fix CVE-2019-6461 CVE-2019-6462

CVE-2019-6461.patch

@@ -0,0 +1,14 @@
+diff --git a/src/cairo-arc.c b/src/cairo-arc.c
+index 390397bae..1bde774a4 100644
+--- a/src/cairo-arc.c
++++ b/src/cairo-arc.c
+@@ -186,7 +186,8 @@ _cairo_arc_in_direction (cairo_t	  *cr,
+     if (cairo_status (cr))
+         return;
+ 
+-    assert (angle_max >= angle_min);
++    if (angle_max < angle_min)
++       return;
+ 
+     if (angle_max - angle_min > 2 * M_PI * MAX_FULL_CIRCLES) {
+ 	angle_max = fmod (angle_max - angle_min, 2 * M_PI);

CVE-2019-6462.patch

@@ -0,0 +1,13 @@
+diff --git a/src/cairo-arc.c b/src/cairo-arc.c
+index 390397bae..f9249dbeb 100644
+--- a/src/cairo-arc.c
++++ b/src/cairo-arc.c
+@@ -99,7 +99,7 @@ _arc_max_angle_for_tolerance_normalized (double tolerance)
+     do {
+ 	angle = M_PI / i++;
+ 	error = _arc_error_normalized (angle);
+-    } while (error > tolerance);
++    } while (error > tolerance && error > __DBL_EPSILON__);
+ 
+     return angle;
+ }

cairo.spec

@@ -2,7 +2,7 @@
 
 Name:           cairo
 Version:        1.16.0
-Release:        1
+Release:        2
 Summary:        A 2D graphics library
 License:        LGPLv2 or MPLv1.1
 URL:            http://cairographics.org
@@ -12,6 +12,8 @@ Patch0001:	0001-Set-default-LCD-filter-to-FreeType-s-default.patch
 Patch0002:	0002-ft-Use-FT_Done_MM_Var-instead-of-free-when-available.patch
 Patch0003:	0003-cairo-composite_color_glyphs.patch
 Patch0004:	0004-cff-Allow-empty-array-of-operands-for-certain-operat.patch
+Patch6000:	CVE-2019-6461.patch
+Patch6001:	CVE-2019-6462.patch
 
 BuildRequires:  pkgconfig glib2-devel librsvg2-devel
 BuildRequires:  libXrender-devel libX11-devel libpng-devel libxml2-devel
@@ -81,6 +83,12 @@ find $RPM_BUILD_ROOT -name '*.la' -delete
 %{_bindir}/cairo-trace
 
 %changelog
+* Fri Sep 18 2020 yanglu <yanglu60@huawei.com> - 1.16.0-2
+- Type:cves
+- ID:CVE-2019-6461 CVE-2019-6462
+- SUG:NA
+- DESC:fix CVE-2019-6461 CVE-2019-6462
+
 * Mon Jul 13 2020 jinzhimin <jinzhimin2@huawei.com> - 1.16.0-1
 - Version upgrade