Refresh kde-5.15-rollup patch
This commit is contained in:
parent
7705dbf3cf
commit
b14233a094
|
@ -16,3 +16,4 @@
|
|||
/kde-5.15-rollup-20221031.patch.gz
|
||||
/qtbase-everywhere-opensource-src-5.15.8.tar.xz
|
||||
/kde-5.15-rollup-20230105.patch.gz
|
||||
/kde-5.15-rollup-20230227.patch.gz
|
||||
|
|
|
@ -1,332 +0,0 @@
|
|||
--- a/src/plugins/sqldrivers/odbc/qsql_odbc.cpp
|
||||
+++ b/src/plugins/sqldrivers/odbc/qsql_odbc.cpp
|
||||
@@ -92,23 +92,39 @@ inline static QString fromSQLTCHAR(const QVarLengthArray<SQLTCHAR>& input, int s
|
||||
return result;
|
||||
}
|
||||
|
||||
+template <size_t SizeOfChar = sizeof(SQLTCHAR)>
|
||||
+void toSQLTCHARImpl(QVarLengthArray<SQLTCHAR> &result, const QString &input); // primary template undefined
|
||||
+
|
||||
+template <typename Container>
|
||||
+void do_append(QVarLengthArray<SQLTCHAR> &result, const Container &c)
|
||||
+{
|
||||
+ result.append(reinterpret_cast<const SQLTCHAR *>(c.data()), c.size());
|
||||
+}
|
||||
+
|
||||
+template <>
|
||||
+void toSQLTCHARImpl<1>(QVarLengthArray<SQLTCHAR> &result, const QString &input)
|
||||
+{
|
||||
+ const auto u8 = input.toUtf8();
|
||||
+ do_append(result, u8);
|
||||
+}
|
||||
+
|
||||
+template <>
|
||||
+void toSQLTCHARImpl<2>(QVarLengthArray<SQLTCHAR> &result, const QString &input)
|
||||
+{
|
||||
+ do_append(result, input);
|
||||
+}
|
||||
+
|
||||
+template <>
|
||||
+void toSQLTCHARImpl<4>(QVarLengthArray<SQLTCHAR> &result, const QString &input)
|
||||
+{
|
||||
+ const auto u32 = input.toUcs4();
|
||||
+ do_append(result, u32);
|
||||
+}
|
||||
+
|
||||
inline static QVarLengthArray<SQLTCHAR> toSQLTCHAR(const QString &input)
|
||||
{
|
||||
QVarLengthArray<SQLTCHAR> result;
|
||||
- result.resize(input.size());
|
||||
- switch(sizeof(SQLTCHAR)) {
|
||||
- case 1:
|
||||
- memcpy(result.data(), input.toUtf8().data(), input.size());
|
||||
- break;
|
||||
- case 2:
|
||||
- memcpy(result.data(), input.unicode(), input.size() * 2);
|
||||
- break;
|
||||
- case 4:
|
||||
- memcpy(result.data(), input.toUcs4().data(), input.size() * 4);
|
||||
- break;
|
||||
- default:
|
||||
- qCritical("sizeof(SQLTCHAR) is %d. Don't know how to handle this.", int(sizeof(SQLTCHAR)));
|
||||
- }
|
||||
+ toSQLTCHARImpl(result, input);
|
||||
result.append(0); // make sure it's null terminated, doesn't matter if it already is, it does if it isn't.
