| 1 |
commit: 78bf8d284d0bed6aa02af0e52aa9b27946c90ccb |
| 2 |
Author: Andreas Sturmlechner <asturm <AT> gentoo <DOT> org> |
| 3 |
AuthorDate: Fri Jan 1 16:56:03 2021 +0000 |
| 4 |
Commit: Andreas Sturmlechner <asturm <AT> gentoo <DOT> org> |
| 5 |
CommitDate: Sat Jan 2 01:22:28 2021 +0000 |
| 6 |
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=78bf8d28 |
| 7 |
|
| 8 |
dev-qt/qtcore: Bounds-check time-zone offsets when parsing |
| 9 |
|
| 10 |
See also: https://bugreports.qt.io/browse/QTBUG-88656 |
| 11 |
|
| 12 |
Package-Manager: Portage-3.0.12, Repoman-3.0.2 |
| 13 |
Signed-off-by: Andreas Sturmlechner <asturm <AT> gentoo.org> |
| 14 |
|
| 15 |
.../files/qtcore-5.15.2-fix-UB-in-QDateTime.patch | 88 +++++++++++++++++ |
| 16 |
dev-qt/qtcore/qtcore-5.15.2-r1.ebuild | 105 +++++++++++++++++++++ |
| 17 |
2 files changed, 193 insertions(+) |
| 18 |
|
| 19 |
diff --git a/dev-qt/qtcore/files/qtcore-5.15.2-fix-UB-in-QDateTime.patch b/dev-qt/qtcore/files/qtcore-5.15.2-fix-UB-in-QDateTime.patch |
| 20 |
new file mode 100644 |
| 21 |
index 00000000000..b131b7af365 |
| 22 |
--- /dev/null |
| 23 |
+++ b/dev-qt/qtcore/files/qtcore-5.15.2-fix-UB-in-QDateTime.patch |
| 24 |
@@ -0,0 +1,88 @@ |
| 25 |
+From d2c0fc2b5f1c07c1e0acb1c0127578066b6f9b8e Mon Sep 17 00:00:00 2001 |
| 26 |
+From: Edward Welbourne <edward.welbourne@××.io> |
| 27 |
+Date: Tue, 24 Nov 2020 12:45:11 +0100 |
| 28 |
+Subject: [PATCH] Bounds-check time-zone offsets when parsing |
| 29 |
+ |
| 30 |
+Parsing of time-zone offsets should check the offset string conforms |
| 31 |
+to the expected format and has valid values in its fields. The |
| 32 |
+QDateTime parser, fromOffsetString(), neglected the bounds check on |
| 33 |
+hours; the QTzTimeZonePrivate parser, parsePosixTime(), neglected all |
| 34 |
+upper bounds checks, only checking against negative valus. |
| 35 |
+ |
| 36 |
+Drive-by - refined phrasing of a comment. |
| 37 |
+ |
| 38 |
+Fixes: QTBUG-88656 |
| 39 |
+Change-Id: If04cdbe65064108eaa87c42310527783ad21b4c0 |
| 40 |
+Reviewed-by: Thiago Macieira <thiago.macieira@×××××.com> |
| 41 |
+(cherry picked from commit 380d97e1bd15e753907c378a070bdf7f1c1cf06e) |
| 42 |
+Reviewed-by: Edward Welbourne <edward.welbourne@××.io> |
| 43 |
+--- |
| 44 |
+ src/corelib/time/qdatetime.cpp | 2 +- |
| 45 |
+ src/corelib/time/qtimezoneprivate_tz.cpp | 27 ++++++++++++++++----------- |
| 46 |
+ 2 files changed, 17 insertions(+), 12 deletions(-) |
| 47 |
+ |
| 48 |
+diff --git a/src/corelib/time/qdatetime.cpp b/src/corelib/time/qdatetime.cpp |
| 49 |
+index e824787880c..a2816e87f4a 100644 |
| 50 |
+--- a/src/corelib/time/qdatetime.cpp |
| 51 |
++++ b/src/corelib/time/qdatetime.cpp |
| 52 |
+@@ -240,7 +240,7 @@ static int fromOffsetString(QStringView offsetString, bool *valid) noexcept |
| 53 |
+ const QStringView hhRef = time.left(qMin(hhLen, time.size())); |
| 54 |
+ bool ok = false; |
| 55 |
+ const int hour = C.toInt(hhRef, &ok); |
| 56 |
+- if (!ok) |
| 57 |
++ if (!ok || hour > 23) // More generous than QTimeZone::MaxUtcOffsetSecs |
| 58 |
+ return 0; |
| 59 |
+ |
| 60 |
