[4/4] cairo: update patch for CVE-2019-6461

Message ID	20221213161732.865885-4-ross.burton@arm.com
State	New
Headers	show Return-Path: <ross.burton@arm.com> ip: 217.140.110.172, mailfrom: ross.burton@arm.com) From: Ross Burton <ross.burton@arm.com> To: openembedded-core@lists.openembedded.org Cc: nd@arm.com Subject: [PATCH 4/4] cairo: update patch for CVE-2019-6461 Date: Tue, 13 Dec 2022 16:17:32 +0000 Message-Id: <20221213161732.865885-4-ross.burton@arm.com> In-Reply-To: <20221213161732.865885-1-ross.burton@arm.com> References: <20221213161732.865885-1-ross.burton@arm.com> MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable
Series	[1/4] gtk+3: port to Meson \| expand [1/4] gtk+3: port to Meson [2/4] at-spi2-core: clean up x11 enabling [3/4] at-spi2-core: disable API docs if x11 is disabled [4/4] cairo: update patch for CVE-2019-6461

Message ID

20221213161732.865885-4-ross.burton@arm.com

State

New

Headers

From: Ross Burton <ross.burton@arm.com>
To: openembedded-core@lists.openembedded.org
Cc: nd@arm.com
Subject: [PATCH 4/4] cairo: update patch for CVE-2019-6461
Date: Tue, 13 Dec 2022 16:17:32 +0000
Message-Id: <20221213161732.865885-4-ross.burton@arm.com>
In-Reply-To: <20221213161732.865885-1-ross.burton@arm.com>
References: <20221213161732.865885-1-ross.burton@arm.com>
MIME-Version: 1.0
Content-Transfer-Encoding: quoted-printable

Series

[1/4] gtk+3: port to Meson | expand

Commit Message

Ross Burton Dec. 13, 2022, 4:17 p.m. UTC

Update the patch to reflect the fix merged into 1.17.6.

Signed-off-by: Ross Burton <ross.burton@arm.com>
---
 .../cairo/cairo/CVE-2019-6461.patch           | 30 ++++++++++++++++---
 1 file changed, 26 insertions(+), 4 deletions(-)

diff --git a/meta/recipes-graphics/cairo/cairo/CVE-2019-6461.patch b/meta/recipes-graphics/cairo/cairo/CVE-2019-6461.patch
index 5232cf70c69..b5fd915b826 100644
--- a/meta/recipes-graphics/cairo/cairo/CVE-2019-6461.patch
+++ b/meta/recipes-graphics/cairo/cairo/CVE-2019-6461.patch
@@ -1,19 +1,41 @@ 
 There is a potential infinite-loop in function _arc_error_normalized().
 
 CVE: CVE-2019-6461
-Upstream-Status: Pending
+Upstream-Status: Backport [ab2c5ee21e5f3d3ee4b3f67cfcd5811a4f99c3a0]
 Signed-off-by: Ross Burton <ross.burton@intel.com>
 
+From ab2c5ee21e5f3d3ee4b3f67cfcd5811a4f99c3a0 Mon Sep 17 00:00:00 2001
+From: Heiko Lewin <hlewin@gmx.de>
+Date: Sun, 1 Aug 2021 11:16:03 +0000
+Subject: [PATCH] _arc_max_angle_for_tolerance_normalized: fix infinite loop
+
+---
+ src/cairo-arc.c | 4 +++-
+ 1 file changed, 3 insertions(+), 1 deletion(-)
+
 diff --git a/src/cairo-arc.c b/src/cairo-arc.c
-index 390397bae..f9249dbeb 100644
+index 390397bae..1c891d1a0 100644
 --- a/src/cairo-arc.c
 +++ b/src/cairo-arc.c
-@@ -99,7 +99,7 @@ _arc_max_angle_for_tolerance_normalized (double tolerance)
+@@ -90,16 +90,18 @@ _arc_max_angle_for_tolerance_normalized (double tolerance)
+ 	{ M_PI / 11.0,  9.81410988043554039085e-09 },
+     };
+     int table_size = ARRAY_LENGTH (table);
++    const int max_segments = 1000; /* this value is chosen arbitrarily. this gives an error of about 1.74909e-20 */
+ 
+     for (i = 0; i < table_size; i++)
+ 	if (table[i].error < tolerance)
+ 	    return table[i].angle;
+ 
+     ++i;
++
      do {
  	angle = M_PI / i++;
  	error = _arc_error_normalized (angle);
 -    } while (error > tolerance);
-+    } while (error > tolerance && error > __DBL_EPSILON__);
++    } while (error > tolerance && i < max_segments);
  
      return angle;
  }
+-- 
+GitLab

[4/4] cairo: update patch for CVE-2019-6461

Commit Message

Patch