summaryrefslogtreecommitdiff
path: root/x11/qt4-libs
diff options
context:
space:
mode:
authormarkd <markd@pkgsrc.org>2007-04-06 12:48:37 +0000
committermarkd <markd@pkgsrc.org>2007-04-06 12:48:37 +0000
commit098ab044a9db256a679c341c205070d3480ce69c (patch)
treec7995e04cdf80bf94c5a1e1e9d68b8290d03931a /x11/qt4-libs
parentb0d81206204ae5ac5a5dcd09d3017ea2fb8fb4a6 (diff)
downloadpkgsrc-098ab044a9db256a679c341c205070d3480ce69c.tar.gz
Patch for CVE-2007-0242. Bump PKGREVISION.
Diffstat (limited to 'x11/qt4-libs')
-rw-r--r--x11/qt4-libs/Makefile3
-rw-r--r--x11/qt4-libs/distinfo4
-rw-r--r--x11/qt4-libs/patches/patch-al43
-rw-r--r--x11/qt4-libs/patches/patch-am93
4 files changed, 141 insertions, 2 deletions
diff --git a/x11/qt4-libs/Makefile b/x11/qt4-libs/Makefile
index 0f9f480a908..d85f9997f02 100644
--- a/x11/qt4-libs/Makefile
+++ b/x11/qt4-libs/Makefile
@@ -1,8 +1,9 @@
-# $NetBSD: Makefile,v 1.8 2007/03/18 17:34:41 adam Exp $
+# $NetBSD: Makefile,v 1.9 2007/04/06 12:48:37 markd Exp $
.include "../../x11/qt4-libs/Makefile.common"
PKGNAME= qt4-libs-${QTVERSION}
+PKGREVISION= 1
COMMENT= C++ X GUI toolkit
BUILD_TARGET= sub-src
diff --git a/x11/qt4-libs/distinfo b/x11/qt4-libs/distinfo
index e95a7cb10aa..84e56437195 100644
--- a/x11/qt4-libs/distinfo
+++ b/x11/qt4-libs/distinfo
@@ -1,4 +1,4 @@
-$NetBSD: distinfo,v 1.8 2007/03/18 17:34:41 adam Exp $
+$NetBSD: distinfo,v 1.9 2007/04/06 12:48:42 markd Exp $
SHA1 (qt-x11-opensource-src-4.2.3.tar.gz) = b988aab4fa1dcce8532c36bb63947a556076e8c8
RMD160 (qt-x11-opensource-src-4.2.3.tar.gz) = 06c9c3bd53dd6b96fc68a1dfe96882ac6927df25
@@ -14,3 +14,5 @@ SHA1 (patch-ah) = 62c50fe48b9ff1ce9fb757b432c8b1db7693e112
SHA1 (patch-ai) = b15936b85b2b1946e8c9a92bf393c3d3a1fc6950
SHA1 (patch-aj) = cb57c340a125587f5e26f63274c090512079a41c
SHA1 (patch-ak) = 16eef0675a63da937637c8fc654664f1cb155d18
+SHA1 (patch-al) = c59c6830bde43208a81cb7ba52a58c134dd40eec
+SHA1 (patch-am) = 81612b64cd5c6d57125e22be79334aabf08bda4d
diff --git a/x11/qt4-libs/patches/patch-al b/x11/qt4-libs/patches/patch-al
new file mode 100644
index 00000000000..4533276dd23
--- /dev/null
+++ b/x11/qt4-libs/patches/patch-al
@@ -0,0 +1,43 @@
+$NetBSD: patch-al,v 1.1 2007/04/06 12:48:42 markd Exp $
+
+--- src/corelib/tools/qstring.cpp
++++ src/corelib/tools/qstring.cpp
+@@ -3342,6 +3342,7 @@ QString QString::fromUtf8(const char *st
+ result.resize(size); // worst case
+ ushort *qch = result.d->data;
+ uint uc = 0;
++ uint min_uc = 0;
+ int need = 0;
+ int error = -1;
+ uchar ch;
+@@ -3359,6 +3360,12 @@ QString QString::fromUtf8(const char *st
+ ushort low = uc%0x400 + 0xdc00;
+ *qch++ = high;
+ *qch++ = low;
++ } else if ((uc < min_uc) || (uc >= 0xd800 && uc <= 0xdfff) || (uc >= 0xfffe)) {
++ // overlong seqence, UTF16 surrogate or BOM
++ i = error;
++ qch = addOne(qch, result);
++ *qch++ = 0xdbff;
++ *qch++ = 0xde00 + ((uchar)str[i]);
+ } else {
