Resolves: #1931444, Clamp parsed doubles to float representable values
This commit is contained in:
parent
544460f7bb
commit
fb8373871e
|
@ -0,0 +1,40 @@
|
|||
diff -up qt-everywhere-opensource-src-4.8.7/src/svg/qsvghandler.cpp.me qt-everywhere-opensource-src-4.8.7/src/svg/qsvghandler.cpp
|
||||
--- qt-everywhere-opensource-src-4.8.7/src/svg/qsvghandler.cpp.me 2021-03-09 14:23:00.636840796 +0100
|
||||
+++ qt-everywhere-opensource-src-4.8.7/src/svg/qsvghandler.cpp 2021-03-09 21:34:46.240482104 +0100
|
||||
@@ -68,6 +68,7 @@
|
||||
#include "private/qmath_p.h"
|
||||
|
||||
#include "float.h"
|
||||
+#include <cmath>
|
||||
|
||||
QT_BEGIN_NAMESPACE
|
||||
|
||||
@@ -630,15 +631,10 @@ static qreal toDouble(const QChar *&str)
|
||||
if (neg)
|
||||
val = -val;
|
||||
} else {
|
||||
-#if defined(Q_WS_QWS) && !defined(Q_OS_VXWORKS)
|
||||
- if(sizeof(qreal) == sizeof(float))
|
||||
- val = strtof(temp, 0);
|
||||
- else
|
||||
-#endif
|
||||
- {
|
||||
- bool ok = false;
|
||||
- val = qstrtod(temp, 0, &ok);
|
||||
- }
|
||||
+ val = QByteArray::fromRawData(temp, pos).toDouble();
|
||||
+ // Do not tolerate values too wild to be represented normally by floats
|
||||
+ if (std::fpclassify(float(val)) != FP_NORMAL)
|
||||
+ val = 0;
|
||||
}
|
||||
return val;
|
||||
|
||||
@@ -2945,6 +2941,8 @@ static QSvgStyleProperty *createRadialGr
|
||||
ncy = toDouble(cy);
|
||||
if (!r.isEmpty())
|
||||
nr = toDouble(r);
|
||||
+ if (nr < 0.5)
|
||||
+ nr = 0.5;
|
||||
|
||||
qreal nfx = ncx;
|
||||
if (!fx.isEmpty())
|
9
qt.spec
9
qt.spec
|
@ -43,7 +43,7 @@ Summary: Qt toolkit
|
|||
Name: qt
|
||||
Epoch: 1
|
||||
Version: 4.8.7
|
||||
Release: 59%{?dist}
|
||||
Release: 60%{?dist}
|
||||
|
||||
# See LGPL_EXCEPTIONS.txt, LICENSE.GPL3, respectively, for exception details
|
||||
License: (LGPLv2 with exceptions or GPLv3 with exceptions) and ASL 2.0 and BSD and FTL and MIT
|
||||
|
@ -234,6 +234,9 @@ Patch500: qt-everywhere-opensource-src-4.8.7-crash-in-qppmhandler.patch
|
|||
# CVE-2020-17507 qt: buffer over-read in read_xbm_body in gui/image/qxbmhandler.cpp
|
||||
Patch501: qt-CVE-2020-17507.patch
|
||||
|
||||
# no CVE qt: Clamp parsed doubles to float representable values
|
||||
Patch502: qt-everywhere-opensource-src-4.8.7-clamp-parsed-doubles-to-float-representtable-values.patch
|
||||
|
||||
# desktop files
|
||||
Source20: assistant.desktop
|
||||
Source21: designer.desktop
|
||||
|
@ -669,6 +672,7 @@ rm -rf src/3rdparty/clucene
|
|||
# security fixes
|
||||
%patch500 -p1 -b .malformed-ppb-image-causing-crash
|
||||
%patch501 -p1 -b .buffer-over-read-in-read_xbm_body
|
||||
%patch502 -p1 -b .clamp-parsed-doubles-to-float-representtable-values
|
||||
|
||||
# regression fixes for the security fixes
|
||||
%patch84 -p1 -b .QTBUG-35459
|
||||
|
@ -1391,6 +1395,9 @@ fi
|
|||
|
||||
|
||||
%changelog
|
||||
* Tue Mar 09 2021 Than Ngo <than@redhat.com> - 4.8.7-60
|
||||
- Resolves: #1931444, Clamp parsed doubles to float representable values
|
||||
|
||||
* Mon Feb 08 2021 Pavel Raiskup <praiskup@redhat.com> - 1:4.8.7-59
|
||||
- rebuild for libpq ABI fix rhbz#1908268
|
||||
|
||||
|
|
Loading…
Reference in New Issue