qt qtbase: include BMP DoS fix

author: Mark Brand <mabrand@mabrand.nl> 2015-02-28 15:44:56 (GMT)
committer: Mark Brand <mabrand@mabrand.nl> 2015-02-28 15:44:56 (GMT)
commit: 9b4d1e83da1e1bf5ce36313334a8e6d660c2beae (patch)
tree: e1542fc41d26147de3022e3e6929af13315b239e /src/qt-1-cherrypicks.patch
parent: e91ec3826cd7b220e061aaf89743710db67627f0 (diff)
download: mxe-9b4d1e83da1e1bf5ce36313334a8e6d660c2beae.zip
mxe-9b4d1e83da1e1bf5ce36313334a8e6d660c2beae.tar.gz
mxe-9b4d1e83da1e1bf5ce36313334a8e6d660c2beae.tar.bz2
1 files changed, 77 insertions, 36 deletions
diff --git a/src/qt-1-cherrypicks.patch b/src/qt-1-cherrypicks.patch
index 3e73833..1f57ccf 100644
--- a/src/qt-1-cherrypicks.patch
+++ b/src/qt-1-cherrypicks.patch
@@ -7,7 +7,7 @@ Also contains MXE specific fixes.
 From f7acb6676a5950078500360aa0586becf4beb553 Mon Sep 17 00:00:00 2001
 From: Mark Brand <mabrand@mabrand.nl>
 Date: Fri, 13 Jan 2012 00:17:48 +0100
-Subject: [PATCH 01/18] remove trailing whitespace
+Subject: [PATCH 01/19] remove trailing whitespace
 
 backported from qt5/qtbase
 Change-Id: If53a0bd1794e69b4856f993c6e2959369bd007d6
@@ -28,13 +28,13 @@ index 9090773..859ec8d 100644
                          ../plugins/codecs/tw/qbig5codec.h \
                          ../plugins/codecs/jp/qfontjpcodec.h
 -- 
-1.8.4.5
+2.1.0
 
 
 From 9ecb9ef79302deaab80adc8d97c923260d3dcaeb Mon Sep 17 00:00:00 2001
 From: Mark Brand <mabrand@mabrand.nl>
 Date: Thu, 30 Jun 2011 10:22:33 +0200
-Subject: [PATCH 02/18] do not detect or configure iconv for Windows
+Subject: [PATCH 02/19] do not detect or configure iconv for Windows
 
 Qt doesn't use iconv on Windows, but configuring it will appear to
 work and the build will complete. The result is that character
@@ -62,13 +62,13 @@ index a9ba7c8..2e495a4 100755
      elif compileTest "unix/iconv" "POSIX iconv"; then
          CFG_ICONV=yes
 -- 
-1.8.4.5
+2.1.0
 
 
 From 02f19c027ec896c6a42d9c02af4ca772151dc46b Mon Sep 17 00:00:00 2001
 From: Mark Brand <mabrand@mabrand.nl>
 Date: Wed, 18 Jan 2012 11:43:10 +0100
-Subject: [PATCH 03/18] fix whitespace
+Subject: [PATCH 03/19] fix whitespace
 
 backported from qt5/qtbase
 Change-Id: I0cfccae085c000d4368386a34f288c1e6f01a88f
@@ -136,13 +136,13 @@ index 859ec8d..70cd890 100644
                          ../plugins/codecs/tw/qbig5codec.cpp \
                          ../plugins/codecs/jp/qfontjpcodec.cpp
 -- 
-1.8.4.5
+2.1.0
 
 
 From 7294d08265fff3470580267f5585948926aef418 Mon Sep 17 00:00:00 2001
 From: Mark Brand <mabrand@mabrand.nl>
 Date: Mon, 4 Jul 2011 00:42:24 +0200
-Subject: [PATCH 04/18] build and load text codecs regardless of iconv and
+Subject: [PATCH 04/19] build and load text codecs regardless of iconv and
  platform
 
 Otherwise applications linking to static Qt may have to import
@@ -278,13 +278,13 @@ index 58ffb00..1ee586e 100644
  #endif // QT_NO_CODECS
  
 -- 
-1.8.4.5
+2.1.0
 
 
 From b262b83a888f975b3229e0d5d0ad40d6dd255347 Mon Sep 17 00:00:00 2001
 From: Mark Brand <mabrand@mabrand.nl>
 Date: Fri, 13 Jan 2012 00:24:13 +0100
-Subject: [PATCH 05/18] move plugin text codecs to QtCore
+Subject: [PATCH 05/19] move plugin text codecs to QtCore
 
