aboutsummaryrefslogtreecommitdiffstats
path: root/x11-toolkits/qt4-gui
diff options
context:
space:
mode:
authorlofi <lofi@FreeBSD.org>2007-07-31 05:53:10 +0800
committerlofi <lofi@FreeBSD.org>2007-07-31 05:53:10 +0800
commitce63eafe1e493850dfc6e2e4cac9c8ab0ca90864 (patch)
tree9698baa7a807c0adca8db2e689761ccbbdbe00a7 /x11-toolkits/qt4-gui
parentd64e61779e5c89be31f24a605ba762899ebd5b9b (diff)
downloadfreebsd-ports-gnome-ce63eafe1e493850dfc6e2e4cac9c8ab0ca90864.tar.gz
freebsd-ports-gnome-ce63eafe1e493850dfc6e2e4cac9c8ab0ca90864.tar.zst
freebsd-ports-gnome-ce63eafe1e493850dfc6e2e4cac9c8ab0ca90864.zip
Fix various format string vulnerabilities in Qt3 and Qt4.
Security: http://trolltech.com/company/newsroom/announcements/press.2007-07-27.750375 Security: CVE-2007-3388
Diffstat (limited to 'x11-toolkits/qt4-gui')
-rw-r--r--x11-toolkits/qt4-gui/Makefile3
-rw-r--r--x11-toolkits/qt4-gui/files/patch-0185-fix-format-strings.diff29
2 files changed, 31 insertions, 1 deletions
diff --git a/x11-toolkits/qt4-gui/Makefile b/x11-toolkits/qt4-gui/Makefile
index b00393eff1af..9433e4b16a3e 100644
--- a/x11-toolkits/qt4-gui/Makefile
+++ b/x11-toolkits/qt4-gui/Makefile
@@ -8,7 +8,7 @@
PORTNAME= gui
PORTVERSION= ${QT4_VERSION}
-PORTREVISION= 1
+PORTREVISION= 2
CATEGORIES?= x11-toolkits
MASTER_SITES= ${MASTER_SITE_QT}
PKGNAMEPREFIX= qt4-
@@ -46,6 +46,7 @@ EXTRACT_AFTER_ARGS=| ${TAR} -xf - \
--exclude '${DISTNAME}/tools/qtconfig' --exclude '${DISTNAME}/tools/qvfb'
WRKSRC= ${WRKDIR}/${DISTNAME}/src/${PORTNAME}
CONFIGURE_WRKSRC=${WRKSRC}/../../
+PATCH_WRKSRC=${CONFIGURE_WRKSRC}
OPTIONS= CUPS "Enable printing support (requires CUPS)" off \
NAS "Enable sound support (requires NAS)" off
diff --git a/x11-toolkits/qt4-gui/files/patch-0185-fix-format-strings.diff b/x11-toolkits/qt4-gui/files/patch-0185-fix-format-strings.diff
new file mode 100644
index 000000000000..ce23edfdf7b9
--- /dev/null
+++ b/x11-toolkits/qt4-gui/files/patch-0185-fix-format-strings.diff
@@ -0,0 +1,29 @@
+--- src/gui/painting/qprintengine_pdf_p.h
++++ src/gui/painting/qprintengine_pdf_p.h
+@@ -148,7 +148,11 @@ private:
+ void writePage();
+
+ int addXrefEntry(int object, bool printostr = true);
+- void xprintf(const char* fmt, ...);
++ void xprintf(const char* fmt, ...)
++#if defined(Q_CC_GNU) && !defined(__INSURE__)
++ __attribute__ ((format (printf, 2, 3)))
++#endif
++ ;
+ inline void write(const QByteArray &data) {
+ stream->writeRawData(data.constData(), data.size());
+ streampos += data.size();
+--- src/gui/painting/qprintengine_pdf.cpp
++++ src/gui/painting/qprintengine_pdf.cpp
+@@ -386,9 +386,8 @@ int QPdfEnginePrivate::addConstantAlphaO
+ object = addXrefEntry(-1);
+ QByteArray alphaDef;
+ QPdf::ByteStream s(&alphaDef);
+- s << "<< /ca " << (alpha/qreal(255.)) << ">>\n";
+- xprintf(alphaDef.constData());
+- xprintf("endobj\n");
++ s << "<< /ca " << (alpha/qreal(255.)) << ">>";
++ xprintf("%s\nendobj\n", alphaDef.constData());
+ }
+ currentPage->graphicStates.append(object);
+ return object; \ No newline at end of file
generated by cgit (git 2.34.1) at 2024-11-16 18:40:16 +0800