[neon/qt6/qt6-base/Neon/release] debian/patches: patches in branch
Jonathan Esk-Riddell
null at kde.org
Wed Oct 4 14:53:18 BST 2023
Git commit 2ff13a1345b50f40448f1cc02dc1b0738b2bdeed by Jonathan Esk-Riddell.
Committed on 04/10/2023 at 15:53.
Pushed by jriddell into branch 'Neon/release'.
patches in branch
D +0 -120 debian/patches/CVE-2023-43114-6.5.patch
D +0 -431 debian/patches/CVE-2023-4863-6.5.patch
M +0 -2 debian/patches/series
https://invent.kde.org/neon/qt6/qt6-base/-/commit/2ff13a1345b50f40448f1cc02dc1b0738b2bdeed
diff --git a/debian/patches/CVE-2023-43114-6.5.patch b/debian/patches/CVE-2023-43114-6.5.patch
deleted file mode 100644
index 3b3c925..0000000
--- a/debian/patches/CVE-2023-43114-6.5.patch
+++ /dev/null
@@ -1,120 +0,0 @@
-diff --git a/src/gui/text/windows/qwindowsfontdatabase.cpp b/src/gui/text/windows/qwindowsfontdatabase.cpp
-index 44cc7fe63e..e44d85a3cb 100644
---- a/src/gui/text/windows/qwindowsfontdatabase.cpp
-+++ b/src/gui/text/windows/qwindowsfontdatabase.cpp
-@@ -873,36 +873,70 @@ QT_WARNING_POP
- return fontEngine;
- }
-
--static QList<quint32> getTrueTypeFontOffsets(const uchar *fontData)
-+static QList<quint32> getTrueTypeFontOffsets(const uchar *fontData, const uchar *fileEndSentinel)
- {
- QList<quint32> offsets;
-- const quint32 headerTag = *reinterpret_cast<const quint32 *>(fontData);
-+ if (fileEndSentinel - fontData < 12) {
-+ qCWarning(lcQpaFonts) << "Corrupted font data detected";
-+ return offsets;
-+ }
-+
-+ const quint32 headerTag = qFromUnaligned<quint32>(fontData);
- if (headerTag != MAKE_TAG('t', 't', 'c', 'f')) {
- if (headerTag != MAKE_TAG(0, 1, 0, 0)
- && headerTag != MAKE_TAG('O', 'T', 'T', 'O')
- && headerTag != MAKE_TAG('t', 'r', 'u', 'e')
-- && headerTag != MAKE_TAG('t', 'y', 'p', '1'))
-+ && headerTag != MAKE_TAG('t', 'y', 'p', '1')) {
- return offsets;
-+ }
- offsets << 0;
- return offsets;
- }
-+
-+ const quint32 maximumNumFonts = 0xffff;
- const quint32 numFonts = qFromBigEndian<quint32>(fontData + 8);
-- for (uint i = 0; i < numFonts; ++i) {
-- offsets << qFromBigEndian<quint32>(fontData + 12 + i * 4);
-+ if (numFonts > maximumNumFonts) {
-+ qCWarning(lcQpaFonts) << "Font collection of" << numFonts << "fonts is too large. Aborting.";
-+ return offsets;
-+ }
-+
-+ if (quintptr(fileEndSentinel - fontData) > 12 + (numFonts - 1) * 4) {
-+ for (quint32 i = 0; i < numFonts; ++i)
-+ offsets << qFromBigEndian<quint32>(fontData + 12 + i * 4);
-+ } else {
-+ qCWarning(lcQpaFonts) << "Corrupted font data detected";
- }
-+
- return offsets;
- }
-
--static void getFontTable(const uchar *fileBegin, const uchar *data, quint32 tag, const uchar **table, quint32 *length)
-+static void getFontTable(const uchar *fileBegin, const uchar *fileEndSentinel, const uchar *data, quint32 tag, const uchar **table, quint32 *length)
- {
-- const quint16 numTables = qFromBigEndian<quint16>(data + 4);
-- for (uint i = 0; i < numTables; ++i) {
-- const quint32 offset = 12 + 16 * i;
-- if (*reinterpret_cast<const quint32 *>(data + offset) == tag) {
-- *table = fileBegin + qFromBigEndian<quint32>(data + offset + 8);
-- *length = qFromBigEndian<quint32>(data + offset + 12);
-- return;
-+ if (fileEndSentinel - data >= 6) {
-+ const quint16 numTables = qFromBigEndian<quint16>(data + 4);