 Having plugin text codecs adds considerable complexity to
 configuring Qt. The plugin interface is designed for optional
@@ -79229,13 +79229,13 @@ index 94ce675..c4af49b 100644
  !embedded:!qpa:!contains(QT_CONFIG, no-gui):SUBDIRS *= graphicssystems
  embedded:SUBDIRS *=  gfxdrivers decorations mousedrivers kbddrivers
 -- 
-1.8.4.5
+2.1.0
 
 
 From f83e70e53314cfed3329f5b0640ef3d8f91f8d02 Mon Sep 17 00:00:00 2001
 From: Mark Brand <mabrand@mabrand.nl>
 Date: Wed, 18 Jan 2012 21:01:26 +0100
-Subject: [PATCH 06/18] update private header references
+Subject: [PATCH 06/19] update private header references
 
 backported from qt5/qtbase
 Change-Id: I092d879653b6900532a0c4534c1eb2be84e9d0f6
@@ -79392,13 +79392,13 @@ index a4c0981..5025968 100644
  #include <QtCore/qlist.h>
  
 -- 
-1.8.4.5
+2.1.0
 
 
 From d83cb542ed81668261fd0267f1dfaef581228ff6 Mon Sep 17 00:00:00 2001
 From: Mark Brand <mabrand@mabrand.nl>
 Date: Sun, 3 Jul 2011 21:53:27 +0200
-Subject: [PATCH 07/18] cosmetic adjustments for files moved to core/codecs
+Subject: [PATCH 07/19] cosmetic adjustments for files moved to core/codecs
 
 -update old reference to 'plugin'
 -rename multiple inclusion guards
@@ -79884,13 +79884,13 @@ index 5025968..6dd8902 100644
 -#endif // QSJISCODEC_H
 +#endif // QSJISCODEC_P_H
 -- 
-1.8.4.5
+2.1.0
 
 
 From 04dc59bf0b9f0ab787d90d42d9dd8d8907346af4 Mon Sep 17 00:00:00 2001
 From: Mark Brand <mabrand@mabrand.nl>
 Date: Thu, 12 Jan 2012 10:43:29 +0100
-Subject: [PATCH 08/18] remove obsolete codec plugin loading code
+Subject: [PATCH 08/19] remove obsolete codec plugin loading code
 
 backported from qt5/qtbase
 Change-Id: I1f3dbb5c10009413f701947b1b89ed3dbc94bf3d
@@ -80421,13 +80421,13 @@ index 316e718..6acd0fb 100644
  #if !defined(QT_NO_COLORDIALOG) && (defined(QT_NO_SPINBOX))
  #define QT_NO_COLORDIALOG
 -- 
-1.8.4.5
+2.1.0
 
 
 From 9a38d6f343045133d3093aabee715aa4eeb84e7a Mon Sep 17 00:00:00 2001
 From: Mark Brand <mabrand@mabrand.nl>
 Date: Mon, 23 Jan 2012 23:12:46 +0100
-Subject: [PATCH 09/18] remove vestiges of text codec plugins
+Subject: [PATCH 09/19] remove vestiges of text codec plugins
 
 follow-up to 3a3356a85079d734dfa57205a00e1996afc033df
 
@@ -80455,13 +80455,13 @@ index dea05e0..12cd8ea 100644
  Description: Supports translations using QObject::tr().
  Section: Internationalization
 -- 
-1.8.4.5
+2.1.0
 
 
 From 376cc3027f9cc2d90af96e7cb964f6e8e9d8a464 Mon Sep 17 00:00:00 2001
 From: Mark Brand <mabrand@mabrand.nl>
 Date: Thu, 3 Nov 2011 15:10:26 +0100
-Subject: [PATCH 10/18] use pkg-config for libmng (MXE specific)
+Subject: [PATCH 10/19] use pkg-config for libmng (MXE specific)
 
 Change-Id: Ifce956d5cad06d5273088656b8500b87980063f4
 
@@ -80481,13 +80481,13 @@ index ffb98de..6aab68f 100644
  } else {
      include($$PWD/../../3rdparty/libmng.pri)
 -- 
-1.8.4.5
+2.1.0
 
