paths.append(fileName.left(slash)); // don't include the '/' + } else { + paths = QCoreApplication::libraryPaths(); +- paths.prepend(QStringLiteral(".")); // search in current dir first + } + + for (const QString &path : qAsConst(paths)) { +-- +2.24.1 + diff --git a/0001-QLibrary-Unix-do-not-attempt-to-load-a-library-relat.patch b/0001-QLibrary-Unix-do-not-attempt-to-load-a-library-relat.patch new file mode 100644 index 0000000..541f038 --- /dev/null +++ b/0001-QLibrary-Unix-do-not-attempt-to-load-a-library-relat.patch @@ -0,0 +1,21 @@ +diff -up qtbase-everywhere-src-5.13.2/src/corelib/plugin/qlibrary_unix.cpp.QLibrary-Unix-do-not-attempt-to-load-a-library-relat qtbase-everywhere-src-5.13.2/src/corelib/plugin/qlibrary_unix.cpp +--- qtbase-everywhere-src-5.13.2/src/corelib/plugin/qlibrary_unix.cpp.QLibrary-Unix-do-not-attempt-to-load-a-library-relat 2019-10-25 09:16:48.000000000 +0200 ++++ qtbase-everywhere-src-5.13.2/src/corelib/plugin/qlibrary_unix.cpp 2020-01-20 10:49:23.619299927 +0100 +@@ -1,7 +1,7 @@ + /**************************************************************************** + ** + ** Copyright (C) 2016 The Qt Company Ltd. +-** Copyright (C) 2018 Intel Corporation ++** Copyright (C) 2020 Intel Corporation + ** Contact: https://www.qt.io/licensing/ + ** + ** This file is part of the QtCore module of the Qt Toolkit. +@@ -208,6 +208,8 @@ bool QLibraryPrivate::load_sys() + for(int suffix = 0; retry && !pHnd && suffix < suffixes.size(); suffix++) { + if (!prefixes.at(prefix).isEmpty() && name.startsWith(prefixes.at(prefix))) + continue; ++ if (path.isEmpty() && prefixes.at(prefix).contains(QLatin1Char('/'))) ++ continue; + if (!suffixes.at(suffix).isEmpty() && name.endsWith(suffixes.at(suffix))) + continue; + if (loadHints & QLibrary::LoadArchiveMemberHint) { diff --git a/qt5-qtbase.spec b/qt5-qtbase.spec index a850f12..d221669 100644 --- a/qt5-qtbase.spec +++ b/qt5-qtbase.spec @@ -53,7 +53,7 @@ BuildRequires: pkgconfig(libsystemd) Name: qt5-qtbase Summary: Qt5 - QtBase components Version: 5.13.2 -Release: 1%{?dist} +Release: 2%{?dist} # See LGPL_EXCEPTIONS.txt, for exception details License: LGPLv2 with exceptions or GPLv3 with exceptions @@ -133,6 +133,8 @@ Patch80: qtbase-use-wayland-on-gnome.patch # glibc stat ## upstream patches +Patch100: 0001-Do-not-load-plugin-from-the-PWD.patch +Patch101: 0001-QLibrary-Unix-do-not-attempt-to-load-a-library-relat.patch # Do not check any files in %%{_qt5_plugindir}/platformthemes/ for requires. # Those themes are there for platform integration. If the required libraries are @@ -405,7 +407,8 @@ Qt5 libraries used for drawing widgets and OpenGL items. %endif ## upstream patches - +%patch100 -p1 -b .Do-not-load-plugin-from-the-PWD.patch +%patch101 -p1 -b .QLibrary-Unix-do-not-attempt-to-load-a-library-relat # move some bundled libs to ensure they're not accidentally used pushd src/3rdparty @@ -1050,6 +1053,11 @@ fi %changelog +* Mon Jan 20 2020 Than Ngo - 5.13.2-2 +- upstream patches fix following issues: + Do-not-load-plugin-from-the-PWD + QLibrary-Unix-do-not-attempt-to-load-a-library-relat + * Mon Dec 09 2019 Jan Grulich - 5.13.2-1 - 5.13.2