packages/qt
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

!20 Fix the cve

Browse Source 
From: @kang_xiao_qiang
Reviewed-by: @small_leek
Signed-off-by: @small_leek
This commit is contained in:
openeuler-ci-bot 2020-09-21 09:34:48 +08:00 committed by Gitee
commit 3b22778064
2 changed files with 33 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

28
CVE-2020-17507.patch Normal file
View File

@ -0,0 +1,28 @@
From 1a27a6cefbb457f2fb74159267835aaefb7c992d Mon Sep 17 00:00:00 2001
From: Dmitry Shachnev <mitya57@debian.org>
Date: Tue, 18 Aug 2020 16:16:57 +0300
Subject: [PATCH] Backport upstream patch to fix buffer overflow in XBMparser.
Closes: #968444, CVE-2020-17507.
---
src/gui/image/qxbmhandler.cpp | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
diff --git a/src/gui/image/qxbmhandler.cpp b/src/gui/image/qxbmhandler.cpp
index 414e8233..7483b245 100644
--- a/src/gui/image/qxbmhandler.cpp
+++ b/src/gui/image/qxbmhandler.cpp
@@ -154,7 +154,9 @@ static bool read_xbm_body(QIODevice *device, int w, int h, QImage *outImage)
w = (w+7)/8; // byte width
while (y < h) { // for all encoded bytes...
- if (p) { // p = "0x.."
+ if (p && p < (buf + readBytes - 3)) { // p = "0x.."
+ if (!isxdigit(p[2]) || !isxdigit(p[3]))
+ return false;
*b++ = hex2byte(p+2);
p += 2;
if (++x == w && ++y < h) {
--
2.23.0

6
qt.spec
View File

@ -13,7 +13,7 @@
Name: qt Name: qt
Epoch: 1 Epoch: 1
Version: 4.8.7 Version: 4.8.7
Release: 49 Release: 50
Summary: A software toolkit for developing applications Summary: A software toolkit for developing applications
License: (LGPLv2 with exceptions or GPLv3 with exceptions) and ASL 2.0 and BSD and FTL and MIT License: (LGPLv2 with exceptions or GPLv3 with exceptions) and ASL 2.0 and BSD and FTL and MIT
URL: http://qt-project.org/ URL: http://qt-project.org/
@ -78,6 +78,7 @@ Patch6001: CVE-2018-19872.patch
Patch6002: CVE-2018-19871.patch Patch6002: CVE-2018-19871.patch
Patch6003: CVE-2018-19870.patch Patch6003: CVE-2018-19870.patch
Patch6004: CVE-2018-19873.patch Patch6004: CVE-2018-19873.patch
Patch45: CVE-2020-17507.patch
BuildRequires: cups-devel desktop-file-utils gcc-c++ libjpeg-devel findutils libmng-devel libtiff-devel pkgconfig pkgconfig(alsa) BuildRequires: cups-devel desktop-file-utils gcc-c++ libjpeg-devel findutils libmng-devel libtiff-devel pkgconfig pkgconfig(alsa)
BuildRequires: pkgconfig(dbus-1) pkgconfig(fontconfig) pkgconfig(glib-2.0) pkgconfig(icu-i18n) openssl-devel pkgconfig(libpng) BuildRequires: pkgconfig(dbus-1) pkgconfig(fontconfig) pkgconfig(glib-2.0) pkgconfig(icu-i18n) openssl-devel pkgconfig(libpng)
@ -444,6 +445,9 @@ fi
%{_qt4_prefix}/examples/ %{_qt4_prefix}/examples/
%changelog %changelog
* Sun Sep 20 2020 shaoqiang kang <kangshaoqiang1@huawei.com> - 1:4.8.7-50
- fix CVE-2020-17507
* Tue Sep 2020 shaoqiang kang <kangshaoqiang1@huawei.com> - 1:4.8.7-49 * Tue Sep 2020 shaoqiang kang <kangshaoqiang1@huawei.com> - 1:4.8.7-49
- Modify source - Modify source