[neon/qt6/qt6-base/Neon/unstable] debian: lintlintlint
Carlos De Maine
null at kde.org
Fri Nov 24 07:41:07 GMT 2023
Git commit cb3c65d935aea2b31590383c7d35198dfc0e4052 by Carlos De Maine.
Committed on 24/11/2023 at 08:41.
Pushed by carlosdem into branch 'Neon/unstable'.
lintlintlint
M +0 -2 debian/control
D +0 -342 debian/patches/cve-2023-24607.patch
M +3 -0 debian/qt6-base.lintian-overrides
https://invent.kde.org/neon/qt6/qt6-base/-/commit/cb3c65d935aea2b31590383c7d35198dfc0e4052
diff --git a/debian/control b/debian/control
index e4a2fd6..7e9632a 100644
--- a/debian/control
+++ b/debian/control
@@ -119,9 +119,7 @@ Pre-Depends: ${misc:Pre-Depends}
Provides: qt6-base-abi (= 6.4.2)
Depends: fontconfig,
shared-mime-info,
- ${libssl:Depends},
${misc:Depends},
- ${perl:Depends},
${shlibs:Depends}
Recommends: libcups2,
libqt6sql6-sqlite | libqt6sql6-mysql | libqt6sql6-odbc | libqt6sql6-psql | libqt6sql6-ibase,
diff --git a/debian/patches/cve-2023-24607.patch b/debian/patches/cve-2023-24607.patch
deleted file mode 100644
index bea047c..0000000
--- a/debian/patches/cve-2023-24607.patch
+++ /dev/null
@@ -1,342 +0,0 @@
-Description: Fix CVE-2023-24607
- CVE-2023-24607 can trigger a DOS with a specifically crafted string,
- see https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1031871.
- This patch https://codereview.qt-project.org/c/qt/qtbase/+/456216,
- https://codereview.qt-project.org/c/qt/qtbase/+/457637 and
- https://codereview.qt-project.org/c/qt/qtbase/+/457937
- See: https://www.qt.io/blog/security-advisory-qt-sql-odbc-driver-plugin
-Forwarded: not-needed
-
---- a/src/plugins/sqldrivers/odbc/qsql_odbc.cpp
-+++ b/src/plugins/sqldrivers/odbc/qsql_odbc.cpp
-@@ -58,23 +58,39 @@ inline static QString fromSQLTCHAR(const QVarLengthArray<SQLTCHAR>& input, qsize
- return result;
- }
-
-+template <size_t SizeOfChar = sizeof(SQLTCHAR)>
-+void toSQLTCHARImpl(QVarLengthArray<SQLTCHAR> &result, const QString &input); // primary template undefined
-+
-+template <typename Container>
-+void do_append(QVarLengthArray<SQLTCHAR> &result, const Container &c)
-+{
-+ result.append(reinterpret_cast<const SQLTCHAR *>(c.data()), c.size());
-+}
-+
-+template <>
-+void toSQLTCHARImpl<1>(QVarLengthArray<SQLTCHAR> &result, const QString &input)
-+{
-+ const auto u8 = input.toUtf8();
-+ do_append(result, u8);
-+}
-+
-+template <>
-+void toSQLTCHARImpl<2>(QVarLengthArray<SQLTCHAR> &result, const QString &input)
-+{
-+ do_append(result, input);
-+}
-+
-+template <>
-+void toSQLTCHARImpl<4>(QVarLengthArray<SQLTCHAR> &result, const QString &input)
-+{
-+ const auto u32 = input.toUcs4();
-+ do_append(result, u32);
-+}
-+
- inline static QVarLengthArray<SQLTCHAR> toSQLTCHAR(const QString &input)
- {
- QVarLengthArray<SQLTCHAR> result;
-- result.resize(input.size());
-- switch(sizeof(SQLTCHAR)) {
-- case 1:
-- memcpy(result.data(), input.toUtf8().data(), input.size());
-- break;
-- case 2:
-- memcpy(result.data(), input.unicode(), input.size() * 2);
-- break;
-- case 4:
-- memcpy(result.data(), input.toUcs4().data(), input.size() * 4);
-- break;
-- default:
-- qCritical("sizeof(SQLTCHAR) is %d. Don't know how to handle this.", int(sizeof(SQLTCHAR)));
-- }
-+ toSQLTCHARImpl(result, input);
- result.append(0); // make sure it's null terminated, doesn't matter if it already is, it does if it isn't.
