diff options
| author | rakuco <rakuco@FreeBSD.org> | 2014-07-22 05:38:13 +0800 |
|---|---|---|
| committer | rakuco <rakuco@FreeBSD.org> | 2014-07-22 05:38:13 +0800 |
| commit | f68bbcb8e80513dbac2c780abb75d7f15d82b075 (patch) | |
| tree | b83e5435bb575af533fce4dca2199ea979448997 /x11-toolkits | |
| parent | b3498d12d3b2d31dc4667bf5587cfce1bbea343a (diff) | |
| download | freebsd-ports-gnome-f68bbcb8e80513dbac2c780abb75d7f15d82b075.tar.gz freebsd-ports-gnome-f68bbcb8e80513dbac2c780abb75d7f15d82b075.tar.zst freebsd-ports-gnome-f68bbcb8e80513dbac2c780abb75d7f15d82b075.zip | |
Move back the patch for CVE-2014-0190 to qt5-gui.
It applies to -imageformats in Qt4, but -gui in Qt5. Noted by antoine@. A
PORTREVISION bump was unavoidable to make sure people who build
qt5-gui-5.2.1_3 without the patch rebuild the port with it.
MFH: 2014Q3
Security: 904d78b8-0f7e-11e4-8b71-5453ed2e2b49
Diffstat (limited to 'x11-toolkits')
| -rw-r--r-- | x11-toolkits/qt5-gui/Makefile | 2 | ||||
| -rw-r--r-- | x11-toolkits/qt5-gui/files/patch-CVE-2014-0190 | 36 |
2 files changed, 37 insertions, 1 deletions
diff --git a/x11-toolkits/qt5-gui/Makefile b/x11-toolkits/qt5-gui/Makefile index bc320077089e..2116eecdb160 100644 --- a/x11-toolkits/qt5-gui/Makefile +++ b/x11-toolkits/qt5-gui/Makefile @@ -2,7 +2,7 @@ PORTNAME= gui DISTVERSION= ${QT5_VERSION} -PORTREVISION= 3 +PORTREVISION= 4 CATEGORIES= x11-toolkits graphics PKGNAMEPREFIX= qt5- diff --git a/x11-toolkits/qt5-gui/files/patch-CVE-2014-0190 b/x11-toolkits/qt5-gui/files/patch-CVE-2014-0190 new file mode 100644 index 000000000000..cfbbe0f755c4 --- /dev/null +++ b/x11-toolkits/qt5-gui/files/patch-CVE-2014-0190 @@ -0,0 +1,36 @@ +commit eb1325047f2697d24e93ebaf924900affc876bc1 +Author: Lars Knoll <lars.knoll@digia.com> +Date: Thu Apr 24 15:33:27 2014 +0200 + + Don't crash on broken GIF images + + Broken GIF images could set invalid width and height + values inside the image, leading to Qt creating a null + QImage for it. In that case we need to abort decoding + the image and return an error. + + Initial patch by Rich Moore. + + Task-number: QTBUG-38367 + Change-Id: Id82a4036f478bd6e49c402d6598f57e7e5bb5e1e + Security-advisory: CVE-2014-0190 + Reviewed-by: Richard J. Moore <rich@kde.org> + +diff --git a/src/gui/image/qgifhandler.cpp b/src/gui/image/qgifhandler.cpp +index eeb62af..19b8382 100644 +--- src/gui/image/qgifhandler.cpp ++++ src/gui/image/qgifhandler.cpp +@@ -359,6 +359,13 @@ int QGIFFormat::decode(QImage *image, const uchar *buffer, int length, + memset(bits, 0, image->byteCount()); + } + ++ // Check if the previous attempt to create the image failed. If it ++ // did then the image is broken and we should give up. ++ if (image->isNull()) { ++ state = Error; ++ return -1; ++ } ++ + disposePrevious(image); + disposed = false; + |