diff options
| author | Marek Vasut <marex@denx.de> | 2023-10-10 16:41:22 +0200 |
|---|---|---|
| committer | Martin Jansa <martin.jansa@gmail.com> | 2023-10-11 14:18:48 +0200 |
| commit | 107e5138935d064039faec16054726ca3c2d0c7d (patch) | |
| tree | 5fe768af6b49fb82c792b0d1dbb33c0e39daa06a | |
| parent | 4302ed02150c6c7c8dc7bd18869070acaded3655 (diff) | |
qtsvg: Refresh direct import patches with devtool
Run 'devtool modify qtsvg ; devtool finish --force-patch-refresh qtsvg ...'
on the qtsvg patches directly imported from Qt website [1] to refresh them
and remove all application fuzz. Add the CVE: tags while at it.
[1] https://download.qt.io/official_releases/qt/5.15/
Signed-off-by: Marek Vasut <marex@denx.de>
| -rw-r--r-- | recipes-qt/qt5/qtsvg/CVE-2023-32573-qtsvg-5.15.diff | 82 |
1 files changed, 48 insertions, 34 deletions
diff --git a/recipes-qt/qt5/qtsvg/CVE-2023-32573-qtsvg-5.15.diff b/recipes-qt/qt5/qtsvg/CVE-2023-32573-qtsvg-5.15.diff index f2a61e29..c09e6437 100644 --- a/recipes-qt/qt5/qtsvg/CVE-2023-32573-qtsvg-5.15.diff +++ b/recipes-qt/qt5/qtsvg/CVE-2023-32573-qtsvg-5.15.diff @@ -1,34 +1,48 @@ ---- a/src/svg/qsvgfont_p.h
-+++ b/src/svg/qsvgfont_p.h
-@@ -74,6 +74,7 @@ public:
- class Q_SVG_PRIVATE_EXPORT QSvgFont : public QSvgRefCounted
- {
- public:
-+ static constexpr qreal DEFAULT_UNITS_PER_EM = 1000;
- QSvgFont(qreal horizAdvX);
-
- void setFamilyName(const QString &name);
-@@ -86,9 +87,7 @@ public:
- void draw(QPainter *p, const QPointF &point, const QString &str, qreal pixelSize, Qt::Alignment alignment) const;
- public:
- QString m_familyName;
-- qreal m_unitsPerEm;
-- qreal m_ascent;
-- qreal m_descent;
-+ qreal m_unitsPerEm = DEFAULT_UNITS_PER_EM;
- qreal m_horizAdvX;
- QHash<QChar, QSvgGlyph> m_glyphs;
- };
-
-
---- a/src/svg/qsvghandler.cpp
-+++ b/src/svg/qsvghandler.cpp
-@@ -2668,7 +2668,7 @@ static bool parseFontFaceNode(QSvgStyleProperty *parent,
-
- qreal unitsPerEm = toDouble(unitsPerEmStr);
- if (!unitsPerEm)
-- unitsPerEm = 1000;
-+ unitsPerEm = QSvgFont::DEFAULT_UNITS_PER_EM;
-
- if (!name.isEmpty())
- font->setFamilyName(name);
\ No newline at end of file +From 9894206da35bde7025703f1e823f2df447ca200d Mon Sep 17 00:00:00 2001 +From: Marek Vasut <marex@denx.de> +Date: Tue, 10 Oct 2023 15:59:40 +0200 +Subject: [PATCH] qtsvg: Pick CVE-2023-32573 fix + +CVE: CVE-2023-32573 +Upstream-Status: Backport [https://download.qt.io/official_releases/qt/5.15/CVE-2023-32573-qtsvg-5.15.diff] +--- + src/svg/qsvgfont_p.h | 5 ++--- + src/svg/qsvghandler.cpp | 2 +- + 2 files changed, 3 insertions(+), 4 deletions(-) + +diff --git a/src/svg/qsvgfont_p.h b/src/svg/qsvgfont_p.h +index fd0a3fa..fcffbe8 100644 +--- a/src/svg/qsvgfont_p.h ++++ b/src/svg/qsvgfont_p.h +@@ -74,6 +74,7 @@ public: + class Q_SVG_PRIVATE_EXPORT QSvgFont : public QSvgRefCounted + { + public: ++ static constexpr qreal DEFAULT_UNITS_PER_EM = 1000; + QSvgFont(qreal horizAdvX); + + void setFamilyName(const QString &name); +@@ -86,9 +87,7 @@ public: + void draw(QPainter *p, const QPointF &point, const QString &str, qreal pixelSize, Qt::Alignment alignment) const; + public: + QString m_familyName; +- qreal m_unitsPerEm; +- qreal m_ascent; +- qreal m_descent; ++ qreal m_unitsPerEm = DEFAULT_UNITS_PER_EM; + qreal m_horizAdvX; + QHash<QChar, QSvgGlyph> m_glyphs; + }; +diff --git a/src/svg/qsvghandler.cpp b/src/svg/qsvghandler.cpp +index b2227b6..f4a00e3 100644 +--- a/src/svg/qsvghandler.cpp ++++ b/src/svg/qsvghandler.cpp +@@ -2666,7 +2666,7 @@ static bool parseFontFaceNode(QSvgStyleProperty *parent, + + qreal unitsPerEm = toDouble(unitsPerEmStr); + if (!unitsPerEm) +- unitsPerEm = 1000; ++ unitsPerEm = QSvgFont::DEFAULT_UNITS_PER_EM; + + if (!name.isEmpty()) + font->setFamilyName(name); |