rpms/qt5-qtsvg
7
0
Fork 0
Code Issues Pull Requests Releases Activity

Merged update from upstream sources

Browse Source 
This is an automated DistroBaker update from upstream sources.
If you do not know what this is about or would like to opt out,
contact the OSCI team.

Source: https://src.fedoraproject.org/rpms/qt5-qtsvg.git#9b6d76819193e3a88471c40e2c86a7a97ed8162f
This commit is contained in:
DistroBaker 2021-03-24 23:30:28 +00:00
parent 59722001f9
commit 33aca277bc
2 changed files with 37 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
qt5-qtsvg.spec
View File

@ -3,7 +3,7 @@
Summary: Qt5 - Support for rendering and displaying SVG Summary: Qt5 - Support for rendering and displaying SVG
Name: qt5-%{qt_module} Name: qt5-%{qt_module}
Version: 5.15.2 Version: 5.15.2
Release: 3%{?dist} Release: 4%{?dist}
# See LGPL_EXCEPTIONS.txt, LICENSE.GPL3, respectively, for exception details # See LGPL_EXCEPTIONS.txt, LICENSE.GPL3, respectively, for exception details
License: LGPLv2 with exceptions or GPLv3 with exceptions License: LGPLv2 with exceptions or GPLv3 with exceptions
@ -11,6 +11,9 @@ Url: http://www.qt.io
%global majmin %(echo %{version} | cut -d. -f1-2) %global majmin %(echo %{version} | cut -d. -f1-2)
Source0: https://download.qt.io/official_releases/qt/%{majmin}/%{version}/submodules/%{qt_module}-everywhere-src-%{version}.tar.xz Source0: https://download.qt.io/official_releases/qt/%{majmin}/%{version}/submodules/%{qt_module}-everywhere-src-%{version}.tar.xz
# upstream fix
Patch0: qtsvg-5.15.2-clamp-parsed-doubles-to-float-representtable-values.patch
BuildRequires: make BuildRequires: make
BuildRequires: qt5-qtbase-devel >= %{version} BuildRequires: qt5-qtbase-devel >= %{version}
BuildRequires: pkgconfig(zlib) BuildRequires: pkgconfig(zlib)
@ -86,6 +89,9 @@ popd
%changelog %changelog
* Tue Mar 09 2021 Than Ngo <than@redhat.com> - 5.15.2-4
- Resolves: #1931447, Out of bounds read in function QRadialFetchSimd from crafted svg file
* Wed Jan 27 2021 Fedora Release Engineering <releng@fedoraproject.org> - 5.15.2-3 * Wed Jan 27 2021 Fedora Release Engineering <releng@fedoraproject.org> - 5.15.2-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild

30
qtsvg-5.15.2-clamp-parsed-doubles-to-float-representtable-values.patch Normal file
View File

@ -0,0 +1,30 @@
diff -up qtsvg-everywhere-src-5.15.2/src/svg/qsvghandler.cpp.orig qtsvg-everywhere-src-5.15.2/src/svg/qsvghandler.cpp
--- qtsvg-everywhere-src-5.15.2/src/svg/qsvghandler.cpp.orig 2020-10-27 09:02:11.000000000 +0100
+++ qtsvg-everywhere-src-5.15.2/src/svg/qsvghandler.cpp 2021-03-09 17:48:50.187425243 +0100
@@ -65,6 +65,7 @@
#include "private/qmath_p.h"
#include "float.h"
+#include <cmath>
QT_BEGIN_NAMESPACE
@@ -672,6 +673,9 @@ static qreal toDouble(const QChar *&str)
val = -val;
} else {
val = QByteArray::fromRawData(temp, pos).toDouble();
+ // Do not tolerate values too wild to be represented normally by floats
+ if (std::fpclassify(float(val)) != FP_NORMAL)
+ val = 0;
}
return val;
@@ -3043,6 +3047,8 @@ static QSvgStyleProperty *createRadialGr
ncy = toDouble(cy);
if (!r.isEmpty())
nr = toDouble(r);
+ if (nr < 0.5)
+ nr = 0.5;
qreal nfx = ncx;
if (!fx.isEmpty())