packages/harfbuzz
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Compare commits

base: packages:f0ae1df3d4ff746a7c8c0679292cdd4bf0da2169
Branches Tags
packages:main
...
compare: packages:00909ead86cad03d750b2282a179636701bffa1a
Branches Tags
packages:main

10 Commits
f0ae1df3d4 ... 00909ead86

Author SHA1 Message Date
openeuler-ci-bot
00909ead86
!57 Remove rpath 
From: @zhangxianting 
Reviewed-by: @t_feng 
Signed-off-by: @t_feng
 2023-11-09 09:36:07 +00:00
zhangxianting
39ad8fbdba Enable fPIE and Remove rpath 2023-11-09 10:42:02 +08:00
openeuler-ci-bot
4a81c1e60c
!51 [sync] PR-47: fix CVE-2023-25193 
From: @openeuler-sync-bot 
Reviewed-by: @t_feng 
Signed-off-by: @t_feng
 2023-02-15 13:05:04 +00:00
zhouwenpei
ba4ca726a1 fix CVE-2023-25193 
(cherry picked from commit 1ca4fb920e95444026ee9720ae018ee00cb81fa8)
 2023-02-15 19:33:10 +08:00
openeuler-ci-bot
63cc50601d
!44 fix CVE-2022-33068 
From: @zhouwenpei 
Reviewed-by: @t_feng 
Signed-off-by: @t_feng
 2022-07-15 08:53:19 +00:00
zhouwenpei
ef4567eea7 fix CVE-2022-33068 2022-07-15 16:11:28 +08:00
openeuler-ci-bot
4fd1a999a3 !26 enable make check 
From: @kerongw
Reviewed-by: @yanan-rock
Signed-off-by: @yanan-rock
 2021-07-05 11:34:25 +00:00
wangkerong
f6d24125a8 enable make check 2021-07-05 09:59:52 +08:00
openeuler-ci-bot
f41e2a26b1 !22 [sync] PR-15: Update to 2.8.1 
From: @openeuler-sync-bot
Reviewed-by: @yanan-rock
Signed-off-by: @yanan-rock
 2021-06-28 08:50:18 +00:00
wangkerong
fc8fb362bd Update to 2.8.1 
(cherry picked from commit 881141babb3d2bfdbf92f15b77575c8416a7eadd)
 2021-06-25 12:23:27 +08:00
5 changed files with 144 additions and 6 deletions
Show Stats Expand all files Collapse all files

37
backport-0001-CVE-2023-25193.patch Normal file
View File

@ -0,0 +1,37 @@
From 56f11ec938260836387256225bc47665473e2bbe Mon Sep 17 00:00:00 2001
From: Behdad Esfahbod <behdad@behdad.org>
Date: Fri, 18 Feb 2022 14:08:43 -0600
Subject: [PATCH] [buffer] Add HB_BUFFER_FLAG_PRODUCE_UNSAFE_TO_CONCAT
---
src/hb-buffer.h | 8 ++++++--
1 file changed, 6 insertions(+), 2 deletions(-)
diff --git a/src/hb-buffer.h b/src/hb-buffer.h
index 865ccb2..51b1760 100644
--- a/src/hb-buffer.h
+++ b/src/hb-buffer.h
@@ -296,7 +296,10 @@ hb_buffer_guess_segment_properties (hb_buffer_t *buffer);
* flag indicating that a dotted circle should
* not be inserted in the rendering of incorrect
* character sequences (such at <0905 093E>). Since: 2.4
- *
+ * @HB_BUFFER_FLAG_PRODUCE_UNSAFE_TO_CONCAT:
+ * flag indicating that the @HB_GLYPH_FLAG_UNSAFE_TO_CONCAT
+ * glyph-flag should be produced by the shaper. By default
+ * it will not be produced since it incurs a cost. Since: REPLACEME
* Flags for #hb_buffer_t.
*
* Since: 0.9.20
@@ -307,7 +310,8 @@ typedef enum { /*< flags >*/
HB_BUFFER_FLAG_EOT = 0x00000002u, /* End-of-text */
HB_BUFFER_FLAG_PRESERVE_DEFAULT_IGNORABLES = 0x00000004u,
HB_BUFFER_FLAG_REMOVE_DEFAULT_IGNORABLES = 0x00000008u,
- HB_BUFFER_FLAG_DO_NOT_INSERT_DOTTED_CIRCLE = 0x00000010u
+ HB_BUFFER_FLAG_DO_NOT_INSERT_DOTTED_CIRCLE = 0x00000010u,
+ HB_BUFFER_FLAG_PRODUCE_UNSAFE_TO_CONCAT = 0x00000040u
} hb_buffer_flags_t;
HB_EXTERN void
--
2.27.0