-+ if (fileEndSentinel - data >= 28 + 16 * (numTables - 1)) {
-+ for (quint32 i = 0; i < numTables; ++i) {
-+ const quint32 offset = 12 + 16 * i;
-+ if (qFromUnaligned<quint32>(data + offset) == tag) {
-+ const quint32 tableOffset = qFromBigEndian<quint32>(data + offset + 8);
-+ if (quintptr(fileEndSentinel - fileBegin) <= tableOffset) {
-+ qCWarning(lcQpaFonts) << "Corrupted font data detected";
-+ break;
-+ }
-+ *table = fileBegin + tableOffset;
-+ *length = qFromBigEndian<quint32>(data + offset + 12);
-+ if (quintptr(fileEndSentinel - *table) < *length) {
-+ qCWarning(lcQpaFonts) << "Corrupted font data detected";
-+ break;
-+ }
-+ return;
-+ }
-+ }
-+ } else {
-+ qCWarning(lcQpaFonts) << "Corrupted font data detected";
- }
-+ } else {
-+ qCWarning(lcQpaFonts) << "Corrupted font data detected";
- }
- *table = 0;
- *length = 0;
-@@ -915,8 +949,9 @@ static void getFamiliesAndSignatures(const QByteArray &fontData,
- QList<QFontValues> *values)
- {
- const uchar *data = reinterpret_cast<const uchar *>(fontData.constData());
-+ const uchar *dataEndSentinel = data + fontData.size();
-
-- QList<quint32> offsets = getTrueTypeFontOffsets(data);
-+ QList<quint32> offsets = getTrueTypeFontOffsets(data, dataEndSentinel);
- if (offsets.isEmpty())
- return;
-
-@@ -924,7 +959,7 @@ static void getFamiliesAndSignatures(const QByteArray &fontData,
- const uchar *font = data + offsets.at(i);
- const uchar *table;
- quint32 length;
-- getFontTable(data, font, MAKE_TAG('n', 'a', 'm', 'e'), &table, &length);
-+ getFontTable(data, dataEndSentinel, font, MAKE_TAG('n', 'a', 'm', 'e'), &table, &length);
- if (!table)
- continue;
- QFontNames names = qt_getCanonicalFontNames(table, length);
-@@ -934,7 +969,7 @@ static void getFamiliesAndSignatures(const QByteArray &fontData,
- families->append(std::move(names));
-
- if (values || signatures)
-- getFontTable(data, font, MAKE_TAG('O', 'S', '/', '2'), &table, &length);
-+ getFontTable(data, dataEndSentinel, font, MAKE_TAG('O', 'S', '/', '2'), &table, &length);
-
- if (values) {
- QFontValues fontValues;
---
-2.27.0.windows.1
-
diff --git a/debian/patches/CVE-2023-4863-6.5.patch b/debian/patches/CVE-2023-4863-6.5.patch
deleted file mode 100644
index 04686e4..0000000
--- a/debian/patches/CVE-2023-4863-6.5.patch
+++ /dev/null
@@ -1,431 +0,0 @@
-diff --git a/src/3rdparty/libwebp/ChangeLog b/src/3rdparty/libwebp/ChangeLog
-index 5e85875..33ec486 100644
---- a/src/3rdparty/libwebp/ChangeLog
-+++ b/src/3rdparty/libwebp/ChangeLog
-@@ -1,3 +1,7 @@
-+1ace578c update NEWS
-+63234c42 bump version to 1.3.2
-+2af26267 Fix OOB write in BuildHuffmanTable.
-+fd7bb21c update ChangeLog (tag: v1.3.1-rc2, tag: v1.3.1)
- e1adea50 update NEWS
- 43393320 enc/*: normalize WebPEncodingSetError() calls
- 287fdefe enc/*: add missing WebPEncodingSetError() calls
-diff --git a/src/3rdparty/libwebp/NEWS b/src/3rdparty/libwebp/NEWS
-index 2111d33..47f8451 100644
---- a/src/3rdparty/libwebp/NEWS
-+++ b/src/3rdparty/libwebp/NEWS
-@@ -1,3 +1,7 @@
-+- 9/13/2023: version 1.3.2
-+ This is a binary compatible release.
-+ * security fix for lossless decoder (chromium: #1479274, CVE-2023-4863)
-+
- - 6/23/2023: version 1.3.1
- This is a binary compatible release.
