diff options
| author |   Jimi Huotari <chiitoo@gentoo.org> | 2019-03-06 22:48:36 +0200 |
|---|---|---|
| committer | Jimi Huotari <chiitoo@gentoo.org> | 2019-03-06 22:50:45 +0200 |
| commit | 32d376215b9ba05ff3d8abe9b76a36b08b1a6f7b (patch) | |
| tree | 02a4d5146452f7a9deed0f44f72dfb7f5d7d24c5 | |
| parent | dev-qt/qtgui: restore QT_FREETYPE define (diff) | |
| download | qt-32d376215b9ba05ff3d8abe9b76a36b08b1a6f7b.tar.gz qt-32d376215b9ba05ff3d8abe9b76a36b08b1a6f7b.tar.bz2 qt-32d376215b9ba05ff3d8abe9b76a36b08b1a6f7b.zip | |
dev-qt/qtwebengine: fix CVE-2019-5786
Bug: https://bugs.gentoo.org/679530
Package-Manager: Portage-2.3.62, Repoman-2.3.12
Signed-off-by: Jimi Huotari <chiitoo@gentoo.org>
4 files changed, 36 insertions, 1 deletions
diff --git a/dev-qt/qtwebengine/files/qtwebengine-5.12.1-CVE-2019-5786.patch b/dev-qt/qtwebengine/files/qtwebengine-5.12.1-CVE-2019-5786.patch new file mode 100644 index 00000000..5dbc6172 --- /dev/null +++ b/dev-qt/qtwebengine/files/qtwebengine-5.12.1-CVE-2019-5786.patch @@ -0,0 +1,29 @@ +# Bug: https://bugs.gentoo.org/679530 +# Chromium Gerrit: https://chromium-review.googlesource.com/c/chromium/src/+/1495209 + +--- a/src/3rdparty/chromium/third_party/blink/renderer/core/fileapi/file_reader_loader.cc ++++ b/src/3rdparty/chromium/third_party/blink/renderer/core/fileapi/file_reader_loader.cc +@@ -143,14 +143,16 @@ + if (!raw_data_ || error_code_ != FileErrorCode::kOK) + return nullptr; + +- DOMArrayBuffer* result = DOMArrayBuffer::Create(raw_data_->ToArrayBuffer()); +- if (finished_loading_) { +- array_buffer_result_ = result; +- AdjustReportedMemoryUsageToV8( +- -1 * static_cast<int64_t>(raw_data_->ByteLength())); +- raw_data_.reset(); ++ if (!finished_loading_) { ++ return DOMArrayBuffer::Create( ++ ArrayBuffer::Create(raw_data_->Data(), raw_data_->ByteLength())); + } +- return result; ++ ++ array_buffer_result_ = DOMArrayBuffer::Create(raw_data_->ToArrayBuffer()); ++ AdjustReportedMemoryUsageToV8(-1 * ++ static_cast<int64_t>(raw_data_->ByteLength())); ++ raw_data_.reset(); ++ return array_buffer_result_; + } + + String FileReaderLoader::StringResult() { diff --git a/dev-qt/qtwebengine/qtwebengine-5.12.9999.ebuild b/dev-qt/qtwebengine/qtwebengine-5.12.9999.ebuild index 48fcb535..50e3c61c 100644 --- a/dev-qt/qtwebengine/qtwebengine-5.12.9999.ebuild +++ b/dev-qt/qtwebengine/qtwebengine-5.12.9999.ebuild @@ -81,6 +81,7 @@ DEPEND="${RDEPEND} PATCHES+=( "${FILESDIR}/${PN}-5.12.0-nouveau-disable-gpu.patch" # bug 609752 + "${FILESDIR}/${PN}-5.12.1-CVE-2019-5786.patch" # bug 679530 ) src_prepare() { diff --git a/dev-qt/qtwebengine/qtwebengine-5.13.9999.ebuild b/dev-qt/qtwebengine/qtwebengine-5.13.9999.ebuild index cff56886..2b24b481 100644 --- a/dev-qt/qtwebengine/qtwebengine-5.13.9999.ebuild +++ b/dev-qt/qtwebengine/qtwebengine-5.13.9999.ebuild @@ -79,6 +79,8 @@ DEPEND="${RDEPEND} pax_kernel? ( sys-apps/elfix ) " +PATCHES+=( "${FILESDIR}/${PN}-5.12.1-CVE-2019-5786.patch" ) # bug 679530 + src_prepare() { use pax_kernel && PATCHES+=( "${FILESDIR}/${PN}-5.11.2-paxmark-mksnapshot.patch" ) diff --git a/dev-qt/qtwebengine/qtwebengine-5.9999.ebuild b/dev-qt/qtwebengine/qtwebengine-5.9999.ebuild index ff148cf7..fbf405c6 100644 --- a/dev-qt/qtwebengine/qtwebengine-5.9999.ebuild +++ b/dev-qt/qtwebengine/qtwebengine-5.9999.ebuild @@ -79,7 +79,10 @@ DEPEND="${RDEPEND} pax_kernel? ( sys-apps/elfix ) " -PATCHES=( "${FILESDIR}/${PN}-5.13.0-fixup-system-icu.patch" ) +PATCHES=( + "${FILESDIR}/${PN}-5.13.0-fixup-system-icu.patch" + "${FILESDIR}/${PN}-5.12.1-CVE-2019-5786.patch" # bug 679530 +) src_prepare() { use pax_kernel && PATCHES+=( "${FILESDIR}/${PN}-5.11.2-paxmark-mksnapshot.patch" ) |