!24 Fix the cve and modify source0

From: @kang_xiao_qiang Reviewed-by: @small_leek Signed-off-by: @small_leek
2020-09-22 14:07:31 +08:00 · 2020-09-22 14:07:31 +08:00 · 93d2e0c2bd
commit 93d2e0c2bd
parent c42fd56b05 422354c96d
2 changed files with 34 additions and 2 deletions
--- a/CVE-2020-17507.patch
+++ b/CVE-2020-17507.patch
@ -0,0 +1,28 @@
+From 1a27a6cefbb457f2fb74159267835aaefb7c992d Mon Sep 17 00:00:00 2001
+From: Dmitry Shachnev <mitya57@debian.org>
+Date: Tue, 18 Aug 2020 16:16:57 +0300
+Subject: [PATCH] Backport upstream patch to fix buffer overflow in XBMparser.
+
+Closes: #968444, CVE-2020-17507.
+---
+ src/gui/image/qxbmhandler.cpp | 4 +++-
+ 1 file changed, 3 insertions(+), 1 deletion(-)
+
+diff --git a/src/gui/image/qxbmhandler.cpp b/src/gui/image/qxbmhandler.cpp
+index 414e8233..7483b245 100644
+--- a/src/gui/image/qxbmhandler.cpp
+++ b/src/gui/image/qxbmhandler.cpp
+@@ -154,7 +154,9 @@ static bool read_xbm_body(QIODevice *device, int w, int h, QImage *outImage)
+     w = (w+7)/8;                                // byte width
+ 
+     while (y < h) {                                // for all encoded bytes...
+-        if (p) {                                // p = "0x.."
+        if (p && p < (buf + readBytes - 3)) {                                // p = "0x.."
+	    if (!isxdigit(p[2]) || !isxdigit(p[3]))
+		return false;
+             *b++ = hex2byte(p+2);
+             p += 2;
+             if (++x == w && ++y < h) {
+-- 
+2.23.0
+
--- a/qt.spec
+++ b/qt.spec
@ -13,11 +13,11 @@
 Name:           qt
 Epoch:          1
 Version:        4.8.7
-Release:        47
+Release:        48
 Summary:        A software toolkit for developing applications
 License:        (LGPLv2 with exceptions or GPLv3 with exceptions) and ASL 2.0 and BSD and FTL and MIT
 URL:            http://qt-project.org/
-Source0:        https://download.qt-project.org/official_releases/qt/4.8/%{version}/qt-everywhere-opensource-src-%{version}.tar.gz
+Source0:        https://download.qt.io/archive/qt/4.8/4.8.7/qt-everywhere-opensource-src-4.8.7.tar.gz
 Source1:        qconfig-multilib.h
 Source2:        assistant.desktop
 Source3:        designer.desktop
@ -77,6 +77,7 @@ Patch6001:      CVE-2018-19872.patch
 Patch6002:      CVE-2018-19871.patch
 Patch6003:      CVE-2018-19870.patch
 Patch6004:      CVE-2018-19873.patch
+Patch6005:      CVE-2020-17507.patch

 BuildRequires:  cups-devel desktop-file-utils gcc-c++ libjpeg-devel findutils libmng-devel libtiff-devel pkgconfig pkgconfig(alsa)
 BuildRequires:  pkgconfig(dbus-1) pkgconfig(fontconfig) pkgconfig(glib-2.0) pkgconfig(icu-i18n) openssl-devel pkgconfig(libpng)
@ -443,6 +444,9 @@ fi
 %{_qt4_prefix}/examples/

 %changelog
+* Mon Sep 21 2020 shaoqiang kang <kangshaoqiang1@huawei.com> - 1:4.8.7-48
+- fix CVE-2020-17507 and modify source0
+
 * Thu Mar 19 2020 yanglijin <yanglijin@huawei.com> - 1:4.8.7-47
 - add stack protector