diff options
| author | rakuco <rakuco@FreeBSD.org> | 2014-07-21 01:09:20 +0800 |
|---|---|---|
| committer | rakuco <rakuco@FreeBSD.org> | 2014-07-21 01:09:20 +0800 |
| commit | b5c66d6b257f439695b5fd57a00012bc9ace95d7 (patch) | |
| tree | b315f095391324b767802077e731ef7ee294a4a5 /x11-toolkits/qt5-gui | |
| parent | 1b0c58e15a42211ad3d6b0085c370171db4d3278 (diff) | |
| download | freebsd-ports-graphics-b5c66d6b257f439695b5fd57a00012bc9ace95d7.tar.gz freebsd-ports-graphics-b5c66d6b257f439695b5fd57a00012bc9ace95d7.tar.zst freebsd-ports-graphics-b5c66d6b257f439695b5fd57a00012bc9ace95d7.zip | |
Move the patches fixing CVE-2014-0190 to the right ports.
The GIF handler is part of qt{4,5}-imageformats, not qt{4,5}-gui. Big pointy
hat to me.
I've chosen not to force users to rebuild the -gui ports yet again with a
PORTREVISION bump since the code built in those ports is the same regardless
of whether the patch is applied or not.
Submitted by: RyoTa SimaMoto <liangtai.s16@gmail.com>
MFH: 2014Q3
Security: 904d78b8-0f7e-11e4-8b71-5453ed2e2b49
Diffstat (limited to 'x11-toolkits/qt5-gui')
| -rw-r--r-- | x11-toolkits/qt5-gui/files/patch-CVE-2014-0190 | 36 |
1 files changed, 0 insertions, 36 deletions
diff --git a/x11-toolkits/qt5-gui/files/patch-CVE-2014-0190 b/x11-toolkits/qt5-gui/files/patch-CVE-2014-0190 deleted file mode 100644 index cfbbe0f755c..00000000000 --- a/x11-toolkits/qt5-gui/files/patch-CVE-2014-0190 +++ /dev/null @@ -1,36 +0,0 @@ -commit eb1325047f2697d24e93ebaf924900affc876bc1 -Author: Lars Knoll <lars.knoll@digia.com> -Date: Thu Apr 24 15:33:27 2014 +0200 - - Don't crash on broken GIF images - - Broken GIF images could set invalid width and height - values inside the image, leading to Qt creating a null - QImage for it. In that case we need to abort decoding - the image and return an error. - - Initial patch by Rich Moore. - - Task-number: QTBUG-38367 - Change-Id: Id82a4036f478bd6e49c402d6598f57e7e5bb5e1e - Security-advisory: CVE-2014-0190 - Reviewed-by: Richard J. Moore <rich@kde.org> - -diff --git a/src/gui/image/qgifhandler.cpp b/src/gui/image/qgifhandler.cpp -index eeb62af..19b8382 100644 ---- src/gui/image/qgifhandler.cpp -+++ src/gui/image/qgifhandler.cpp -@@ -359,6 +359,13 @@ int QGIFFormat::decode(QImage *image, const uchar *buffer, int length, - memset(bits, 0, image->byteCount()); - } - -+ // Check if the previous attempt to create the image failed. If it -+ // did then the image is broken and we should give up. -+ if (image->isNull()) { -+ state = Error; -+ return -1; -+ } -+ - disposePrevious(image); - disposed = false; - |