|
||||
return result;
|
||||
}
|
||||
|
||||
--- a/src/plugins/sqldrivers/odbc/qsql_odbc.cpp
|
||||
+++ b/src/plugins/sqldrivers/odbc/qsql_odbc.cpp
|
||||
@@ -1732,10 +1732,11 @@ bool QODBCResult::exec()
|
||||
case QVariant::String:
|
||||
if (d->unicode) {
|
||||
if (bindValueType(i) & QSql::Out) {
|
||||
- const QByteArray &first = tmpStorage.at(i);
|
||||
- QVarLengthArray<SQLTCHAR> array;
|
||||
- array.append((const SQLTCHAR *)first.constData(), first.size());
|
||||
- values[i] = fromSQLTCHAR(array, first.size()/sizeof(SQLTCHAR));
|
||||
+ const QByteArray &bytes = tmpStorage.at(i);
|
||||
+ const auto strSize = bytes.size() / int(sizeof(SQLTCHAR));
|
||||
+ QVarLengthArray<SQLTCHAR> string(strSize);
|
||||
+ memcpy(string.data(), bytes.data(), strSize * sizeof(SQLTCHAR));
|
||||
+ values[i] = fromSQLTCHAR(string);
|
||||
}
|
||||
break;
|
||||
}
|
||||
|
||||
--- a/src/plugins/sqldrivers/odbc/qsql_odbc.cpp
|
||||
+++ b/src/plugins/sqldrivers/odbc/qsql_odbc.cpp
|
||||
@@ -779,6 +779,14 @@ QChar QODBCDriverPrivate::quoteChar()
|
||||
return quote;
|
||||
}
|
||||
|
||||
+static SQLRETURN qt_string_SQLSetConnectAttr(SQLHDBC handle, SQLINTEGER attr, const QString &val)
|
||||
+{
|
||||
+ auto encoded = toSQLTCHAR(val);
|
||||
+ return SQLSetConnectAttr(handle, attr,
|
||||
+ encoded.data(),
|
||||
+ SQLINTEGER(encoded.size() * sizeof(SQLTCHAR))); // size in bytes
|
||||
+}
|
||||
+
|
||||
|
||||
bool QODBCDriverPrivate::setConnectionOptions(const QString& connOpts)
|
||||
{
|
||||
@@ -814,10 +822,7 @@ bool QODBCDriverPrivate::setConnectionOptions(const QString& connOpts)
|
||||
v = val.toUInt();
|
||||
r = SQLSetConnectAttr(hDbc, SQL_ATTR_LOGIN_TIMEOUT, (SQLPOINTER) size_t(v), 0);
|
||||
} else if (opt.toUpper() == QLatin1String("SQL_ATTR_CURRENT_CATALOG")) {
|
||||
- val.utf16(); // 0 terminate
|
||||
- r = SQLSetConnectAttr(hDbc, SQL_ATTR_CURRENT_CATALOG,
|
||||
- toSQLTCHAR(val).data(),
|
||||
- val.length()*sizeof(SQLTCHAR));
|
||||
+ r = qt_string_SQLSetConnectAttr(hDbc, SQL_ATTR_CURRENT_CATALOG, val);
|
||||
} else if (opt.toUpper() == QLatin1String("SQL_ATTR_METADATA_ID")) {
|
||||
if (val.toUpper() == QLatin1String("SQL_TRUE")) {
|
||||
v = SQL_TRUE;
|
||||
@@ -832,10 +837,7 @@ bool QODBCDriverPrivate::setConnectionOptions(const QString& connOpts)
|
||||
v = val.toUInt();
|
||||
r = SQLSetConnectAttr(hDbc, SQL_ATTR_PACKET_SIZE, (SQLPOINTER) size_t(v), 0);
|
||||
} else if (opt.toUpper() == QLatin1String("SQL_ATTR_TRACEFILE")) {
|
||||
- val.utf16(); // 0 terminate
|
||||
- r = SQLSetConnectAttr(hDbc, SQL_ATTR_TRACEFILE,
|
||||
- toSQLTCHAR(val).data(),
|
||||
- val.length()*sizeof(SQLTCHAR));
|
||||
+ r = qt_string_SQLSetConnectAttr(hDbc, SQL_ATTR_TRACEFILE, val);
|
||||
} else if (opt.toUpper() == QLatin1String("SQL_ATTR_TRACE")) {
