haikuprojects/haikuports
1
0
Fork 0
mirror of https://github.com/yann64/haikuports.git synced 2026-04-22 19:50:05 +02:00
Code Issues Packages Projects Releases Wiki Activity

qt6_imageformats, add CVE patch for 6.9.0 (#12570)

Browse Source
This commit is contained in:
Schrijvers Luc
2025-07-11 16:09:26 +02:00
committed by GitHub
parent 397378931a
commit 50227c60c9
2 changed files with 30 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

28
dev-qt/qt6-imageformats/patches/CVE-2025-5683-qtimageformats-6.9.patch Normal file
View File

@@ -0,0 +1,28 @@
diff --git a/src/plugins/imageformats/icns/qicnshandler.cpp b/src/plugins/imageformats/icns/qicnshandler.cpp
index 6cf74b219a1..501394deede 100644
--- a/src/plugins/imageformats/icns/qicnshandler.cpp
+++ b/src/plugins/imageformats/icns/qicnshandler.cpp
@@ -324,8 +324,11 @@ static inline bool isPowOf2OrDividesBy16(quint32 u, qreal r)
static inline bool isBlockHeaderValid(const ICNSBlockHeader &header, quint64 bound = 0)
{
- return header.ostype != 0 && (bound == 0
- || qBound(quint64(ICNSBlockHeaderSize), quint64(header.length), bound) == header.length);
+ return header.ostype != 0 &&
+ (bound == 0 ||
+ // qBound can be used but requires checking the limits first
+ // this requires less operations
+ (ICNSBlockHeaderSize <= header.length && header.length <= bound));
}
static inline bool isIconCompressed(const ICNSEntry &icon)
@@ -870,7 +873,7 @@ bool QICNSHandler::scanDevice()
return false;
const qint64 blockDataOffset = device()->pos();
- if (!isBlockHeaderValid(blockHeader, ICNSBlockHeaderSize + filelength - blockDataOffset)) {
+ if (!isBlockHeaderValid(blockHeader, ICNSBlockHeaderSize - blockDataOffset + filelength)) {
qWarning("QICNSHandler::scanDevice(): Failed, bad header at pos %s. OSType \"%s\", length %u",
QByteArray::number(blockDataOffset).constData(),
nameFromOSType(blockHeader.ostype).constData(), blockHeader.length);

3
dev-qt/qt6-imageformats/qt6_imageformats-6.9.0.recipe
View File

@@ -8,11 +8,12 @@ COPYRIGHT="2015-2025 The Qt Company Ltd."
LICENSE="GNU LGPL v2.1
GNU LGPL v3
GNU FDL v1"
REVISION="1"
REVISION="2"
QT_MIRROR_URI="https://qt-mirror.dannhauer.de/archive"
SOURCE_URI="$QT_MIRROR_URI/qt/${portVersion%.*}/$portVersion/submodules/qtimageformats-everywhere-src-$portVersion.tar.xz"
CHECKSUM_SHA256="2047c6242a57bf97cf40079fa9f91752c137cd9ae84760faa9a2e5e8a440606f"
SOURCE_DIR="qtimageformats-everywhere-src-$portVersion"
PATCHES="CVE-2025-5683-qtimageformats-6.9.patch"
ARCHITECTURES="?all !x86_gcc2"
SECONDARY_ARCHITECTURES="?x86"