summaryrefslogblamecommitdiff
path: root/user/cairo/CVE-2019-6462.patch
blob: 2a26876c36d1d1c4b3f3c2325f3bc29a94b17df3 (plain) (tree)



































                                                                                                                    
From bbeaf08190d3006a80b80a77724801cd477a37b8 Mon Sep 17 00:00:00 2001
From: Heiko Lewin <hlewin@worldiety.de>
Date: Sat, 17 Apr 2021 19:15:03 +0200
Subject: [PATCH] _arc_max_angle_for_tolerance_normalized: fix infinite loop

---
 src/cairo-arc.c | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/src/cairo-arc.c b/src/cairo-arc.c
index 390397bae..1c891d1a0 100644
--- a/src/cairo-arc.c
+++ b/src/cairo-arc.c
@@ -90,16 +90,18 @@ _arc_max_angle_for_tolerance_normalized (double tolerance)
 	{ M_PI / 11.0,  9.81410988043554039085e-09 },
     };
     int table_size = ARRAY_LENGTH (table);
+    const int max_segments = 1000; /* this value is chosen arbitrarily. this gives an error of about 1.74909e-20 */
 
     for (i = 0; i < table_size; i++)
 	if (table[i].error < tolerance)
 	    return table[i].angle;
 
     ++i;
+
     do {
 	angle = M_PI / i++;
 	error = _arc_error_normalized (angle);
-    } while (error > tolerance);
+    } while (error > tolerance && i < max_segments);
 
     return angle;
 }
-- 
GitLab