38
backport-0002-CVE-2023-25193.patch Normal file
View File

@ -0,0 +1,38 @@
From 85be877925ddbf34f74a1229f3ca1716bb6170dc Mon Sep 17 00:00:00 2001
From: Behdad Esfahbod <behdad@behdad.org>
Date: Wed, 1 Feb 2023 20:00:43 -0700
Subject: [PATCH] [layout] Limit how far we skip when looking back
See comments.
---
src/hb-ot-layout-gsubgpos.hh | 12 +++++++++++-
1 file changed, 11 insertions(+), 1 deletion(-)
diff --git a/src/hb-ot-layout-gsubgpos.hh b/src/hb-ot-layout-gsubgpos.hh
index c17bf92..712e307 100644
--- a/src/hb-ot-layout-gsubgpos.hh
+++ b/src/hb-ot-layout-gsubgpos.hh
@@ -535,7 +535,19 @@ struct hb_ot_apply_context_t :
bool prev ()
{
assert (num_items > 0);
- while (idx > num_items - 1)
+ /* The alternate condition below is faster at string boundaries,
+ * but produces subpar "unsafe-to-concat" values. */
+ unsigned stop = num_items - 1;
+ if (c->buffer->flags & HB_BUFFER_FLAG_PRODUCE_UNSAFE_TO_CONCAT)
+ stop = 1 - 1;
+
+ /* When looking back, limit how far we search; this function is mostly
+ * used for looking back for base glyphs when attaching marks. If we
+ * don't limit, we can get O(n^2) behavior where n is the number of
+ * consecutive marks. */
+ stop = (unsigned) hb_max ((int) stop, (int) idx - HB_MAX_CONTEXT_LENGTH);
+
+ while (idx > stop)
{
idx--;
const hb_glyph_info_t &info = c->buffer->out_info[idx];
--
2.33.0

29
backport-CVE-2022-33068.patch Normal file
View File

@ -0,0 +1,29 @@
From 62e803b36173fd096d7ad460dd1d1db9be542593 Mon Sep 17 00:00:00 2001
From: Behdad Esfahbod <behdad@behdad.org>
Date: Wed, 1 Jun 2022 07:38:21 -0600
Subject: [PATCH] [sbix] Limit glyph extents
Fixes https://github.com/harfbuzz/harfbuzz/issues/3557
---
src/hb-ot-color-sbix-table.hh | 6 ++++++
test/fuzzing/fonts/sbix-extents.ttf | Bin 0 -> 582 bytes
2 files changed, 6 insertions(+)
create mode 100644 test/fuzzing/fonts/sbix-extents.ttf
diff --git a/src/hb-ot-color-sbix-table.hh b/src/hb-ot-color-sbix-table.hh
index 9741ebd450..6efae43cda 100644
--- a/src/hb-ot-color-sbix-table.hh
+++ b/src/hb-ot-color-sbix-table.hh
@@ -298,6 +298,12 @@ struct sbix
const PNGHeader &png = *blob->as<PNGHeader>();
+ if (png.IHDR.height >= 65536 | png.IHDR.width >= 65536)
+ {
+ hb_blob_destroy (blob);
+ return false;
+ }
+
extents->x_bearing = x_offset;
extents->y_bearing = png.IHDR.height + y_offset;
extents->width = png.IHDR.width;

BIN
harfbuzz-2.6.8.tar.xz → harfbuzz-2.8.1.tar.xz
View File

Binary file not shown.