 
 From 7d62ca1f73ed19db7e3cb87d60117ed056e9af87 Mon Sep 17 00:00:00 2001
 From: Mark Brand <mabrand@mabrand.nl>
 Date: Thu, 3 Nov 2011 14:11:02 +0100
-Subject: [PATCH 11/18] use pkg-config for libtiff-4 (MXE specific)
+Subject: [PATCH 11/19] use pkg-config for libtiff-4 (MXE specific)
 
 Change-Id: I5e89e66fc1606d425553e781c9e62db703136957
 
@@ -80507,13 +80507,13 @@ index e1cc3ee..71cbab1 100644
  } else {
      include($$PWD/../../3rdparty/libtiff.pri)
 -- 
-1.8.4.5
+2.1.0
 
 
 From 713dd9fee42c94151cd060bccef58429d2af04d4 Mon Sep 17 00:00:00 2001
 From: Tony Theodore <tonyt@logyst.com>
 Date: Thu, 1 Sep 2011 13:47:10 +0200
-Subject: [PATCH 12/18] fix building on GNU/kFreeBSD (MXE specific)
+Subject: [PATCH 12/19] fix building on GNU/kFreeBSD (MXE specific)
 
 This patch has been taken from:
 
@@ -80538,13 +80538,13 @@ index 96fbeee..5bd8c80 100644
  #  define Q_OS_NETBSD
  #  define Q_OS_BSD4
 -- 
-1.8.4.5
+2.1.0
 
 
 From 1957ef52ed0246f661a6bbfc994d0a15617f41f0 Mon Sep 17 00:00:00 2001
 From: Tony Theodore <tonyt@logyst.com>
 Date: Thu, 1 Sep 2011 13:49:47 +0200
-Subject: [PATCH 13/18] fix missing platform when building on GNU/kFreeBSD (MXE
+Subject: [PATCH 13/19] fix missing platform when building on GNU/kFreeBSD (MXE
  specific)
 
 This patch is inspired by:
@@ -80569,13 +80569,13 @@ index 2e495a4..4965d90 100755
          PLATFORM=dgux-g++
          ;;
 -- 
-1.8.4.5
+2.1.0
 
 
 From 4df31e3967977d0726877e32d66394bef820cb5d Mon Sep 17 00:00:00 2001
 From: Tony Theodore <tonyt@logyst.com>
 Date: Thu, 1 Sep 2011 13:51:50 +0200
-Subject: [PATCH 14/18] fix building on dragonfly (MXE specific)
+Subject: [PATCH 14/19] fix building on dragonfly (MXE specific)
 
 This patch is inspired by:
 http://cvsweb.NetBSD.org/bsdweb.cgi/pkgsrc/x11/qt4-libs/Makefile.common?rev=1.27&content-type=text/x-cvsweb-markup
@@ -80596,13 +80596,13 @@ index 4965d90..e1e7384 100755
          PLATFORM_NOTES="
              - Also available for FreeBSD: freebsd-icc
 -- 
-1.8.4.5
+2.1.0
 
 
 From d2b06e4775fb0b0faf83cb99b3443a9fe036f237 Mon Sep 17 00:00:00 2001
 From: Tony Theodore <tonyt@logyst.com>
 Date: Wed, 30 Apr 2014 22:12:35 +0200
-Subject: [PATCH 15/18] fix for designer in shared build (MXE specific)
+Subject: [PATCH 15/19] fix for designer in shared build (MXE specific)
 
 Change-Id: I23afe70c17e88d63b649d851f89e187da9b79d96
 
@@ -80620,13 +80620,13 @@ index f58df8a..0c25ed4 100644
  
  # Input
 -- 
-1.8.4.5
+2.1.0
 
 
 From 31d8a5c526bdde7a1026380c269ba99baf2d38b1 Mon Sep 17 00:00:00 2001
 From: Mark Brand <mabrand@mabrand.nl>
 Date: Wed, 30 Apr 2014 23:17:58 +0200
-Subject: [PATCH 16/18] fix include of private header
+Subject: [PATCH 16/19] fix include of private header
 
 Change-Id: I0554933de2536231d7d416d8df5b96eaa459fc51
 Reviewed-by: Oswald Buddenhagen <oswald.buddenhagen@digia.com>
@@ -80646,13 +80646,13 @@ index e933112..3868c21 100644
  #include "ui_qfiledialog.h"
  #else
 -- 
-1.8.4.5
+2.1.0
 
