NetCube-Systems-Austria/kumquat-buildroot
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
37097d6d60
kumquat-buildroot/package/qt5/qt5base/0011-Improve-fix-for-avoiding-huge-number-of-tiny-dashes.patch
Quentin Schulz 9151eab3c7 package/qt5/qt5base: fix CVE-2021-38593 
5.15.2 is the last public release of 5.15 and does not contain this CVE
fix. However, >=6.1.2 and >5.12.12 all contain the necessary patches so
let's port them to 5.15.2.

Technically only the first two patches are required to patch the CVE.
However, the second patch introduces a regression that is fixed in the third
patch.

The patches are taken from KDE kde/5.15 git branch.

Cc: Quentin Schulz <foss+buildroot@0leil.net>
Signed-off-by: Quentin Schulz <quentin.schulz@theobroma-systems.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2022-01-21 21:50:27 +01:00

38 lines
1.6 KiB
Diff
Raw Blame History

From 856d11f695fb6effe26a359f9ad0efdf24067085 Mon Sep 17 00:00:00 2001
From: Eirik Aavitsland <eirik.aavitsland@qt.io>
Date: Fri, 23 Jul 2021 15:53:56 +0200
Subject: [PATCH] Improve fix for avoiding huge number of tiny dashes
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Some pathological cases were not caught by the previous fix.
Fixes: QTBUG-95239
Pick-to: 6.2 6.1 5.15
Change-Id: I0337ee3923ff93ccb36c4d7b810a9c0667354cc5
Reviewed-by: Robert Löhning <robert.loehning@qt.io>
(cherry picked from commit 6b400e3147dcfd8cc3a393ace1bd118c93762e0c)
[Retrieved from: https://invent.kde.org/qt/qt/qtbase/-/commit/fed5713eeba5bf8e0ee413cb4e77109bfa7c2bce]
Signed-off-by: Quentin Schulz <quentin.schulz@theobroma-systems.com>
---
src/gui/painting/qpaintengineex.cpp | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/gui/painting/qpaintengineex.cpp b/src/gui/painting/qpaintengineex.cpp
index 55fdb0c2a0..19e4b23423 100644
--- a/src/gui/painting/qpaintengineex.cpp
+++ b/src/gui/painting/qpaintengineex.cpp
@@ -426,7 +426,7 @@ void QPaintEngineEx::stroke(const QVectorPath &path, const QPen &inPen)
patternLength *= pen.widthF();
if (qFuzzyIsNull(patternLength)) {
pen.setStyle(Qt::NoPen);
- } else if (extent / patternLength > 10000) {
+ } else if (qFuzzyIsNull(extent) || extent / patternLength > 10000) {
// approximate stream of tiny dashes with semi-transparent solid line
pen.setStyle(Qt::SolidLine);
QColor color(pen.color());
--
2.34.1
Reference in New Issue View Git Blame Copy Permalink