- return result;
- }
-
---- a/src/plugins/sqldrivers/odbc/qsql_odbc.cpp
-+++ b/src/plugins/sqldrivers/odbc/qsql_odbc.cpp
-@@ -1740,10 +1740,11 @@ bool QODBCResult::exec()
- case QMetaType::QString:
- if (d->unicode) {
- if (bindValueType(i) & QSql::Out) {
-- const QByteArray &first = tmpStorage.at(i);
-- QVarLengthArray<SQLTCHAR> array;
-- array.append((const SQLTCHAR *)first.constData(), first.size());
-- values[i] = fromSQLTCHAR(array, first.size()/sizeof(SQLTCHAR));
-+ const QByteArray &bytes = tmpStorage.at(i);
-+ const auto strSize = bytes.size() / sizeof(SQLTCHAR);
-+ QVarLengthArray<SQLTCHAR> string(strSize);
-+ memcpy(string.data(), bytes.data(), strSize * sizeof(SQLTCHAR));
-+ values[i] = fromSQLTCHAR(string);
- }
- break;
- }
-
-
---- a/src/plugins/sqldrivers/odbc/qsql_odbc.cpp
-+++ b/src/plugins/sqldrivers/odbc/qsql_odbc.cpp
-@@ -745,6 +745,14 @@ QChar QODBCDriverPrivate::quoteChar()
- return quote;
- }
-
-+static SQLRETURN qt_string_SQLSetConnectAttr(SQLHDBC handle, SQLINTEGER attr, const QString &val)
-+{
-+ auto encoded = toSQLTCHAR(val);
-+ return SQLSetConnectAttr(handle, attr,
-+ encoded.data(),
-+ SQLINTEGER(encoded.size() * sizeof(SQLTCHAR))); // size in bytes
-+}
-+
-
- bool QODBCDriverPrivate::setConnectionOptions(const QString& connOpts)
- {
-@@ -780,10 +788,7 @@ bool QODBCDriverPrivate::setConnectionOptions(const QString& connOpts)
- v = val.toUInt();
- r = SQLSetConnectAttr(hDbc, SQL_ATTR_LOGIN_TIMEOUT, (SQLPOINTER) size_t(v), 0);
- } else if (opt.toUpper() == "SQL_ATTR_CURRENT_CATALOG"_L1) {
-- val.utf16(); // 0 terminate
-- r = SQLSetConnectAttr(hDbc, SQL_ATTR_CURRENT_CATALOG,
-- toSQLTCHAR(val).data(),
-- SQLINTEGER(val.length() * sizeof(SQLTCHAR)));
-+ r = qt_string_SQLSetConnectAttr(hDbc, SQL_ATTR_CURRENT_CATALOG, val);
- } else if (opt.toUpper() == "SQL_ATTR_METADATA_ID"_L1) {
- if (val.toUpper() == "SQL_TRUE"_L1) {
- v = SQL_TRUE;
-@@ -798,10 +803,7 @@ bool QODBCDriverPrivate::setConnectionOptions(const QString& connOpts)
- v = val.toUInt();
- r = SQLSetConnectAttr(hDbc, SQL_ATTR_PACKET_SIZE, (SQLPOINTER) size_t(v), 0);
- } else if (opt.toUpper() == "SQL_ATTR_TRACEFILE"_L1) {
-- val.utf16(); // 0 terminate
-- r = SQLSetConnectAttr(hDbc, SQL_ATTR_TRACEFILE,
-- toSQLTCHAR(val).data(),
-- SQLINTEGER(val.length() * sizeof(SQLTCHAR)));
-+ r = qt_string_SQLSetConnectAttr(hDbc, SQL_ATTR_TRACEFILE, val);
