packages/cairo
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

fix CVE-2020-35492

Browse Source
This commit is contained in:
yeah_wang 2021-04-08 11:49:11 +08:00
parent 0cadbf6ffa
commit c53ee888cd
2 changed files with 59 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

51
backport-CVE-2020-35492.patch Normal file
View File

@ -0,0 +1,51 @@
From 03a820b173ed1fdef6ff14b4468f5dbc02ff59be Mon Sep 17 00:00:00 2001
From: Heiko Lewin <heiko.lewin@worldiety.de>
Date: Tue, 15 Dec 2020 16:48:19 +0100
Subject: [PATCH] Fix mask usage in image-compositor
Conflict:NA
Reference:https://gitlab.freedesktop.org/cairo/cairo/-/commit/03a820b173ed1fdef6ff14b4468f5dbc02ff59be
---
src/cairo-image-compositor.c | 8 ++--
1 files changed, 4 insertions(+), 4 deletions(-)
diff --git a/src/cairo-image-compositor.c b/src/cairo-image-compositor.c
index 79ad69f68..4f8aaed99 100644
--- a/src/cairo-image-compositor.c
+++ b/src/cairo-image-compositor.c
@@ -2610,14 +2610,14 @@ _inplace_src_spans (void *abstract_renderer, int y, int h,
unsigned num_spans)
{
cairo_image_span_renderer_t *r = abstract_renderer;
- uint8_t *m;
+ uint8_t *m, *base = (uint8_t*)pixman_image_get_data(r->mask);
int x0;
if (num_spans == 0)
return CAIRO_STATUS_SUCCESS;
x0 = spans[0].x;
- m = r->_buf;
+ m = base;
do {
int len = spans[1].x - spans[0].x;
if (len >= r->u.composite.run_length && spans[0].coverage == 0xff) {
@@ -2655,7 +2655,7 @@ _inplace_src_spans (void *abstract_renderer, int y, int h,
spans[0].x, y,
spans[1].x - spans[0].x, h);
- m = r->_buf;
+ m = base;
x0 = spans[1].x;
} else if (spans[0].coverage == 0x0) {
if (spans[0].x != x0) {
@@ -2684,7 +2684,7 @@ _inplace_src_spans (void *abstract_renderer, int y, int h,
#endif
}
- m = r->_buf;
+ m = base;
x0 = spans[1].x;
} else {
*m++ = spans[0].coverage;

9
cairo.spec
View File

@ -2,7 +2,7 @@
Name: cairo Name: cairo
Version: 1.16.0 Version: 1.16.0
Release: 3 Release: 4
Summary: A 2D graphics library Summary: A 2D graphics library
License: LGPLv2 or MPLv1.1 License: LGPLv2 or MPLv1.1
URL: http://cairographics.org URL: http://cairographics.org
@ -14,6 +14,7 @@ Patch0003: 0003-cairo-composite_color_glyphs.patch
Patch0004: 0004-cff-Allow-empty-array-of-operands-for-certain-operat.patch Patch0004: 0004-cff-Allow-empty-array-of-operands-for-certain-operat.patch
Patch6000: CVE-2019-6461.patch Patch6000: CVE-2019-6461.patch
Patch6001: CVE-2019-6462.patch Patch6001: CVE-2019-6462.patch
Patch6002: backport-CVE-2020-35492.patch
BuildRequires: pkgconfig glib2-devel librsvg2-devel BuildRequires: pkgconfig glib2-devel librsvg2-devel
BuildRequires: libXrender-devel libX11-devel libpng-devel libxml2-devel BuildRequires: libXrender-devel libX11-devel libpng-devel libxml2-devel
@ -83,6 +84,12 @@ find $RPM_BUILD_ROOT -name '*.la' -delete
%{_bindir}/cairo-trace %{_bindir}/cairo-trace
%changelog %changelog
* Thu Apr 1 2021 wangkerong <wangkerong@huawei.com> - 1.16.0-4
- Type:cve
- ID:CVE-2020-35492
- SUG:NA
- DESC:fix CVE-2020-35492
* Sun Sep 27 2020 wangye <wangye70@huawei.com> - 1.16.0-3 * Sun Sep 27 2020 wangye <wangye70@huawei.com> - 1.16.0-3
- fix source URL - fix source URL