| Message ID | 537e7d323f57a0484c279c3b52ad5bb45eb44a10.1657772638.git.steve@sakoman.com |
|---|---|
| State | New, archived |
| Headers | show |
| Series | [kirkstone,01/27] ruby: add PACKAGECONFIG for capstone | expand |
This breaks build with clang: | In file included from ../harfbuzz-4.0.1/src/hb-ot-face.cc:39: 4429| ../harfbuzz-4.0.1/src/hb-ot-color-sbix-table.hh:301:11: error: use of bitwise '|' with boolean operands [-Werror,-Wbitwise-instead-of-logical] 4430| if (png.IHDR.height >= 65536 | png.IHDR.width >= 65536) 4431| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ 4432| || 4433| ../harfbuzz-4.0.1/src/hb-ot-color-sbix-table.hh:301:11: note: cast one or both operands to int to silence this warning 4434| 1 error generated. "Steve Sakoman" <steve@sakoman.com> writes: > From: Wentao Zhang <wentao.zhang@windriver.com> > > Backport patch from > https://github.com/harfbuzz/harfbuzz/commit/62e803b36173fd096d7ad460dd1d1db9be542593 > > The 'tff' file in upstream patch is for testing only which cause error during do_patch so need be dropped. > File test/fuzzing/fonts/sbix-extents.ttf: git binary diffs are not supported. > > Signed-off-by: Wentao Zhang <wentao.zhang@windriver.com> > Signed-off-by: Steve Sakoman <steve@sakoman.com> > --- > .../harfbuzz/harfbuzz/CVE-2022-33068.patch | 35 +++++++++++++++++++ > .../harfbuzz/harfbuzz_4.0.1.bb | 3 +- > 2 files changed, 37 insertions(+), 1 deletion(-) > create mode 100644 meta/recipes-graphics/harfbuzz/harfbuzz/CVE-2022-33068.patch > > diff --git a/meta/recipes-graphics/harfbuzz/harfbuzz/CVE-2022-33068.patch b/meta/recipes-graphics/harfbuzz/harfbuzz/CVE-2022-33068.patch > new file mode 100644 > index 0000000000..931b9abe1e > --- /dev/null > +++ b/meta/recipes-graphics/harfbuzz/harfbuzz/CVE-2022-33068.patch > @@ -0,0 +1,35 @@ > +From 62e803b36173fd096d7ad460dd1d1db9be542593 Mon Sep 17 00:00:00 2001 > +From: Behdad Esfahbod <behdad@behdad.org> > +Date: Wed, 1 Jun 2022 07:38:21 -0600 > +Subject: [PATCH] [sbix] Limit glyph extents > + > +Fixes https://github.com/harfbuzz/harfbuzz/issues/3557 > + > +Upstream-Status: Backport [https://github.com/harfbuzz/harfbuzz/commit/62e803b36173fd096d7ad460dd1d1db9be542593] > +CVE:CVE-2022-33068 > +Signed-off-by: Wentao Zhang<Wentao.Zhang@windriver.com> > + > +--- > + src/hb-ot-color-sbix-table.hh | 6 ++++++ > + 1 file changed, 6 insertions(+) > + > +diff --git a/src/hb-ot-color-sbix-table.hh b/src/hb-ot-color-sbix-table.hh > +index 9741ebd45..6efae43cd 100644 > +--- a/src/hb-ot-color-sbix-table.hh > ++++ b/src/hb-ot-color-sbix-table.hh > +@@ -298,6 +298,12 @@ struct sbix > + > + const PNGHeader &png = *blob->as<PNGHeader>(); > + > ++ if (png.IHDR.height >= 65536 | png.IHDR.width >= 65536) > ++ { > ++ hb_blob_destroy (blob); > ++ return false; > ++ } > ++ > + extents->x_bearing = x_offset; > + extents->y_bearing = png.IHDR.height + y_offset; > + extents->width = png.IHDR.width; > +-- > +2.25.1 > + > diff --git a/meta/recipes-graphics/harfbuzz/harfbuzz_4.0.1.bb b/meta/recipes-graphics/harfbuzz/harfbuzz_4.0.1.bb > index bf77a5e56c..81518a53ea 100644 > --- a/meta/recipes-graphics/harfbuzz/harfbuzz_4.0.1.bb > +++ b/meta/recipes-graphics/harfbuzz/harfbuzz_4.0.1.bb > @@ -11,7 +11,8 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=6ee0f16281694fb6aa689cca1e0fb3da \ > UPSTREAM_CHECK_URI = "https://github.com/${BPN}/${BPN}/releases" > UPSTREAM_CHECK_REGEX = "harfbuzz-(?P<pver>\d+(\.