|
||||
if (val.toUpper() == QLatin1String("SQL_OPT_TRACE_OFF")) {
|
||||
v = SQL_OPT_TRACE_OFF;
|
||||
@@ -1038,9 +1040,12 @@ bool QODBCResult::reset (const QString& query)
|
||||
return false;
|
||||
}
|
||||
|
||||
- r = SQLExecDirect(d->hStmt,
|
||||
- toSQLTCHAR(query).data(),
|
||||
- (SQLINTEGER) query.length());
|
||||
+ {
|
||||
+ auto encoded = toSQLTCHAR(query);
|
||||
+ r = SQLExecDirect(d->hStmt,
|
||||
+ encoded.data(),
|
||||
+ SQLINTEGER(encoded.size()));
|
||||
+ }
|
||||
if (r != SQL_SUCCESS && r != SQL_SUCCESS_WITH_INFO && r!= SQL_NO_DATA) {
|
||||
setLastError(qMakeError(QCoreApplication::translate("QODBCResult",
|
||||
"Unable to execute statement"), QSqlError::StatementError, d));
|
||||
@@ -1387,9 +1392,12 @@ bool QODBCResult::prepare(const QString& query)
|
||||
return false;
|
||||
}
|
||||
|
||||
- r = SQLPrepare(d->hStmt,
|
||||
- toSQLTCHAR(query).data(),
|
||||
- (SQLINTEGER) query.length());
|
||||
+ {
|
||||
+ auto encoded = toSQLTCHAR(query);
|
||||
+ r = SQLPrepare(d->hStmt,
|
||||
+ encoded.data(),
|
||||
+ SQLINTEGER(encoded.size()));
|
||||
+ }
|
||||
|
||||
if (r != SQL_SUCCESS) {
|
||||
setLastError(qMakeError(QCoreApplication::translate("QODBCResult",
|
||||
@@ -1417,7 +1425,7 @@ bool QODBCResult::exec()
|
||||
SQLCloseCursor(d->hStmt);
|
||||
|
||||
QVector<QVariant>& values = boundValues();
|
||||
- QVector<QByteArray> tmpStorage(values.count(), QByteArray()); // holds temporary buffers
|
||||
+ QVector<QByteArray> tmpStorage(values.count(), QByteArray()); // targets for SQLBindParameter()
|
||||
QVarLengthArray<SQLLEN, 32> indicators(values.count());
|
||||
memset(indicators.data(), 0, indicators.size() * sizeof(SQLLEN));
|
||||
|
||||
@@ -1596,35 +1604,36 @@ bool QODBCResult::exec()
|
||||
case QVariant::String:
|
||||
if (d->unicode) {
|
||||
QByteArray &ba = tmpStorage[i];
|
||||
- QString str = val.toString();
|
||||
+ {
|
||||
+ const auto encoded = toSQLTCHAR(val.toString());
|
||||
+ ba = QByteArray(reinterpret_cast<const char *>(encoded.data()),
|
||||
+ encoded.size() * sizeof(SQLTCHAR));
|
||||
+ }
|
||||
+
|
||||
if (*ind != SQL_NULL_DATA)
|
||||
- *ind = str.length() * sizeof(SQLTCHAR);
|
||||
- int strSize = str.length() * sizeof(SQLTCHAR);
|
||||
+ *ind = ba.size();
|
||||
|
||||
if (bindValueType(i) & QSql::Out) {
|
||||
- const QVarLengthArray<SQLTCHAR> a(toSQLTCHAR(str));
|
||||
- ba = QByteArray((const char *)a.constData(), a.size() * sizeof(SQLTCHAR));
|
||||
r = SQLBindParameter(d->hStmt,
|
||||
i + 1,
|
||||
qParamType[bindValueType(i) & QSql::InOut],
|
||||
SQL_C_TCHAR,
|
||||
- strSize > 254 ? SQL_WLONGVARCHAR : SQL_WVARCHAR,
|
||||
+ ba.size() > 254 ? SQL_WLONGVARCHAR : SQL_WVARCHAR,
|
||||
0, // god knows... don't change this!
