diff mbox series

[2/3] package/qt5/qt5base: remove leftover patch

Message ID 20220317163823.2913753-2-foss+buildroot@0leil.net
State Accepted
Headers show
Series [1/3] package/qt5/qt5base: security bump | expand

Commit Message

Quentin Schulz March 17, 2022, 4:38 p.m. UTC
From: Quentin Schulz <quentin.schulz@theobroma-systems.com>

CVE-2021-38593 fixes originally missed a usecase that was covered by the
to-be-removed patch. However, this patch was incorrect and added some
issues on its own, which was then fixed by now-removed
0012-Refix-for-avoiding-huge-number-of-tiny-dashes.patch.

Unfortunately for us, the to-be-removed patch (fixed by
0012-Refix-for-avoiding-huge-number-of-tiny-dashes.patch) can actually
be applied (with fuzz; by `patch` only) on top of the now-removed patch.
When the move to KDE Qt fork was made, some patches were removed as they
were already part of the new git fork. However, the to-be-removed patch
was not. This means the
0012-Refix-for-avoiding-huge-number-of-tiny-dashes.patch was actually
undone when Buildroot patched qt5base.

Let's remove this patch to fix this oversight.

As a reference:
e7ea2ed27c Improve fix for avoiding huge number of tiny dashes
fixed by
65b3aa6a1c Refix for avoiding huge number of tiny dashes
in the git repo.

Fixes: 5770a645a3a49 "package/qt5: bump packages to latest kde submodule versions"
Cc: Quentin Schulz <foss+buildroot@0leil.net>
Signed-off-by: Quentin Schulz <quentin.schulz@theobroma-systems.com>
---
 ...-avoiding-huge-number-of-tiny-dashes.patch | 37 -------------------
 1 file changed, 37 deletions(-)
 delete mode 100644 package/qt5/qt5base/0006-Improve-fix-for-avoiding-huge-number-of-tiny-dashes.patch

Comments

Arnout Vandecappelle March 24, 2022, 9:42 p.m. UTC | #1
On 17/03/2022 17:38, Quentin Schulz wrote:
> From: Quentin Schulz <quentin.schulz@theobroma-systems.com>
> 
> CVE-2021-38593 fixes originally missed a usecase that was covered by the
> to-be-removed patch. However, this patch was incorrect and added some
> issues on its own, which was then fixed by now-removed
> 0012-Refix-for-avoiding-huge-number-of-tiny-dashes.patch.
> 
> Unfortunately for us, the to-be-removed patch (fixed by
> 0012-Refix-for-avoiding-huge-number-of-tiny-dashes.patch) can actually
> be applied (with fuzz; by `patch` only) on top of the now-removed patch.
> When the move to KDE Qt fork was made, some patches were removed as they
> were already part of the new git fork. However, the to-be-removed patch
> was not. This means the
> 0012-Refix-for-avoiding-huge-number-of-tiny-dashes.patch was actually
> undone when Buildroot patched qt5base.
> 
> Let's remove this patch to fix this oversight.
> 
> As a reference:
> e7ea2ed27c Improve fix for avoiding huge number of tiny dashes
> fixed by
> 65b3aa6a1c Refix for avoiding huge number of tiny dashes
> in the git repo.
> 
> Fixes: 5770a645a3a49 "package/qt5: bump packages to latest kde submodule versions"
> Cc: Quentin Schulz <foss+buildroot@0leil.net>
> Signed-off-by: Quentin Schulz <quentin.schulz@theobroma-systems.com>

  Applied to master, thanks.

  I've also renumbered patches 7 and 8.

  Regards,
  Arnout

> ---
>   ...-avoiding-huge-number-of-tiny-dashes.patch | 37 -------------------
>   1 file changed, 37 deletions(-)
>   delete mode 100644 package/qt5/qt5base/0006-Improve-fix-for-avoiding-huge-number-of-tiny-dashes.patch
> 
> diff --git a/package/qt5/qt5base/0006-Improve-fix-for-avoiding-huge-number-of-tiny-dashes.patch b/package/qt5/qt5base/0006-Improve-fix-for-avoiding-huge-number-of-tiny-dashes.patch
> deleted file mode 100644
> index 16e0f20200..0000000000
> --- a/package/qt5/qt5base/0006-Improve-fix-for-avoiding-huge-number-of-tiny-dashes.patch
> +++ /dev/null
> @@ -1,37 +0,0 @@
> -From 856d11f695fb6effe26a359f9ad0efdf24067085 Mon Sep 17 00:00:00 2001
> -From: Eirik Aavitsland <eirik.aavitsland@qt.io>
> -Date: Fri, 23 Jul 2021 15:53:56 +0200
> -Subject: [PATCH] Improve fix for avoiding huge number of tiny dashes
> -MIME-Version: 1.0
> -Content-Type: text/plain; charset=UTF-8
> -Content-Transfer-Encoding: 8bit
> -
> -Some pathological cases were not caught by the previous fix.
> -
> -Fixes: QTBUG-95239
> -Pick-to: 6.2 6.1 5.15
> -Change-Id: I0337ee3923ff93ccb36c4d7b810a9c0667354cc5
> -Reviewed-by: Robert Löhning <robert.loehning@qt.io>
> -(cherry picked from commit 6b400e3147dcfd8cc3a393ace1bd118c93762e0c)
> -[Retrieved from: https://invent.kde.org/qt/qt/qtbase/-/commit/fed5713eeba5bf8e0ee413cb4e77109bfa7c2bce]
> -Signed-off-by: Quentin Schulz <quentin.schulz@theobroma-systems.com>
> ----
> - src/gui/painting/qpaintengineex.cpp | 2 +-
> - 1 file changed, 1 insertion(+), 1 deletion(-)
> -
> -diff --git a/src/gui/painting/qpaintengineex.cpp b/src/gui/painting/qpaintengineex.cpp
> -index 55fdb0c2a0..19e4b23423 100644
> ---- a/src/gui/painting/qpaintengineex.cpp
> -+++ b/src/gui/painting/qpaintengineex.cpp
> -@@ -426,7 +426,7 @@ void QPaintEngineEx::stroke(const QVectorPath &path, const QPen &inPen)
> -             patternLength *= pen.widthF();
> -         if (qFuzzyIsNull(patternLength)) {
> -             pen.setStyle(Qt::NoPen);
> --        } else if (extent / patternLength > 10000) {
> -+        } else if (qFuzzyIsNull(extent) || extent / patternLength > 10000) {
> -             // approximate stream of tiny dashes with semi-transparent solid line
> -             pen.setStyle(Qt::SolidLine);
> -             QColor color(pen.color());
> ---
> -2.34.1
> -
Peter Korsgaard March 30, 2022, 7:12 a.m. UTC | #2
>>>>> "Quentin" == Quentin Schulz <foss+buildroot@0leil.net> writes:

