diff options
author | markd <markd@pkgsrc.org> | 2007-04-06 12:48:37 +0000 |
---|---|---|
committer | markd <markd@pkgsrc.org> | 2007-04-06 12:48:37 +0000 |
commit | 098ab044a9db256a679c341c205070d3480ce69c (patch) | |
tree | c7995e04cdf80bf94c5a1e1e9d68b8290d03931a /x11/qt4-libs | |
parent | b0d81206204ae5ac5a5dcd09d3017ea2fb8fb4a6 (diff) | |
download | pkgsrc-098ab044a9db256a679c341c205070d3480ce69c.tar.gz |
Patch for CVE-2007-0242. Bump PKGREVISION.
Diffstat (limited to 'x11/qt4-libs')
-rw-r--r-- | x11/qt4-libs/Makefile | 3 | ||||
-rw-r--r-- | x11/qt4-libs/distinfo | 4 | ||||
-rw-r--r-- | x11/qt4-libs/patches/patch-al | 43 | ||||
-rw-r--r-- | x11/qt4-libs/patches/patch-am | 93 |
4 files changed, 141 insertions, 2 deletions
diff --git a/x11/qt4-libs/Makefile b/x11/qt4-libs/Makefile index 0f9f480a908..d85f9997f02 100644 --- a/x11/qt4-libs/Makefile +++ b/x11/qt4-libs/Makefile @@ -1,8 +1,9 @@ -# $NetBSD: Makefile,v 1.8 2007/03/18 17:34:41 adam Exp $ +# $NetBSD: Makefile,v 1.9 2007/04/06 12:48:37 markd Exp $ .include "../../x11/qt4-libs/Makefile.common" PKGNAME= qt4-libs-${QTVERSION} +PKGREVISION= 1 COMMENT= C++ X GUI toolkit BUILD_TARGET= sub-src diff --git a/x11/qt4-libs/distinfo b/x11/qt4-libs/distinfo index e95a7cb10aa..84e56437195 100644 --- a/x11/qt4-libs/distinfo +++ b/x11/qt4-libs/distinfo @@ -1,4 +1,4 @@ -$NetBSD: distinfo,v 1.8 2007/03/18 17:34:41 adam Exp $ +$NetBSD: distinfo,v 1.9 2007/04/06 12:48:42 markd Exp $ SHA1 (qt-x11-opensource-src-4.2.3.tar.gz) = b988aab4fa1dcce8532c36bb63947a556076e8c8 RMD160 (qt-x11-opensource-src-4.2.3.tar.gz) = 06c9c3bd53dd6b96fc68a1dfe96882ac6927df25 @@ -14,3 +14,5 @@ SHA1 (patch-ah) = 62c50fe48b9ff1ce9fb757b432c8b1db7693e112 SHA1 (patch-ai) = b15936b85b2b1946e8c9a92bf393c3d3a1fc6950 SHA1 (patch-aj) = cb57c340a125587f5e26f63274c090512079a41c SHA1 (patch-ak) = 16eef0675a63da937637c8fc654664f1cb155d18 +SHA1 (patch-al) = c59c6830bde43208a81cb7ba52a58c134dd40eec +SHA1 (patch-am) = 81612b64cd5c6d57125e22be79334aabf08bda4d diff --git a/x11/qt4-libs/patches/patch-al b/x11/qt4-libs/patches/patch-al new file mode 100644 index 00000000000..4533276dd23 --- /dev/null +++ b/x11/qt4-libs/patches/patch-al @@ -0,0 +1,43 @@ +$NetBSD: patch-al,v 1.1 2007/04/06 12:48:42 markd Exp $ + +--- src/corelib/tools/qstring.cpp ++++ src/corelib/tools/qstring.cpp +@@ -3342,6 +3342,7 @@ QString QString::fromUtf8(const char *st + result.resize(size); // worst case + ushort *qch = result.d->data; + uint uc = 0; ++ uint min_uc = 0; + int need = 0; + int error = -1; + uchar ch; +@@ -3359,6 +3360,12 @@ QString QString::fromUtf8(const char *st + ushort low = uc%0x400 + 0xdc00; + *qch++ = high; + *qch++ = low; ++ } else if ((uc < min_uc) || (uc >= 0xd800 && uc <= 0xdfff) || (uc >= 0xfffe)) { ++ // overlong seqence, UTF16 surrogate or BOM ++ i = error; ++ qch = addOne(qch, result); ++ *qch++ = 0xdbff; ++ *qch++ = 0xde00 + ((uchar)str[i]); + } else { + *qch++ = uc; + } +@@ -3381,14 +3388,17 @@ QString QString::fromUtf8(const char *st + uc = ch & 0x1f; + need = 1; + error = i; ++ min_uc = 0x80; + } else if ((ch & 0xf0) == 0xe0) { + uc = ch & 0x0f; + need = 2; + error = i; ++ min_uc = 0x800; + } else if ((ch&0xf8) == 0xf0) { + uc = ch & 0x07; + need = 3; + error = i; ++ min_uc = 0x10000; + } else { + // Error + qch = addOne(qch, result); diff --git a/x11/qt4-libs/patches/patch-am b/x11/qt4-libs/patches/patch-am new file mode 100644 index 00000000000..38bc89e6c45 --- /dev/null +++ b/x11/qt4-libs/patches/patch-am @@ -0,0 +1,93 @@ +$NetBSD: patch-am,v 1.1 2007/04/06 12:48:42 markd Exp $ + +--- src/corelib/codecs/qutfcodec.cpp ++++ src/corelib/codecs/qutfcodec.cpp +@@ -117,15 +117,19 @@ QString QUtf8Codec::convertToUnicode(con + bool headerdone = false; + QChar replacement = QChar::ReplacementCharacter; + int need = 0; ++ int error = -1; + uint uc = 0; ++ uint min_uc = 0; + if (state) { + if (state->flags & IgnoreHeader) + headerdone = true; + if (state->flags & ConvertInvalidToNull) + replacement = QChar::Null; + need = state->remainingChars; +- if (need) ++ if (need) { + uc = state->state_data[0]; ++ min_uc = state->state_data[1]; ++ } + } + if (!headerdone && len > 3 + && (uchar)chars[0] == 0xef && (uchar)chars[1] == 0xbb && (uchar)chars[2] == 0xbf) { +@@ -142,7 +146,7 @@ QString QUtf8Codec::convertToUnicode(con + int invalid = 0; + + for (int i=0; i<len; i++) { +- ch = *chars++; ++ ch = chars[i]; + if (need) { + if ((ch&0xc0) == 0x80) { + uc = (uc << 6) | (ch & 0x3f); +@@ -153,14 +157,27 @@ QString QUtf8Codec::convertToUnicode(con + uc -= 0x10000; + unsigned short high = uc/0x400 + 0xd800; + unsigned short low = uc%0x400 + 0xdc00; ++ ++ // resize if necessary ++ long where = qch - result.unicode(); ++ if (where + 2 >= result.size()) { ++ result.resize(where + 2); ++ qch = result.data() + where; ++ } ++ + *qch++ = QChar(high); + *qch++ = QChar(low); ++ } else if ((uc < min_uc) || (uc >= 0xd800 && uc <= 0xdfff) || (uc >= 0xfffe)) { ++ // error ++ *qch++ = QChar::ReplacementCharacter; ++ ++invalid; + } else { + *qch++ = uc; + } + } + } else { + // error ++ i = error; + *qch++ = QChar::ReplacementCharacter; + ++invalid; + need = 0; +@@ -171,12 +188,22 @@ QString QUtf8Codec::convertToUnicode(con + } else if ((ch & 0xe0) == 0xc0) { + uc = ch & 0x1f; + need = 1; ++ error = i; ++ min_uc = 0x80; + } else if ((ch & 0xf0) == 0xe0) { + uc = ch & 0x0f; + need = 2; ++ error = i; ++ min_uc = 0x800; + } else if ((ch&0xf8) == 0xf0) { + uc = ch & 0x07; + need = 3; ++ error = i; ++ min_uc = 0x10000; ++ } else { ++ // error ++ *qch++ = QChar::ReplacementCharacter; ++ ++invalid; + } + } + } +@@ -187,6 +214,7 @@ QString QUtf8Codec::convertToUnicode(con + if (headerdone) + state->flags |= IgnoreHeader; + state->state_data[0] = need ? uc : 0; ++ state->state_data[1] = need ? min_uc : 0; + } + return result; + } |