+ const QStringView mmRef = time.mid(qMin(mmIndex, time.size())); |
| 61 |
+diff --git a/src/corelib/time/qtimezoneprivate_tz.cpp b/src/corelib/time/qtimezoneprivate_tz.cpp |
| 62 |
+index b816b4ecff2..adc590878d7 100644 |
| 63 |
+--- a/src/corelib/time/qtimezoneprivate_tz.cpp |
| 64 |
++++ b/src/corelib/time/qtimezoneprivate_tz.cpp |
| 65 |
+@@ -394,29 +394,34 @@ static int parsePosixTime(const char *begin, const char *end) |
| 66 |
+ // Format "hh[:mm[:ss]]" |
| 67 |
+ int hour, min = 0, sec = 0; |
| 68 |
+ |
| 69 |
+- // Note that the calls to qstrtoll do *not* check the end pointer, which |
| 70 |
+- // means they proceed until they find a non-digit. We check that we're |
| 71 |
+- // still in range at the end, but we may have read from past end. It's the |
| 72 |
+- // caller's responsibility to ensure that begin is part of a |
| 73 |
+- // null-terminated string. |
| 74 |
++ // Note that the calls to qstrtoll do *not* check against the end pointer, |
| 75 |
++ // which means they proceed until they find a non-digit. We check that we're |
| 76 |
++ // still in range at the end, but we may have read past end. It's the |
| 77 |
++ // caller's responsibility to ensure that begin is part of a null-terminated |
| 78 |
++ // string. |
| 79 |
+ |
| 80 |
++ const int maxHour = QTimeZone::MaxUtcOffsetSecs / 3600; |
| 81 |
+ bool ok = false; |
| 82 |
+- hour = qstrtoll(begin, &begin, 10, &ok); |
| 83 |
+- if (!ok || hour < 0) |
| 84 |
++ const char *cut = begin; |
| 85 |
++ hour = qstrtoll(begin, &cut, 10, &ok); |
| 86 |
++ if (!ok || hour < 0 || hour > maxHour || cut > begin + 2) |
| 87 |
+ return INT_MIN; |
| 88 |
++ begin = cut; |
| 89 |
+ if (begin < end && *begin == ':') { |
| 90 |
+ // minutes |
| 91 |
+ ++begin; |
| 92 |
+- min = qstrtoll(begin, &begin, 10, &ok); |
| 93 |
+- if (!ok || min < 0) |
| 94 |
++ min = qstrtoll(begin, &cut, 10, &ok); |
| 95 |
++ if (!ok || min < 0 || min > 59 || cut > begin + 2) |
| 96 |
+ return INT_MIN; |
| 97 |
+ |
| 98 |
++ begin = cut; |
| 99 |
+ if (begin < end && *begin == ':') { |
| 100 |
+ // seconds |
| 101 |
+ ++begin; |
| 102 |
+- sec = qstrtoll(begin, &begin, 10, &ok); |
| 103 |
+- if (!ok || sec < 0) |
| 104 |
++ sec = qstrtoll(begin, &cut, 10, &ok); |
| 105 |
++ if (!ok || sec < 0 || sec > 59 || cut > begin + 2) |
| 106 |
+ return INT_MIN; |
| 107 |
++ begin = cut; |
| 108 |
+ } |
| 109 |
+ } |
| 110 |
+ |
| 111 |
+-- |
| 112 |
+2.16.3 |
| 113 |
|
| 114 |
diff --git a/dev-qt/qtcore/qtcore-5.15.2-r1.ebuild b/dev-qt/qtcore/qtcore-5.15.2-r1.ebuild |
| 115 |
new file mode 100644 |
| 116 |
index 00000000000..b00b449ee60 |
| 117 |
--- /dev/null |
| 118 |
+++ b/dev-qt/qtcore/qtcore-5.15.2-r1.ebuild |
| 119 |
@@ -0,0 +1,105 @@ |
| 120 |
+# Copyright 1999-2021 Gentoo Authors |
| 121 |
+# Distributed under the terms of the GNU General Public License v2 |
| 122 |
+ |
| 123 |
+EAPI=7 |
| 124 |
+ |
| 125 |
+QT5_MODULE="qtbase" |
| 126 |
+inherit linux-info qt5-build |
| 127 |
+ |
| 128 |
+DESCRIPTION="Cross-platform application development framework" |
| 129 |
+SLOT=5/$(ver_cut 1-3) |
| 130 |
+ |
| 131 |