- } else if (opt.toUpper() == "SQL_ATTR_TRACE"_L1) {
- if (val.toUpper() == "SQL_OPT_TRACE_OFF"_L1) {
- v = SQL_OPT_TRACE_OFF;
-@@ -1004,9 +1006,12 @@ bool QODBCResult::reset (const QString& query)
- return false;
- }
-
-- r = SQLExecDirect(d->hStmt,
-- toSQLTCHAR(query).data(),
-- (SQLINTEGER) query.length());
-+ {
-+ auto encoded = toSQLTCHAR(query);
-+ r = SQLExecDirect(d->hStmt,
-+ encoded.data(),
-+ SQLINTEGER(encoded.size()));
-+ }
- if (r != SQL_SUCCESS && r != SQL_SUCCESS_WITH_INFO && r!= SQL_NO_DATA) {
- setLastError(qMakeError(QCoreApplication::translate("QODBCResult",
- "Unable to execute statement"), QSqlError::StatementError, d));
-@@ -1355,9 +1360,12 @@ bool QODBCResult::prepare(const QString& query)
- return false;
- }
-
-- r = SQLPrepare(d->hStmt,
-- toSQLTCHAR(query).data(),
-- (SQLINTEGER) query.length());
-+ {
-+ auto encoded = toSQLTCHAR(query);
-+ r = SQLPrepare(d->hStmt,
-+ encoded.data(),
-+ SQLINTEGER(encoded.size()));
-+ }
-
- if (r != SQL_SUCCESS) {
- setLastError(qMakeError(QCoreApplication::translate("QODBCResult",
-@@ -1385,7 +1393,7 @@ bool QODBCResult::exec()
- SQLCloseCursor(d->hStmt);
-
- QVariantList &values = boundValues();
-- QByteArrayList tmpStorage(values.count(), QByteArray()); // holds temporary buffers
-+ QByteArrayList tmpStorage(values.count(), QByteArray()); // targets for SQLBindParameter()
- QVarLengthArray<SQLLEN, 32> indicators(values.count());
- memset(indicators.data(), 0, indicators.size() * sizeof(SQLLEN));
-
-@@ -1600,36 +1608,36 @@ bool QODBCResult::exec()
- case QMetaType::QString:
- if (d->unicode) {
- QByteArray &ba = tmpStorage[i];
-- QString str = val.toString();
-+ {
-+ const auto encoded = toSQLTCHAR(val.toString());
-+ ba = QByteArray(reinterpret_cast<const char *>(encoded.data()),
-+ encoded.size() * sizeof(SQLTCHAR));
-+ }
-+
- if (*ind != SQL_NULL_DATA)
-- *ind = str.length() * sizeof(SQLTCHAR);
-- const qsizetype strSize = str.length() * sizeof(SQLTCHAR);
-+ *ind = ba.size();
-
- if (bindValueType(i) & QSql::Out) {
-- const QVarLengthArray<SQLTCHAR> a(toSQLTCHAR(str));
-- ba = QByteArray((const char *)a.constData(), int(a.size() * sizeof(SQLTCHAR)));
- r = SQLBindParameter(d->hStmt,
- i + 1,
- qParamType[bindValueType(i) & QSql::InOut],
- SQL_C_TCHAR,
-- strSize > 254 ? SQL_WLONGVARCHAR : SQL_WVARCHAR,
-+ ba.size() > 254 ? SQL_WLONGVARCHAR : SQL_WVARCHAR,
- 0, // god knows... don't change this!