+ *qch++ = uc;
+ }
+@@ -3381,14 +3388,17 @@ QString QString::fromUtf8(const char *st
+ uc = ch & 0x1f;
+ need = 1;
+ error = i;
++ min_uc = 0x80;
+ } else if ((ch & 0xf0) == 0xe0) {
+ uc = ch & 0x0f;
+ need = 2;
+ error = i;
++ min_uc = 0x800;
+ } else if ((ch&0xf8) == 0xf0) {
+ uc = ch & 0x07;
+ need = 3;
+ error = i;
++ min_uc = 0x10000;
+ } else {
+ // Error
+ qch = addOne(qch, result);
diff --git a/x11/qt4-libs/patches/patch-am b/x11/qt4-libs/patches/patch-am
new file mode 100644
index 00000000000..38bc89e6c45
--- /dev/null
+++ b/x11/qt4-libs/patches/patch-am
@@ -0,0 +1,93 @@
+$NetBSD: patch-am,v 1.1 2007/04/06 12:48:42 markd Exp $
+
+--- src/corelib/codecs/qutfcodec.cpp
++++ src/corelib/codecs/qutfcodec.cpp
+@@ -117,15 +117,19 @@ QString QUtf8Codec::convertToUnicode(con
+ bool headerdone = false;
+ QChar replacement = QChar::ReplacementCharacter;
+ int need = 0;
++ int error = -1;
+ uint uc = 0;
++ uint min_uc = 0;
+ if (state) {
+ if (state->flags & IgnoreHeader)
+ headerdone = true;
+ if (state->flags & ConvertInvalidToNull)
+ replacement = QChar::Null;
+ need = state->remainingChars;
+- if (need)
++ if (need) {
+ uc = state->state_data[0];
++ min_uc = state->state_data[1];
++ }
+ }
+ if (!headerdone && len > 3
+ && (uchar)chars[0] == 0xef && (uchar)chars[1] == 0xbb && (uchar)chars[2] == 0xbf) {
+@@ -142,7 +146,7 @@ QString QUtf8Codec::convertToUnicode(con
+ int invalid = 0;
+
+ for (int i=0; i<len; i++) {
+- ch = *chars++;
++ ch = chars[i];
+ if (need) {
+ if ((ch&0xc0) == 0x80) {
+ uc = (uc << 6) | (ch & 0x3f);
+@@ -153,14 +157,27 @@ QString QUtf8Codec::convertToUnicode(con
+ uc -= 0x10000;
+ unsigned short high = uc/0x400 + 0xd800;
+ unsigned short low = uc%0x400 + 0xdc00;
++
++ // resize if necessary
++ long where = qch - result.unicode();
++ if (where + 2 >= result.size()) {
++ result.resize(where + 2);
++ qch = result.data() + where;
++ }
++
+ *qch++ = QChar(high);
+ *qch++ = QChar(low);
++ } else if ((uc < min_uc) || (uc >= 0xd800 && uc <= 0xdfff) || (uc >= 0xfffe)) {
++ // error
++ *qch++ = QChar::ReplacementCharacter;
++ ++invalid;
+ } else {
+ *qch++ = uc;
+ }
+ }
+ } else {
+ // error
++ i = error;
+ *qch++ = QChar::ReplacementCharacter;
+ ++invalid;
+ need = 0;
+@@ -171,12 +188,22 @@ QString QUtf8Codec::convertToUnicode(con
+ } else if ((ch & 0xe0) == 0xc0) {
+ uc = ch & 0x1f;
+ need = 1;
++ error = i;
++ min_uc = 0x80;
+ } else if ((ch & 0xf0) == 0xe0) {
+ uc = ch & 0x0f;
+ need = 2;
++ error = i;
++ min_uc = 0x800;
+ } else if ((ch&0xf8) == 0xf0) {
+ uc = ch & 0x07;
+ need = 3;
++ error = i;
++ min_uc = 0x10000;
++ } else {
++ // error
++ *qch++ = QChar::ReplacementCharacter;
++ ++invalid;
+ }
+ }
+ }
+@@ -187,6 +214,7 @@ QString QUtf8Codec::convertToUnicode(con
+ if (headerdone)
+ state->flags |= IgnoreHeader;
+ state->state_data[0] = need ? uc : 0;
++ state->state_data[1] = need ? min_uc : 0;
+ }
+ return result;
+ }