46
harfbuzz.spec
View File

@ -1,14 +1,18 @@
Name: harfbuzz
Version: 2.6.8
Release: 1
Version: 2.8.1
Release: 5
Summary: A text shaping engine
License: MIT
URL: https://harfbuzz.github.io/what-is-harfbuzz.html
Source0: https://github.com/harfbuzz/harfbuzz/releases/tag/%{name}-%{version}.tar.xz
Source0: https://github.com/harfbuzz/harfbuzz/releases/download/2.8.1/%{name}-%{version}.tar.xz
Patch0001: backport-CVE-2022-33068.patch
Patch0002: backport-0001-CVE-2023-25193.patch
Patch0003: backport-0002-CVE-2023-25193.patch
BuildRequires: gcc-c++ freetype-devel cairo-devel glib2-devel graphite2-devel
BuildRequires: gtk-doc libicu-devel gobject-introspection-devel
BuildRequires: gtk-doc libicu-devel gobject-introspection-devel chrpath
Provides: harfbuzz-icu
Obsoletes: harfbuzz-icu
@ -32,17 +36,31 @@ Header files and libraries for building a extension library for %{name}.
%autosetup -n %{name}-%{version} -p1
%build
%configure --disable-static --with-graphite2 --with-gobject --enable-introspection
%configure --disable-static --with-graphite2 --with-gobject --enable-introspection CFLAGS="-fPIE -pie"
make %{?_smp_mflags}
%check
make check
%install
make install DESTDIR=$RPM_BUILD_ROOT INSTALL="install -p"
%delete_la
chrpath -d %{buildroot}%{_libdir}/lib%{name}-icu.so.*
chrpath -d %{buildroot}%{_libdir}/lib%{name}-gobject.so.*
chrpath -d %{buildroot}%{_libdir}/lib%{name}-subset.so.*
mkdir -p %{buildroot}/etc/ld.so.conf.d
echo "%{_libdir}/%{name}" > %{buildroot}/etc/ld.so.conf.d/%{name}-%{_arch}.conf
%delete_la
%ldconfig_scriptlets
%post
/sbin/ldconfig
%postun
/sbin/ldconfig
%files
%doc AUTHORS NEWS
%license COPYING
@ -52,6 +70,7 @@ make install DESTDIR=$RPM_BUILD_ROOT INSTALL="install -p"
%{_libdir}/libharfbuzz-icu.so.*
%dir %{_libdir}/girepository-1.0
%{_libdir}/girepository-1.0/HarfBuzz-0.0.typelib
%config(noreplace) /etc/ld.so.conf.d/*
%files devel
%{_bindir}/*
@ -67,6 +86,21 @@ make install DESTDIR=$RPM_BUILD_ROOT INSTALL="install -p"
%{_datadir}/gtk-doc/html/harfbuzz/*
%changelog
* Wed Nov 08 2023 zhangxianting <zhangxianting@uniontech.com> - 2.8.1-5
- Enable fPIE and Remove rpath
* Wed Feb 15 2023 zhouwenpei <zhouwenpei1@h-partners.com> - 2.8.1-4
- fix CVE-2023-25193
* Fri Jul 15 2022 zhouwenpei <zhouwenpei1@h-partners.com> - 2.8.1-3
- fix CVE-2022-33068
* Mon Jul 05 2021 wangkerong <wangkerong@huawei.com> - 2.8.1-2
- enable make check
* Sat Jun 19 2021 wangkerong <wangkerong@huawei.com> - 2.8.1-1
- Update to 2.8.1
* Wed Aug 26 2020 chengguipeng<chengguipeng1@huawei.com> - 2.6.8-1
- Update to 2.6.8