+if [[ ${QT5_BUILD_TYPE} == release ]]; then |
| 132 |
+ KEYWORDS="~amd64 ~arm ~arm64 ~hppa ~ppc ~ppc64 ~sparc ~x86" |
| 133 |
+fi |
| 134 |
+ |
| 135 |
+IUSE="icu old-kernel systemd" |
| 136 |
+ |
| 137 |
+DEPEND=" |
| 138 |
+ dev-libs/double-conversion:= |
| 139 |
+ dev-libs/glib:2 |
| 140 |
+ dev-libs/libpcre2[pcre16,unicode] |
| 141 |
+ sys-libs/zlib:= |
| 142 |
+ icu? ( dev-libs/icu:= ) |
| 143 |
+ !icu? ( virtual/libiconv ) |
| 144 |
+ systemd? ( sys-apps/systemd:= ) |
| 145 |
+" |
| 146 |
+RDEPEND="${DEPEND} |
| 147 |
+ !<dev-qt/qtcore-4.8.7-r4:4 |
| 148 |
+ dev-qt/qtchooser |
| 149 |
+" |
| 150 |
+ |
| 151 |
+QT5_TARGET_SUBDIRS=( |
| 152 |
+ src/tools/bootstrap |
| 153 |
+ src/tools/moc |
| 154 |
+ src/tools/rcc |
| 155 |
+ src/corelib |
| 156 |
+ src/tools/qlalr |
| 157 |
+ doc |
| 158 |
+) |
| 159 |
+ |
| 160 |
+QT5_GENTOO_PRIVATE_CONFIG=( |
| 161 |
+ !:network |
| 162 |
+ !:sql |
| 163 |
+ !:testlib |
| 164 |
+ !:xml |
| 165 |
+) |
| 166 |
+ |
| 167 |
+PATCHES=( |
| 168 |
+ "${FILESDIR}"/${PN}-5.14.1-cmake-macro-backward-compat.patch # bug 703306 |
| 169 |
+ "${FILESDIR}"/${PN}-5.15.1-timezone-{1,2}.patch # bug 737914 |
| 170 |
+ "${FILESDIR}"/${P}-fix-UB-in-QDateTime.patch # QTBUG-88656 |
| 171 |
+) |
| 172 |
+ |
| 173 |
+pkg_pretend() { |
| 174 |
+ use kernel_linux || return |
| 175 |
+ get_running_version |
| 176 |
+ if kernel_is -lt 4 11 && ! use old-kernel; then |
| 177 |
+ ewarn "The running kernel is older than 4.11. USE=old-kernel is needed for" |
| 178 |
+ ewarn "dev-qt/qtcore to function on this kernel properly. Bugs #669994, #672856" |
| 179 |
+ fi |
| 180 |
+} |
| 181 |
+ |
| 182 |
+src_prepare() { |
| 183 |
+ # don't add -O3 to CXXFLAGS, bug 549140 |
| 184 |
+ sed -i -e '/CONFIG\s*+=/s/optimize_full//' src/corelib/corelib.pro || die |
| 185 |
+ |
| 186 |
+ # fix missing qt_version_tag symbol w/ LTO, bug 674382 |
| 187 |
+ sed -i -e 's/^gcc:ltcg/gcc/' src/corelib/global/global.pri || die |
| 188 |
+ |
| 189 |
+ qt5-build_src_prepare |
| 190 |
+} |
| 191 |
+ |
| 192 |
+src_configure() { |
| 193 |
+ local myconf=( |
| 194 |
+ $(qt_use icu) |
| 195 |
+ $(qt_use !icu iconv) |
| 196 |
+ $(qt_use systemd journald) |
| 197 |
+ ) |
| 198 |
+ use old-kernel && myconf+=( |
| 199 |
+ -no-feature-renameat2 # needs Linux 3.16, bug 669994 |
| 200 |
+ -no-feature-getentropy # needs Linux 3.17, bug 669994 |
| 201 |
+ -no-feature-statx # needs Linux 4.11, bug 672856 |
| 202 |
+ ) |
| 203 |
+ qt5-build_src_configure |
| 204 |
+} |
| 205 |
+ |
| 206 |
+src_install() { |
| 207 |
+ qt5-build_src_install |
| 208 |
+ |
| 209 |
+ local flags=( |
| 210 |
+ DBUS FREETYPE IMAGEFORMAT_JPEG IMAGEFORMAT_PNG |
| 211 |
+ OPENGL OPENSSL SSL WIDGETS |
| 212 |
+ ) |
| 213 |
+ |
| 214 |
+ for flag in ${flags[@]}; do |
| 215 |
+ cat >> "${D}"/${QT5_HEADERDIR}/QtCore/qconfig.h <<- _EOF_ || die |
| 216 |
+ |
| 217 |
+ #if defined(QT_NO_${flag}) && defined(QT_${flag}) |
| 218 |
+ # undef QT_NO_${flag} |
| 219 |
+ #elif !defined(QT_NO_${flag}) && !defined(QT_${flag}) |
| 220 |
+ # define QT_NO_${flag} |
| 221 |
+ #endif |
| 222 |
+ _EOF_ |
| 223 |
+ done |
| 224 |
+} |
Archives