- Unsafe use of rand() in X11 (QTBUG-9793)

2010-05-27 17:01:09 +00:00 · 2010-05-27 17:01:09 +00:00 · bd2addd921
parent b1d8d8ba7c
commit bd2addd921
2 changed files with 51 additions and 1 deletions
--- a/0ebc9783d8ca0c4b27208bbc002c53c52c19ab4c.patch
+++ b/0ebc9783d8ca0c4b27208bbc002c53c52c19ab4c.patch
@ -0,0 +1,44 @@
+From 0ebc9783d8ca0c4b27208bbc002c53c52c19ab4c Mon Sep 17 00:00:00 2001
+From: Bradley T. Hughes <bradley.hughes@nokia.com>
+Date: Tue, 4 May 2010 16:25:18 +0200
+Subject: [PATCH] Use qrand() instead of rand()
+
+This only affects X11 code, and are the only 2 places in Qt where rand() is
+used instead of qrand().
+
+Task-number: QTBUG-9793
+Reviewed-by: TrustMe
+---
+ src/gui/kernel/qwidget_x11.cpp        |    2 +-
+ src/gui/painting/qpaintengine_x11.cpp |    2 +-
+ 2 files changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/src/gui/kernel/qwidget_x11.cpp b/src/gui/kernel/qwidget_x11.cpp
+index 37ac6bf..43f510c 100644
+--- a/src/gui/kernel/qwidget_x11.cpp
+++ b/src/gui/kernel/qwidget_x11.cpp
+@@ -3000,7 +3000,7 @@ Picture QX11Data::getSolidFill(int screen, const QColor &c)
+             return X11->solid_fills[i].picture;
+     }
+     // none found, replace one
+-    int i = rand() % 16;
+    int i = qrand() % 16;
+ 
+     if (X11->solid_fills[i].screen != screen && X11->solid_fills[i].picture) {
+         XRenderFreePicture (X11->display, X11->solid_fills[i].picture);
+diff --git a/src/gui/painting/qpaintengine_x11.cpp b/src/gui/painting/qpaintengine_x11.cpp
+index da48fcb..aef8b80 100644
+--- a/src/gui/painting/qpaintengine_x11.cpp
+++ b/src/gui/painting/qpaintengine_x11.cpp
+@@ -315,7 +315,7 @@ static Picture getPatternFill(int screen, const QBrush &b)
+             return X11->pattern_fills[i].picture;
+     }
+     // none found, replace one
+-    int i = rand() % 16;
+    int i = qrand() % 16;
+ 
+     if (X11->pattern_fills[i].screen != screen && X11->pattern_fills[i].picture) {
+ 	XRenderFreePicture (X11->display, X11->pattern_fills[i].picture);
+-- 
+1.6.1
+
--- a/qt.spec
+++ b/qt.spec
@ -19,7 +19,7 @@ Summary: Qt toolkit
 Name:    qt
 Epoch:   1
 Version: 4.7.0
-Release: 0.14.%{pre}%{?dist}
+Release: 0.15.%{pre}%{?dist}

 # See LGPL_EXCEPTIONS.txt, LICENSE.GPL3, respectively, for exception details
 License: LGPLv2 with exceptions or GPLv3 with exceptions
@ -77,6 +77,8 @@ Patch209: 0009-Restore-a-section-of-the-file-that-got-removed-due-t.patch
 Patch212: 0012-Add-context-to-tr-calls-in-QShortcut.patch
 # based on http://qt.gitorious.org/+kde-developers/qt/kde-qt/commit/55ef01d93f8257b5927660290fc1ead0b2b74ec9.patch
 Patch217: qt-everywhere-opensource-src-4.7.0-beta1-QT_GRAPHICSSYSTEM.patch
+# QTBUG-9793
+Patch218: http://qt.gitorious.org/qt/qt/commit/0ebc9783d8ca0c4b27208bbc002c53c52c19ab4c.patch

 Source10: http://gstreamer.freedesktop.org/data/images/artwork/gstreamer-logo.svg
 Source11: hi16-phonon-gstreamer.png
@ -435,6 +437,7 @@ Qt libraries used for drawing widgets and OpenGL items.
 %patch212 -p1 -b .kde-qt-0012
 %endif
 %patch217 -p1 -b .QT_GRAPHICSSYSTEM
+%patch218 -p1 -b .QTBUG-9793

 # drop -fexceptions from $RPM_OPT_FLAGS
 RPM_OPT_FLAGS=`echo $RPM_OPT_FLAGS | sed 's|-fexceptions||g'`
@ -1071,6 +1074,9 @@ fi


 %changelog
+* Thu May 27 2010 Rex Dieter <rdieter@fedoraproject.org> - 4.7.0-0.15.beta1
+- Unsafe use of rand() in X11 (QTBUG-9793)
+
 * Fri May 21 2010 Rex Dieter <rdieter@fedoraproject.org> - 4.7.0-0.14.beta1
 - drop -no-javascript-jit (webkit#35154)