\d+)+).tar" > > -SRC_URI = "https://github.com/${BPN}/${BPN}/releases/download/${PV}/${BPN}-${PV}.tar.xz" > +SRC_URI = "https://github.com/${BPN}/${BPN}/releases/download/${PV}/${BPN}-${PV}.tar.xz\ > + file://CVE-2022-33068.patch" > SRC_URI[sha256sum] = "98f68777272db6cd7a3d5152bac75083cd52a26176d87bc04c8b3929d33bce49" > > inherit meson pkgconfig lib_package gtk-doc gobject-introspection
diff --git a/meta/recipes-graphics/harfbuzz/harfbuzz/CVE-2022-33068.patch b/meta/recipes-graphics/harfbuzz/harfbuzz/CVE-2022-33068.patch new file mode 100644 index 0000000000..931b9abe1e --- /dev/null +++ b/meta/recipes-graphics/harfbuzz/harfbuzz/CVE-2022-33068.patch @@ -0,0 +1,35 @@ +From 62e803b36173fd096d7ad460dd1d1db9be542593 Mon Sep 17 00:00:00 2001 +From: Behdad Esfahbod <behdad@behdad.org> +Date: Wed, 1 Jun 2022 07:38:21 -0600 +Subject: [PATCH] [sbix] Limit glyph extents + +Fixes https://github.com/harfbuzz/harfbuzz/issues/3557 + +Upstream-Status: Backport [https://github.com/harfbuzz/harfbuzz/commit/62e803b36173fd096d7ad460dd1d1db9be542593] +CVE:CVE-2022-33068 +Signed-off-by: Wentao Zhang<Wentao.Zhang@windriver.com> + +--- + src/hb-ot-color-sbix-table.hh | 6 ++++++ + 1 file changed, 6 insertions(+) + +diff --git a/src/hb-ot-color-sbix-table.hh b/src/hb-ot-color-sbix-table.hh +index 9741ebd45..6efae43cd 100644 +--- a/src/hb-ot-color-sbix-table.hh ++++ b/src/hb-ot-color-sbix-table.hh +@@ -298,6 +298,12 @@ struct sbix + + const PNGHeader &png = *blob->as<PNGHeader>(); + ++ if (png.IHDR.height >= 65536 | png.IHDR.width >= 65536) ++ { ++ hb_blob_destroy (blob); ++ return false; ++ } ++ + extents->x_bearing = x_offset; + extents->y_bearing = png.IHDR.height + y_offset; + extents->width = png.IHDR.width; +-- +2.25.1 + diff --git a/meta/recipes-graphics/harfbuzz/harfbuzz_4.0.1.bb b/meta/recipes-graphics/harfbuzz/harfbuzz_4.0.1.bb index bf77a5e56c..81518a53ea 100644 --- a/meta/recipes-graphics/harfbuzz/harfbuzz_4.0.1.bb +++ b/meta/recipes-graphics/harfbuzz/harfbuzz_4.0.1.bb @@ -11,7 +11,8 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=6ee0f16281694fb6aa689cca1e0fb3da \ UPSTREAM_CHECK_URI = "https://github.com/${BPN}/${BPN}/releases" UPSTREAM_CHECK_REGEX = "harfbuzz-(?P<pver>\d+(\.\d+)+).tar" -SRC_URI = "https://github.com/${BPN}/${BPN}/releases/download/${PV}/${BPN}-${PV}.tar.xz" +SRC_URI = "https://github.com/${BPN}/${BPN}/releases/download/${PV}/${BPN}-${PV}.tar.xz\ + file://CVE-2022-33068.patch" SRC_URI[sha256sum] = "98f68777272db6cd7a3d5152bac75083cd52a26176d87bc04c8b3929d33bce49" inherit meson pkgconfig lib_package gtk-doc gobject-introspection