- 0,
-- ba.data(),
-+ const_cast<char *>(ba.constData()), // don't detach
- ba.size(),
- ind);
- break;
- }
-- ba = QByteArray(reinterpret_cast<const char *>(toSQLTCHAR(str).constData()),
-- int(strSize));
- r = SQLBindParameter(d->hStmt,
- i + 1,
- qParamType[bindValueType(i) & QSql::InOut],
- SQL_C_TCHAR,
-- strSize > 254 ? SQL_WLONGVARCHAR : SQL_WVARCHAR,
-- strSize,
-+ ba.size() > 254 ? SQL_WLONGVARCHAR : SQL_WVARCHAR,
-+ ba.size(),
- 0,
-- const_cast<char *>(ba.constData()),
-+ const_cast<char *>(ba.constData()), // don't detach
- ba.size(),
- ind);
- break;
-@@ -1991,14 +1999,16 @@ bool QODBCDriver::open(const QString & db,
- SQLSMALLINT cb;
- QVarLengthArray<SQLTCHAR> connOut(1024);
- memset(connOut.data(), 0, connOut.size() * sizeof(SQLTCHAR));
-- r = SQLDriverConnect(d->hDbc,
-- NULL,
-- toSQLTCHAR(connQStr).data(),
-- (SQLSMALLINT)connQStr.length(),
-- connOut.data(),
-- 1024,
-- &cb,
-- /*SQL_DRIVER_NOPROMPT*/0);
-+ {
-+ auto encoded = toSQLTCHAR(connQStr);
-+ r = SQLDriverConnect(d->hDbc,
-+ nullptr,
-+ encoded.data(), SQLSMALLINT(encoded.size()),
-+ connOut.data(),
-+ 1024,
-+ &cb,
-+ /*SQL_DRIVER_NOPROMPT*/0);
-+ }
-
- if (r != SQL_SUCCESS && r != SQL_SUCCESS_WITH_INFO) {
- setLastError(qMakeError(tr("Unable to connect"), QSqlError::ConnectionError, d));
-@@ -2377,17 +2387,15 @@ QStringList QODBCDriver::tables(QSql::TableType type) const
- if (tableType.isEmpty())
- return tl;
-
-- QString joinedTableTypeString = tableType.join(u',');
-+ {
-+ auto joinedTableTypeString = toSQLTCHAR(tableType.join(u','));
-
-- r = SQLTables(hStmt,
-- NULL,
-- 0,
-- NULL,
-- 0,
-- NULL,
-- 0,
-- toSQLTCHAR(joinedTableTypeString).data(),
-- joinedTableTypeString.length() /* characters, not bytes */);
-+ r = SQLTables(hStmt,
-+ nullptr, 0,
-+ nullptr, 0,
-+ nullptr, 0,
-+ joinedTableTypeString.data(), joinedTableTypeString.size());
-+ }
-
- if (r != SQL_SUCCESS)
- qSqlWarning("QODBCDriver::tables Unable to execute table list"_L1, d);
-@@ -2460,28 +2468,30 @@ QSqlIndex QODBCDriver::primaryIndex(const QString& tablename) const
- SQL_ATTR_CURSOR_TYPE,
- (SQLPOINTER)SQL_CURSOR_FORWARD_ONLY,
- SQL_IS_UINTEGER);
-- r = SQLPrimaryKeys(hStmt,
-- catalog.length() == 0 ? NULL : toSQLTCHAR(catalog).data(),
-- catalog.length(),
-- schema.length() == 0 ? NULL : toSQLTCHAR(schema).data(),
-- schema.length(),
-- toSQLTCHAR(table).data(),
-- table.length() /* in characters, not in bytes */);
-+ {
-+ auto c = toSQLTCHAR(catalog);
-+ auto s = toSQLTCHAR(schema);
-+ auto t = toSQLTCHAR(table);
-+ r = SQLPrimaryKeys(hStmt,
-+ catalog.isEmpty() ? nullptr : c.data(), c.size(),
-+ schema.isEmpty() ? nullptr : s.data(), s.size(),
-+ t.data(), t.size());
-+ }
-