|
||||
0,
|
||||
- ba.data(),
|
||||
+ const_cast<char *>(ba.constData()), // don't detach
|
||||
ba.size(),
|
||||
ind);
|
||||
break;
|
||||
}
|
||||
- ba = QByteArray ((const char *)toSQLTCHAR(str).constData(), str.size()*sizeof(SQLTCHAR));
|
||||
r = SQLBindParameter(d->hStmt,
|
||||
i + 1,
|
||||
qParamType[bindValueType(i) & QSql::InOut],
|
||||
SQL_C_TCHAR,
|
||||
- strSize > 254 ? SQL_WLONGVARCHAR : SQL_WVARCHAR,
|
||||
- strSize,
|
||||
+ ba.size() > 254 ? SQL_WLONGVARCHAR : SQL_WVARCHAR,
|
||||
+ ba.size(),
|
||||
0,
|
||||
- const_cast<char *>(ba.constData()),
|
||||
+ const_cast<char *>(ba.constData()), // don't detach
|
||||
ba.size(),
|
||||
ind);
|
||||
break;
|
||||
@@ -1982,14 +1991,16 @@ bool QODBCDriver::open(const QString & db,
|
||||
SQLSMALLINT cb;
|
||||
QVarLengthArray<SQLTCHAR> connOut(1024);
|
||||
memset(connOut.data(), 0, connOut.size() * sizeof(SQLTCHAR));
|
||||
- r = SQLDriverConnect(d->hDbc,
|
||||
- NULL,
|
||||
- toSQLTCHAR(connQStr).data(),
|
||||
- (SQLSMALLINT)connQStr.length(),
|
||||
- connOut.data(),
|
||||
- 1024,
|
||||
- &cb,
|
||||
- /*SQL_DRIVER_NOPROMPT*/0);
|
||||
+ {
|
||||
+ auto encoded = toSQLTCHAR(connQStr);
|
||||
+ r = SQLDriverConnect(d->hDbc,
|
||||
+ nullptr,
|
||||
+ encoded.data(), SQLSMALLINT(encoded.size()),
|
||||
+ connOut.data(),
|
||||
+ 1024,
|
||||
+ &cb,
|
||||
+ /*SQL_DRIVER_NOPROMPT*/0);
|
||||
+ }
|
||||
|
||||
if (r != SQL_SUCCESS && r != SQL_SUCCESS_WITH_INFO) {
|
||||
setLastError(qMakeError(tr("Unable to connect"), QSqlError::ConnectionError, d));
|
||||
@@ -2368,17 +2379,15 @@ QStringList QODBCDriver::tables(QSql::TableType type) const
|
||||
if (tableType.isEmpty())
|
||||
return tl;
|
||||
|
||||
- QString joinedTableTypeString = tableType.join(QLatin1Char(','));
|
||||
+ {
|
||||
+ auto joinedTableTypeString = toSQLTCHAR(tableType.join(u','));
|
||||
|
||||
- r = SQLTables(hStmt,
|
||||
- NULL,
|
||||
- 0,
|
||||
- NULL,
|
||||
- 0,
|
||||
- NULL,
|
||||
- 0,
|
||||
- toSQLTCHAR(joinedTableTypeString).data(),
|
||||
- joinedTableTypeString.length() /* characters, not bytes */);
|
||||
+ r = SQLTables(hStmt,
|
||||
+ nullptr, 0,
|
||||
+ nullptr, 0,
|
||||
+ nullptr, 0,
|
||||
+ joinedTableTypeString.data(), joinedTableTypeString.size());
|
||||
+ }
|
||||
|
||||
if (r != SQL_SUCCESS)
|
||||
qSqlWarning(QLatin1String("QODBCDriver::tables Unable to execute table list"), d);
|
||||
@@ -2452,28 +2461,30 @@ QSqlIndex QODBCDriver::primaryIndex(const QString& tablename) const
|
||||
SQL_ATTR_CURSOR_TYPE,
|
||||
(SQLPOINTER)SQL_CURSOR_FORWARD_ONLY,
|
||||
SQL_IS_UINTEGER);
