Fix potential vulnerability from an off-by-one error in the QUtf8Decoder

class.

Security: CVS-2007-4137

2 files changed, 12 insertions, 1 deletions

diff --git a/devel/qt4-corelib/Makefile b/devel/qt4-corelib/Makefile
index c98fe7b206ef..2ec4db79b5ad 100644
--- a/devel/qt4-corelib/Makefile
+++ b/devel/qt4-corelib/Makefile
@@ -8,7 +8,7 @@
 
 PORTNAME=	corelib
 PORTVERSION=	${QT4_VERSION}
-PORTREVISION=	0
+PORTREVISION=	1
 CATEGORIES?=	devel
 MASTER_SITES=	${MASTER_SITE_QT}
 PKGNAMEPREFIX=	qt4-
diff --git a/devel/qt4-corelib/files/patch-CVE-2007-4137 b/devel/qt4-corelib/files/patch-CVE-2007-4137
new file mode 100644
index 000000000000..e2bbdd06eb5b
--- /dev/null
+++ b/devel/qt4-corelib/files/patch-CVE-2007-4137
@@ -0,0 +1,11 @@
+--- src/corelib/codecs/qutfcodec.cpp
++++ src/corelib/codecs/qutfcodec.cpp
+@@ -140,7 +140,7 @@ void QUtf8Codec::convertToUnicode(QString *target, const char *chars, int len, C
+ 
+     int originalLength = target->length();
+     QString &result = *target;
+-    result.resize(originalLength + len); // worst case
++    result.resize(originalLength + len + 1); // worst case
+     QChar *qch = result.data() + originalLength;
+     uchar ch;
+     int invalid = 0;