diff options
Diffstat (limited to 'user/qt5-qtimageformats')
-rw-r--r-- | user/qt5-qtimageformats/APKBUILD | 13 | ||||
-rw-r--r-- | user/qt5-qtimageformats/kde-lts.patch | 78 |
2 files changed, 86 insertions, 5 deletions
diff --git a/user/qt5-qtimageformats/APKBUILD b/user/qt5-qtimageformats/APKBUILD index 49c3feb3d..b771c7708 100644 --- a/user/qt5-qtimageformats/APKBUILD +++ b/user/qt5-qtimageformats/APKBUILD @@ -1,7 +1,7 @@ # Maintainer: A. Wilcox <awilfox@adelielinux.org> pkgname=qt5-qtimageformats -_pkgname=qtimageformats-everywhere-src -pkgver=5.12.9 +_pkgname=qtimageformats-everywhere +pkgver=5.15.4 pkgrel=0 pkgdesc="Image handling plugin for Qt" url="https://www.qt.io/" @@ -9,10 +9,12 @@ arch="all" license="LGPL-3.0-only WITH Qt-LGPL-exception-1.1 OR GPL-3.0-only WITH Qt-GPL-exception-1.0" depends="" makedepends="jasper-dev libwebp-dev qt5-qtbase-dev tiff-dev" -source="https://download.qt.io/official_releases/qt/${pkgver%.*}/$pkgver/submodules/$_pkgname-$pkgver.tar.xz" +source="https://download.qt.io/official_releases/qt/${pkgver%.*}/$pkgver/submodules/$_pkgname-opensource-src-$pkgver.tar.xz + kde-lts.patch + " _qt5_prefix=/usr/lib/qt5 -builddir="$srcdir"/$_pkgname-$pkgver +builddir="$srcdir"/$_pkgname-src-$pkgver build() { qmake @@ -27,4 +29,5 @@ package() { make install INSTALL_ROOT="$pkgdir" } -sha512sums="5f4e694aa0ebe3cdebdae6807c062c0de749ea77e78339922d5cac62ac69066df38b2977e1a3cddfae48dc9486bb89384297efda1833c8886bf4d0462f59f00a qtimageformats-everywhere-src-5.12.9.tar.xz" +sha512sums="388a9ceebdca6d32f606615af37233f2d8394856d067c9a80486b88ad5714eac90263cd6555a3efd9c1b5fdcc27431b7f99eed6fc02760b1a9974515bfe70274 qtimageformats-everywhere-opensource-src-5.15.4.tar.xz +975fa493f321382876cc5ec45041a9ecdec839811d020c2d1849eea98ed87eb2dfb207ff45fc555c05c25f618b9c42027223729494ba940a9204b4047dbfa8c7 kde-lts.patch" diff --git a/user/qt5-qtimageformats/kde-lts.patch b/user/qt5-qtimageformats/kde-lts.patch new file mode 100644 index 000000000..ff05fd6bb --- /dev/null +++ b/user/qt5-qtimageformats/kde-lts.patch @@ -0,0 +1,78 @@ +From b43e31b9f31ec482ddea2066fda7ca9315512815 Mon Sep 17 00:00:00 2001 +From: Eirik Aavitsland <eirik.aavitsland@qt.io> +Date: Fri, 13 May 2022 11:42:35 +0200 +Subject: [PATCH] Add some basic checking against corrupt input +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +Fixes: QTBUG-103454 +Pick-to: 6.3 6.2 5.15 +Change-Id: I169b0de8465bc5d90aebfd8250db0361819065c5 +Reviewed-by: Robert Löhning <robert.loehning@qt.io> +(cherry picked from commit 34731687ee77c59607db9d88c6361111631e48c6) +--- + src/plugins/imageformats/icns/qicnshandler.cpp | 16 +++++++++++----- + 1 file changed, 11 insertions(+), 5 deletions(-) + +diff --git a/src/plugins/imageformats/icns/qicnshandler.cpp b/src/plugins/imageformats/icns/qicnshandler.cpp +index dde783c..d6fc589 100644 +--- a/src/plugins/imageformats/icns/qicnshandler.cpp ++++ b/src/plugins/imageformats/icns/qicnshandler.cpp +@@ -515,6 +515,9 @@ static bool parseIconEntryInfo(ICNSEntry &icon) + } + icon.height = icon.width; + } ++ // Sanity check ++ if (icon.width == 0 || icon.width > 4096 || icon.depth > 32) ++ return false; + return true; + } + +@@ -685,7 +688,7 @@ bool QICNSHandler::canRead() const + bool QICNSHandler::read(QImage *outImage) + { + QImage img; +- if (!ensureScanned()) { ++ if (!ensureScanned() || m_currentIconIndex >= m_icons.size()) { + qWarning("QICNSHandler::read(): The device wasn't parsed properly!"); + return false; + } +@@ -892,7 +895,7 @@ bool QICNSHandler::scanDevice() + return false; + + const qint64 blockDataOffset = device()->pos(); +- if (!isBlockHeaderValid(blockHeader)) { ++ if (!isBlockHeaderValid(blockHeader, ICNSBlockHeaderSize + filelength - blockDataOffset)) { + qWarning("QICNSHandler::scanDevice(): Failed, bad header at pos %s. OSType \"%s\", length %u", + QByteArray::number(blockDataOffset).constData(), + nameFromOSType(blockHeader.ostype).constData(), blockHeader.length); +@@ -927,11 +930,14 @@ bool QICNSHandler::scanDevice() + case ICNSBlockHeader::TypeOdrp: + // Icns container seems to have an embedded icon variant container + // Let's start a scan for entries +- while (device()->pos() < nextBlockOffset) { ++ while (!stream.atEnd() && device()->pos() < nextBlockOffset) { + ICNSBlockHeader icon; + stream >> icon; ++ if (stream.status() != QDataStream::Ok) ++ return false; + // Check for incorrect variant entry header and stop scan +- if (!isBlockHeaderValid(icon, blockDataLength)) ++ quint64 remaining = blockDataLength - (device()->pos() - blockDataOffset); ++ if (!isBlockHeaderValid(icon, ICNSBlockHeaderSize + remaining)) + break; + if (!addEntry(icon, device()->pos(), blockHeader.ostype)) + return false; +@@ -1003,7 +1009,7 @@ bool QICNSHandler::scanDevice() + break; + } + } +- return true; ++ return (m_icons.size() > 0); + } + + const ICNSEntry &QICNSHandler::getIconMask(const ICNSEntry &icon) const +-- +2.36.0 + |