|
||||
- r = SQLPrimaryKeys(hStmt,
|
||||
- catalog.length() == 0 ? NULL : toSQLTCHAR(catalog).data(),
|
||||
- catalog.length(),
|
||||
- schema.length() == 0 ? NULL : toSQLTCHAR(schema).data(),
|
||||
- schema.length(),
|
||||
- toSQLTCHAR(table).data(),
|
||||
- table.length() /* in characters, not in bytes */);
|
||||
+ {
|
||||
+ auto c = toSQLTCHAR(catalog);
|
||||
+ auto s = toSQLTCHAR(schema);
|
||||
+ auto t = toSQLTCHAR(table);
|
||||
+ r = SQLPrimaryKeys(hStmt,
|
||||
+ catalog.isEmpty() ? nullptr : c.data(), c.size(),
|
||||
+ schema.isEmpty() ? nullptr : s.data(), s.size(),
|
||||
+ t.data(), t.size());
|
||||
+ }
|
||||
|
||||
// if the SQLPrimaryKeys() call does not succeed (e.g the driver
|
||||
// does not support it) - try an alternative method to get hold of
|
||||
// the primary index (e.g MS Access and FoxPro)
|
||||
if (r != SQL_SUCCESS) {
|
||||
- r = SQLSpecialColumns(hStmt,
|
||||
- SQL_BEST_ROWID,
|
||||
- catalog.length() == 0 ? NULL : toSQLTCHAR(catalog).data(),
|
||||
- catalog.length(),
|
||||
- schema.length() == 0 ? NULL : toSQLTCHAR(schema).data(),
|
||||
- schema.length(),
|
||||
- toSQLTCHAR(table).data(),
|
||||
- table.length(),
|
||||
- SQL_SCOPE_CURROW,
|
||||
- SQL_NULLABLE);
|
||||
+ auto c = toSQLTCHAR(catalog);
|
||||
+ auto s = toSQLTCHAR(schema);
|
||||
+ auto t = toSQLTCHAR(table);
|
||||
+ r = SQLSpecialColumns(hStmt,
|
||||
+ SQL_BEST_ROWID,
|
||||
+ catalog.isEmpty() ? nullptr : c.data(), c.size(),
|
||||
+ schema.isEmpty() ? nullptr : s.data(), s.size(),
|
||||
+ t.data(), t.size(),
|
||||
+ SQL_SCOPE_CURROW,
|
||||
+ SQL_NULLABLE);
|
||||
|
||||
if (r != SQL_SUCCESS) {
|
||||
qSqlWarning(QLatin1String("QODBCDriver::primaryIndex: Unable to execute primary key list"), d);
|
||||
@@ -2554,15 +2565,17 @@ QSqlRecord QODBCDriver::record(const QString& tablename) const
|
||||
SQL_ATTR_CURSOR_TYPE,
|
||||
(SQLPOINTER)SQL_CURSOR_FORWARD_ONLY,
|
||||
SQL_IS_UINTEGER);
|
||||
- r = SQLColumns(hStmt,
|
||||
- catalog.length() == 0 ? NULL : toSQLTCHAR(catalog).data(),
|
||||
- catalog.length(),
|
||||
- schema.length() == 0 ? NULL : toSQLTCHAR(schema).data(),
|
||||
- schema.length(),
|
||||
- toSQLTCHAR(table).data(),
|
||||
- table.length(),
|
||||
- NULL,
|
||||
- 0);
|
||||
+ {
|
||||
+ auto c = toSQLTCHAR(catalog);
|
||||
+ auto s = toSQLTCHAR(schema);
|
||||
+ auto t = toSQLTCHAR(table);
|
||||
+ r = SQLColumns(hStmt,
|
||||
+ catalog.isEmpty() ? nullptr : c.data(), c.size(),
|
||||
+ schema.isEmpty() ? nullptr : s.data(), s.size(),
|
||||
+ t.data(), t.size(),
|
||||
+ nullptr,
|
||||
+ 0);
|
||||