 
 From 06ddd1f936477c47566eba0b6ba184f523afca01 Mon Sep 17 00:00:00 2001
 From: Tony Theodore <tonyt@logyst.com>
 Date: Thu, 8 May 2014 00:24:25 +1000
-Subject: [PATCH 17/18] fix include path with current dir
+Subject: [PATCH 17/19] fix include path with current dir
 
 
 diff --git a/src/3rdparty/webkit/Source/WebKit/qt/tests/hybridPixmap/hybridPixmap.pro b/src/3rdparty/webkit/Source/WebKit/qt/tests/hybridPixmap/hybridPixmap.pro
@@ -80665,13 +80665,13 @@ index 9e80870..4fa0ea2 100644
  CONFIG += console
 +INCLUDEPATH += .
 -- 
-1.8.4.5
+2.1.0
 
 
 From 884606e1ed5d6a9203d3e15404174341cd12aae2 Mon Sep 17 00:00:00 2001
 From: Daniel Burr <dburr@topcon.com>
 Date: Mon, 1 Sep 2014 15:27:12 +0200
-Subject: [PATCH 18/18] qt dont perform ipc checks for win32
+Subject: [PATCH 18/19] qt dont perform ipc checks for win32
 
 Taken from:
 http://pkgs.fedoraproject.org/cgit/mingw-qt.git/plain/qt-dont-perform-ipc-checks-for-win32.patch?id2=HEAD
@@ -80696,5 +80696,46 @@ index e1e7384..038a33c 100755
      if ! compileTest unix/ipc_sysv "ipc_sysv" ; then
          # SYSV IPC is not supported - check POSIX IPC
 -- 
-1.8.4.5
+2.1.0
+
+
+From c4585ae7d19378bfc58b2e813744ebe41997d36b Mon Sep 17 00:00:00 2001
+From: "Richard J. Moore" <rich@kde.org>
+Date: Tue, 24 Feb 2015 19:02:35 +0000
+Subject: [PATCH 19/19] Fix a division by zero when processing malformed BMP
+ files.
+
+This fixes a division by 0 when processing a maliciously crafted BMP
+file. No impact beyond DoS.
+
+Backport of 661f6bfd032dacc62841037732816a583640e187
+
+Task-number: QTBUG-44547
+Change-Id: I43f06e752b11cb50669101460902a82b885ae618
+Reviewed-by: Thiago Macieira <thiago.macieira@intel.com>
+(cherry picked from commit e50aa2252cdd5cb53eef7d8c4503c7edff634f68)
+
+diff --git a/src/gui/image/qbmphandler.cpp b/src/gui/image/qbmphandler.cpp
+index 8b047d8..39f3866 100644
+--- a/src/gui/image/qbmphandler.cpp
++++ b/src/gui/image/qbmphandler.cpp
+@@ -319,10 +319,16 @@ static bool read_dib_body(QDataStream &s, const BMP_INFOHDR &bi, int offset, int
+         }
+     } else if (comp == BMP_BITFIELDS && (nbits == 16 || nbits == 32)) {
+         red_shift = calc_shift(red_mask);
++        if (((red_mask >> red_shift) + 1) == 0)
++            return false;
+         red_scale = 256 / ((red_mask >> red_shift) + 1);
+         green_shift = calc_shift(green_mask);
++        if (((green_mask >> green_shift) + 1) == 0)
++            return false;
+         green_scale = 256 / ((green_mask >> green_shift) + 1);
+         blue_shift = calc_shift(blue_mask);
++        if (((blue_mask >> blue_shift) + 1) == 0)
++            return false;
+         blue_scale = 256 / ((blue_mask >> blue_shift) + 1);
+     } else if (comp == BMP_RGB && (nbits == 24 || nbits == 32)) {
+         blue_mask = 0x000000ff;
+-- 
+2.1.0
author	Mark Brand <mabrand@mabrand.nl>	2015-02-28 15:44:56 (GMT)
committer	Mark Brand <mabrand@mabrand.nl>	2015-02-28 15:44:56 (GMT)
commit	9b4d1e83da1e1bf5ce36313334a8e6d660c2beae (patch)
tree	e1542fc41d26147de3022e3e6929af13315b239e /src/qt-1-cherrypicks.patch
parent	e91ec3826cd7b220e061aaf89743710db67627f0 (diff)
download	mxe-9b4d1e83da1e1bf5ce36313334a8e6d660c2beae.zip mxe-9b4d1e83da1e1bf5ce36313334a8e6d660c2beae.tar.gz mxe-9b4d1e83da1e1bf5ce36313334a8e6d660c2beae.tar.bz2