From 33aca277bc70cdb982d75bd854b7caedf5df4723 Mon Sep 17 00:00:00 2001
From: DistroBaker <osci-list@redhat.com>
Date: Wed, 24 Mar 2021 23:30:28 +0000
Subject: [PATCH] Merged update from upstream sources

This is an automated DistroBaker update from upstream sources.
If you do not know what this is about or would like to opt out,
contact the OSCI team.

Source: https://src.fedoraproject.org/rpms/qt5-qtsvg.git#9b6d76819193e3a88471c40e2c86a7a97ed8162f
---
 qt5-qtsvg.spec                                |  8 ++++-
 ...ubles-to-float-representtable-values.patch | 30 +++++++++++++++++++
 2 files changed, 37 insertions(+), 1 deletion(-)
 create mode 100644 qtsvg-5.15.2-clamp-parsed-doubles-to-float-representtable-values.patch

diff --git a/qt5-qtsvg.spec b/qt5-qtsvg.spec
index d776901..44797e6 100644
--- a/qt5-qtsvg.spec
+++ b/qt5-qtsvg.spec
@@ -3,7 +3,7 @@
 Summary: Qt5 - Support for rendering and displaying SVG
 Name:    qt5-%{qt_module}
 Version: 5.15.2
-Release: 3%{?dist}
+Release: 4%{?dist}
 
 # See LGPL_EXCEPTIONS.txt, LICENSE.GPL3, respectively, for exception details
 License: LGPLv2 with exceptions or GPLv3 with exceptions
@@ -11,6 +11,9 @@ Url:     http://www.qt.io
 %global majmin %(echo %{version} | cut -d. -f1-2)
 Source0: https://download.qt.io/official_releases/qt/%{majmin}/%{version}/submodules/%{qt_module}-everywhere-src-%{version}.tar.xz
 
+# upstream fix
+Patch0: qtsvg-5.15.2-clamp-parsed-doubles-to-float-representtable-values.patch
+
 BuildRequires: make
 BuildRequires: qt5-qtbase-devel >= %{version}
 BuildRequires: pkgconfig(zlib)
@@ -86,6 +89,9 @@ popd
 
 
 %changelog
+* Tue Mar 09 2021 Than Ngo <than@redhat.com> - 5.15.2-4
+- Resolves: #1931447, Out of bounds read in function QRadialFetchSimd from crafted svg file
+
 * Wed Jan 27 2021 Fedora Release Engineering <releng@fedoraproject.org> - 5.15.2-3
 - Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild
 
diff --git a/qtsvg-5.15.2-clamp-parsed-doubles-to-float-representtable-values.patch b/qtsvg-5.15.2-clamp-parsed-doubles-to-float-representtable-values.patch
new file mode 100644
index 0000000..83db864
--- /dev/null
+++ b/qtsvg-5.15.2-clamp-parsed-doubles-to-float-representtable-values.patch
@@ -0,0 +1,30 @@
+diff -up qtsvg-everywhere-src-5.15.2/src/svg/qsvghandler.cpp.orig qtsvg-everywhere-src-5.15.2/src/svg/qsvghandler.cpp
+--- qtsvg-everywhere-src-5.15.2/src/svg/qsvghandler.cpp.orig	2020-10-27 09:02:11.000000000 +0100
++++ qtsvg-everywhere-src-5.15.2/src/svg/qsvghandler.cpp	2021-03-09 17:48:50.187425243 +0100
+@@ -65,6 +65,7 @@
+ #include "private/qmath_p.h"
+ 
+ #include "float.h"
++#include <cmath>
+ 
+ QT_BEGIN_NAMESPACE
+ 
+@@ -672,6 +673,9 @@ static qreal toDouble(const QChar *&str)
+             val = -val;
+     } else {
+         val = QByteArray::fromRawData(temp, pos).toDouble();
++        // Do not tolerate values too wild to be represented normally by floats
++        if (std::fpclassify(float(val)) != FP_NORMAL)
++            val = 0;
+     }
+     return val;
+ 
+@@ -3043,6 +3047,8 @@ static QSvgStyleProperty *createRadialGr
+         ncy = toDouble(cy);
+     if (!r.isEmpty())
+         nr = toDouble(r);
++    if (nr < 0.5)
++        nr = 0.5;
+ 
+     qreal nfx = ncx;
+     if (!fx.isEmpty())