+ }
|
||||
if (r != SQL_SUCCESS)
|
||||
qSqlWarning(QLatin1String("QODBCDriver::record: Unable to execute column list"), d);
|
||||
|
|
@ -53,7 +53,7 @@
|
|||
Name: qt5-qtbase
|
||||
Summary: Qt5 - QtBase components
|
||||
Version: 5.15.8
|
||||
Release: 5%{?dist}
|
||||
Release: 6%{?dist}
|
||||
|
||||
# See LGPL_EXCEPTIONS.txt, for exception details
|
||||
License: LGPL-3.0-only OR GPL-3.0-only WITH Qt-GPL-exception-1.0
|
||||
|
@ -135,13 +135,11 @@ Patch90: %{name}-gcc11.patch
|
|||
# https://invent.kde.org/qt/qt/qtbase, kde/5.15 branch
|
||||
# git diff v5.15.8-lts-lgpl..HEAD | gzip > kde-5.15-rollup-$(date +%Y%m%d).patch.gz
|
||||
# patch100 in lookaside cache due to large'ish size -- rdieter
|
||||
Patch100: kde-5.15-rollup-20230105.patch.gz
|
||||
Patch100: kde-5.15-rollup-20230227.patch.gz
|
||||
# HACK to make 'fedpkg sources' consider it 'used"
|
||||
Source100: kde-5.15-rollup-20230105.patch.gz
|
||||
Source100: kde-5.15-rollup-20230227.patch.gz
|
||||
|
||||
Patch101: qtbase-5.15.8-fix-missing-qtsan-include.patch
|
||||
# CVE-2023-24607 in Qt SQL ODBC driver plugin
|
||||
Patch102: CVE-2023-24607-qtbase-5.15.patch
|
||||
|
||||
# Do not check any files in %%{_qt5_plugindir}/platformthemes/ for requires.
|
||||
# Those themes are there for platform integration. If the required libraries are
|
||||
|
@ -418,7 +416,6 @@ Qt5 libraries used for drawing widgets and OpenGL items.
|
|||
## upstream patches
|
||||
%patch100 -p1
|
||||
%patch101 -p1
|
||||
%patch102 -p1
|
||||
|
||||
# move some bundled libs to ensure they're not accidentally used
|
||||
pushd src/3rdparty
|
||||
|
@ -1098,6 +1095,9 @@ fi
|
|||
|
||||
|
||||
%changelog
|
||||
* Mon Feb 27 2023 Jan Grulich <jgrulich@redhat.com> - 5.15.8-6
|
||||
- refresh kde-5.15-rollup patch
|
||||
|
||||
* Wed Feb 08 2023 Jan Grulich <jgrulich@redhat.com> - 5.15.8-5
|
||||
- Fix possible DOS involving the Qt SQL ODBC driver plugin
|
||||
CVE-2023-24607
|
||||
|
|
2
sources
2
sources
|
@ -1,2 +1,2 @@
|
|||
SHA512 (qtbase-everywhere-opensource-src-5.15.8.tar.xz) = 29e8877bafdbc908072209f1b27a5040b022e2b71f17f4ab4cecd570adeae21597f9af7f1d38758760f3cb30376eeb15c5f066bf02c6e9a9e3a4d07f967046ce
|
||||
SHA512 (kde-5.15-rollup-20230105.patch.gz) = 837987cbb0e31179170c938fb0fb0e431e41273be53b737fa183aeb114eca2c8c36cba5ce65c51c145e7f43c2fd8789a3a8156d61b7127dc08929802fbb848c8
|
||||
SHA512 (kde-5.15-rollup-20230227.patch.gz) = beb2171fe7eda2074dc28f35f001a71a94418cf17b9a5556b8f2041ed2f9b654f0aadcd02ec48a734cb8dccabd3f4ec971a8e389bef67c94398a11698278e1bc
|
||||
|
|
Loading…
Reference in New Issue