!63 fix CVE-2024-56732

From: @zppzhangpan 
Reviewed-by: @t_feng 
Signed-off-by: @t_feng

backport-CVE-2024-56732.patch

@@ -0,0 +1,59 @@
+From 1767f99e2e2196c3fcae27db6d8b60098d3f6d26 Mon Sep 17 00:00:00 2001
+From: Behdad Esfahbod <behdad@behdad.org>
+Date: Sun, 10 Nov 2024 22:43:28 -0700
+Subject: [PATCH] [cairo] Guard hb_cairo_glyphs_from_buffer() against bad UTF-8
+
+Previously it was assuming valid UTF-8.
+---
+ src/hb-cairo.cc | 2 ++
+ src/hb-utf.hh   | 6 ++++--
+ 2 files changed, 6 insertions(+), 2 deletions(-)
+
+diff --git a/src/hb-cairo.cc b/src/hb-cairo.cc
+index d8b582c4908..4d22ae059ff 100644
+--- a/src/hb-cairo.cc
++++ b/src/hb-cairo.cc
+@@ -1000,6 +1000,7 @@ hb_cairo_glyphs_from_buffer (hb_buffer_t *buffer,
+ 	    end = start + hb_glyph[i].cluster - hb_glyph[i+1].cluster;
+ 	  else
+ 	    end = (const char *) hb_utf_offset_to_pointer<hb_utf8_t> ((const uint8_t *) start,
++								      (const uint8_t *) utf8, utf8_len,
+ 								      (signed) (hb_glyph[i].cluster - hb_glyph[i+1].cluster));
+ 	  (*clusters)[cluster].num_bytes = end - start;
+ 	  start = end;
+@@ -1020,6 +1021,7 @@ hb_cairo_glyphs_from_buffer (hb_buffer_t *buffer,
+ 	    end = start + hb_glyph[i].cluster - hb_glyph[i-1].cluster;
+ 	  else
+ 	    end = (const char *) hb_utf_offset_to_pointer<hb_utf8_t> ((const uint8_t *) start,
++								      (const uint8_t *) utf8, utf8_len,
+ 								      (signed) (hb_glyph[i].cluster - hb_glyph[i-1].cluster));
+ 	  (*clusters)[cluster].num_bytes = end - start;
+ 	  start = end;
+diff --git a/src/hb-utf.hh b/src/hb-utf.hh
+index 1120bd1cccf..6db9bf2fd79 100644
+--- a/src/hb-utf.hh
++++ b/src/hb-utf.hh
+@@ -458,19 +458,21 @@ struct hb_ascii_t
+ template <typename utf_t>
+ static inline const typename utf_t::codepoint_t *
+ hb_utf_offset_to_pointer (const typename utf_t::codepoint_t *start,
++			  const typename utf_t::codepoint_t *text,
++			  unsigned text_len,
+ 			  signed offset)
+ {
+   hb_codepoint_t unicode;
+ 
+   while (offset-- > 0)
+     start = utf_t::next (start,
+-			 start + utf_t::max_len,
++			 text + text_len,
+ 			 &unicode,
+ 			 HB_BUFFER_REPLACEMENT_CODEPOINT_DEFAULT);
+ 
+   while (offset++ < 0)
+     start = utf_t::prev (start,
+-			 start - utf_t::max_len,
++			 text,
+ 			 &unicode,
+ 			 HB_BUFFER_REPLACEMENT_CODEPOINT_DEFAULT);
+ 

harfbuzz.spec

@@ -1,11 +1,13 @@
 Name:           harfbuzz
-Version:        4.3.0
-Release:        1
+Version:        8.3.0
+Release:        2
 Summary:        A text shaping engine
 License:        MIT
 URL:            https://harfbuzz.github.io/
 Source0:        https://github.com/harfbuzz/harfbuzz/releases/download/%{version}/harfbuzz-%{version}.tar.xz
 
+Patch6000:      backport-CVE-2024-56732.patch
+
 BuildRequires:  gcc-c++ freetype-devel cairo-devel glib2-devel graphite2-devel
 BuildRequires:  gtk-doc libicu-devel gobject-introspection-devel make
 Provides:       harfbuzz-icu
@@ -53,6 +55,7 @@ make check
 %{_libdir}/libharfbuzz-icu.so.*
 %dir %{_libdir}/girepository-1.0
 %{_libdir}/girepository-1.0/HarfBuzz-0.0.typelib
+%{_libdir}/libharfbuzz-cairo.so.0*
 
 %files devel
 %{_bindir}/*
@@ -68,6 +71,21 @@ make check
 %{_datadir}/gtk-doc/html/harfbuzz/*
 
 %changelog
+* Mon Dec 30 2024 zhangpan <zhnagpan103@h-partners.com> - 8.3.0-2
+- fix CVE-2024-56732
+
+* Wed Nov 22 2023 wangqia <wangqia@uniontech.com> - 8.3.0-1
+- Update to 8.3.0
+
+* Wed Feb 22 2023 liweiganga <liweiganga@uniontech.com> - 6.0.0-1
+- upstream to 6.0.0
+
+* Wed Feb 15 2023 zhouwenpei <zhouwenpei1@h-partners.com> - 4.3.0-3
+- fix CVE-2023-25193
+
+* Thu Jul 14 2022 zhouwenpei <zhouwenpei1@h-partners.com> - 4.3.0-2
+- fix CVE-2022-33068
+
 * Mon Jun 20 2022 lin zhang <lin.zhang@turbolinux.com.cn> - 4.3.0-1
 - update to 4.3.0