- // if the SQLPrimaryKeys() call does not succeed (e.g the driver
- // does not support it) - try an alternative method to get hold of
- // the primary index (e.g MS Access and FoxPro)
- if (r != SQL_SUCCESS) {
-- r = SQLSpecialColumns(hStmt,
-- SQL_BEST_ROWID,
-- catalog.length() == 0 ? NULL : toSQLTCHAR(catalog).data(),
-- catalog.length(),
-- schema.length() == 0 ? NULL : toSQLTCHAR(schema).data(),
-- schema.length(),
-- toSQLTCHAR(table).data(),
-- table.length(),
-- SQL_SCOPE_CURROW,
-- SQL_NULLABLE);
-+ auto c = toSQLTCHAR(catalog);
-+ auto s = toSQLTCHAR(schema);
-+ auto t = toSQLTCHAR(table);
-+ r = SQLSpecialColumns(hStmt,
-+ SQL_BEST_ROWID,
-+ catalog.isEmpty() ? nullptr : c.data(), c.size(),
-+ schema.isEmpty() ? nullptr : s.data(), s.size(),
-+ t.data(), t.size(),
-+ SQL_SCOPE_CURROW,
-+ SQL_NULLABLE);
-
- if (r != SQL_SUCCESS) {
- qSqlWarning("QODBCDriver::primaryIndex: Unable to execute primary key list"_L1, d);
-@@ -2562,15 +2572,17 @@ QSqlRecord QODBCDriver::record(const QString& tablename) const
- SQL_ATTR_CURSOR_TYPE,
- (SQLPOINTER)SQL_CURSOR_FORWARD_ONLY,
- SQL_IS_UINTEGER);
-- r = SQLColumns(hStmt,
-- catalog.length() == 0 ? NULL : toSQLTCHAR(catalog).data(),
-- catalog.length(),
-- schema.length() == 0 ? NULL : toSQLTCHAR(schema).data(),
-- schema.length(),
-- toSQLTCHAR(table).data(),
-- table.length(),
-- NULL,
-- 0);
-+ {
-+ auto c = toSQLTCHAR(catalog);
-+ auto s = toSQLTCHAR(schema);
-+ auto t = toSQLTCHAR(table);
-+ r = SQLColumns(hStmt,
-+ catalog.isEmpty() ? nullptr : c.data(), c.size(),
-+ schema.isEmpty() ? nullptr : s.data(), s.size(),
-+ t.data(), t.size(),
-+ nullptr,
-+ 0);
-+ }
- if (r != SQL_SUCCESS)
- qSqlWarning("QODBCDriver::record: Unable to execute column list"_L1, d);
diff --git a/debian/qt6-base.lintian-overrides b/debian/qt6-base.lintian-overrides
index c840440..d92cd58 100644
--- a/debian/qt6-base.lintian-overrides
+++ b/debian/qt6-base.lintian-overrides
@@ -1,3 +1,6 @@
+qt6-base: no-manual-page usr/bin/aarch64-linux-gnu-qmake6
+qt6-base: no-manual-page usr/bin/qmake6
+qt6-base: no-manual-page usr/bin/qtpaths6
qt6-base: package-name-doesnt-match-sonames libQt6Concurrent6 libQt6Core6 libQt6DBus6 libQt6EglFSDeviceIntegration6 libQt6EglFsKmsGbmSupport6 libQt6EglFsKmsSupport6 libQt6Gui6 libQt6Network6 libQt6OpenGL6 libQt6OpenGLWidgets6 libQt6PrintSupport6 libQt6Sql6 libQt6Test6 libQt6Widgets6 libQt6XcbQpa6 libQt6Xml6
qt6-base: ships-undeclared-shared-library libQt6EglFSDeviceIntegration 6 for usr/lib/*libQt6EglFSDeviceIntegration.so.6.6.0
qt6-base: ships-undeclared-shared-library libQt6EglFsKmsGbmSupport 6 for usr/lib/*libQt6EglFsKmsGbmSupport.so.6.6.0
More information about the Neon-commits
mailing list