 > From: Quentin Schulz <quentin.schulz@theobroma-systems.com>
 > CVE-2021-38593 fixes originally missed a usecase that was covered by the
 > to-be-removed patch. However, this patch was incorrect and added some
 > issues on its own, which was then fixed by now-removed
 > 0012-Refix-for-avoiding-huge-number-of-tiny-dashes.patch.

 > Unfortunately for us, the to-be-removed patch (fixed by
 > 0012-Refix-for-avoiding-huge-number-of-tiny-dashes.patch) can actually
 > be applied (with fuzz; by `patch` only) on top of the now-removed patch.
 > When the move to KDE Qt fork was made, some patches were removed as they
 > were already part of the new git fork. However, the to-be-removed patch
 > was not. This means the
 > 0012-Refix-for-avoiding-huge-number-of-tiny-dashes.patch was actually
 > undone when Buildroot patched qt5base.

 > Let's remove this patch to fix this oversight.

 > As a reference:
 > e7ea2ed27c Improve fix for avoiding huge number of tiny dashes
 > fixed by
 > 65b3aa6a1c Refix for avoiding huge number of tiny dashes
 > in the git repo.

 > Fixes: 5770a645a3a49 "package/qt5: bump packages to latest kde submodule versions"
 > Cc: Quentin Schulz <foss+buildroot@0leil.net>
 > Signed-off-by: Quentin Schulz <quentin.schulz@theobroma-systems.com>

Committed to 2022.02.x, thanks.
diff mbox series

Patch

diff --git a/package/qt5/qt5base/0006-Improve-fix-for-avoiding-huge-number-of-tiny-dashes.patch b/package/qt5/qt5base/0006-Improve-fix-for-avoiding-huge-number-of-tiny-dashes.patch
deleted file mode 100644
index 16e0f20200..0000000000
--- a/package/qt5/qt5base/0006-Improve-fix-for-avoiding-huge-number-of-tiny-dashes.patch
+++ /dev/null
@@ -1,37 +0,0 @@ 
-From 856d11f695fb6effe26a359f9ad0efdf24067085 Mon Sep 17 00:00:00 2001
-From: Eirik Aavitsland <eirik.aavitsland@qt.io>
-Date: Fri, 23 Jul 2021 15:53:56 +0200
-Subject: [PATCH] Improve fix for avoiding huge number of tiny dashes
-MIME-Version: 1.0
-Content-Type: text/plain; charset=UTF-8
-Content-Transfer-Encoding: 8bit
-
-Some pathological cases were not caught by the previous fix.
-
-Fixes: QTBUG-95239
-Pick-to: 6.2 6.1 5.15
-Change-Id: I0337ee3923ff93ccb36c4d7b810a9c0667354cc5
-Reviewed-by: Robert Löhning <robert.loehning@qt.io>
-(cherry picked from commit 6b400e3147dcfd8cc3a393ace1bd118c93762e0c)
-[Retrieved from: https://invent.kde.org/qt/qt/qtbase/-/commit/fed5713eeba5bf8e0ee413cb4e77109bfa7c2bce]
-Signed-off-by: Quentin Schulz <quentin.schulz@theobroma-systems.com>
----
- src/gui/painting/qpaintengineex.cpp | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/src/gui/painting/qpaintengineex.cpp b/src/gui/painting/qpaintengineex.cpp
-index 55fdb0c2a0..19e4b23423 100644
---- a/src/gui/painting/qpaintengineex.cpp
-+++ b/src/gui/painting/qpaintengineex.cpp
-@@ -426,7 +426,7 @@ void QPaintEngineEx::stroke(const QVectorPath &path, const QPen &inPen)
-             patternLength *= pen.widthF();
-         if (qFuzzyIsNull(patternLength)) {
-             pen.setStyle(Qt::NoPen);
--        } else if (extent / patternLength > 10000) {
-+        } else if (qFuzzyIsNull(extent) || extent / patternLength > 10000) {
-             // approximate stream of tiny dashes with semi-transparent solid line
-             pen.setStyle(Qt::SolidLine);
-             QColor color(pen.color());
--- 
-2.34.1
-