- * security fixes for lossless encoder (#603, chromium: #1420107, #1455619,
-diff --git a/src/3rdparty/libwebp/qt_attribution.json b/src/3rdparty/libwebp/qt_attribution.json
-index 7cb936f..8dca2ab 100644
---- a/src/3rdparty/libwebp/qt_attribution.json
-+++ b/src/3rdparty/libwebp/qt_attribution.json
-@@ -7,8 +7,8 @@
-
- "Description": "WebP is a new image format that provides lossless and lossy compression for images on the web.",
- "Homepage": "https://developers.google.com/speed/webp/",
-- "Version": "1.3.1",
-- "DownloadLocation": "https://storage.googleapis.com/downloads.webmproject.org/releases/webp/libwebp-1.3.1.tar.gz",
-+ "Version": "1.3.2",
-+ "DownloadLocation": "https://storage.googleapis.com/downloads.webmproject.org/releases/webp/libwebp-1.3.2.tar.gz",
-
- "License": "BSD 3-clause \"New\" or \"Revised\" License",
- "LicenseId": "BSD-3-Clause",
-diff --git a/src/3rdparty/libwebp/src/dec/vp8i_dec.h b/src/3rdparty/libwebp/src/dec/vp8i_dec.h
-index 1ae4ff6..7929fd7 100644
---- a/src/3rdparty/libwebp/src/dec/vp8i_dec.h
-+++ b/src/3rdparty/libwebp/src/dec/vp8i_dec.h
-@@ -32,7 +32,7 @@ extern "C" {
- // version numbers
- #define DEC_MAJ_VERSION 1
- #define DEC_MIN_VERSION 3
--#define DEC_REV_VERSION 1
-+#define DEC_REV_VERSION 2
-
- // YUV-cache parameters. Cache is 32-bytes wide (= one cacheline).
- // Constraints are: We need to store one 16x16 block of luma samples (y),
-diff --git a/src/3rdparty/libwebp/src/dec/vp8l_dec.c b/src/3rdparty/libwebp/src/dec/vp8l_dec.c
-index c0ea018..7995313 100644
---- a/src/3rdparty/libwebp/src/dec/vp8l_dec.c
-+++ b/src/3rdparty/libwebp/src/dec/vp8l_dec.c
-@@ -253,11 +253,11 @@ static int ReadHuffmanCodeLengths(
- int symbol;
- int max_symbol;
- int prev_code_len = DEFAULT_CODE_LENGTH;
-- HuffmanCode table[1 << LENGTHS_TABLE_BITS];
-+ HuffmanTables tables;
-
-- if (!VP8LBuildHuffmanTable(table, LENGTHS_TABLE_BITS,
-- code_length_code_lengths,
-- NUM_CODE_LENGTH_CODES)) {
-+ if (!VP8LHuffmanTablesAllocate(1 << LENGTHS_TABLE_BITS, &tables) ||
-+ !VP8LBuildHuffmanTable(&tables, LENGTHS_TABLE_BITS,
-+ code_length_code_lengths, NUM_CODE_LENGTH_CODES)) {
- goto End;
- }
-
-@@ -277,7 +277,7 @@ static int ReadHuffmanCodeLengths(
- int code_len;
- if (max_symbol-- == 0) break;
- VP8LFillBitWindow(br);
-- p = &table[VP8LPrefetchBits(br) & LENGTHS_TABLE_MASK];
-+ p = &tables.curr_segment->start[VP8LPrefetchBits(br) & LENGTHS_TABLE_MASK];
- VP8LSetBitPos(br, br->bit_pos_ + p->bits);
- code_len = p->value;
- if (code_len < kCodeLengthLiterals) {
-@@ -300,6 +300,7 @@ static int ReadHuffmanCodeLengths(
- ok = 1;
-
- End:
-+ VP8LHuffmanTablesDeallocate(&tables);
- if (!ok) dec->status_ = VP8_STATUS_BITSTREAM_ERROR;
- return ok;
- }
-@@ -307,7 +308,8 @@ static int ReadHuffmanCodeLengths(
- // 'code_lengths' is pre-allocated temporary buffer, used for creating Huffman
- // tree.
- static int ReadHuffmanCode(int alphabet_size, VP8LDecoder* const dec,
-- int* const code_lengths, HuffmanCode* const table) {
-+ int* const code_lengths,
-+ HuffmanTables* const table) {
- int ok = 0;
- int size = 0;
- VP8LBitReader* const br = &dec->br_;
-@@ -362,8 +364,7 @@ static int ReadHuffmanCodes(VP8LDecoder* const dec, int xsize, int ysize,
- VP8LMetadata* const hdr = &dec->hdr_;
- uint32_t* huffman_image = NULL;
- HTreeGroup* htree_groups = NULL;
-- HuffmanCode* huffman_tables = NULL;
-- HuffmanCode* huffman_table = NULL;
-+ HuffmanTables* huffman_tables = &hdr->huffman_tables_;
- int num_htree_groups = 1;
- int num_htree_groups_max = 1;
- int max_alphabet_size = 0;
-@@ -372,6 +373,10 @@ static int ReadHuffmanCodes(VP8LDecoder* const dec, int xsize, int ysize,
- int* mapping = NULL;
- int ok = 0;
-
-+ // Check the table has been 0 initialized (through InitMetadata).
-+ assert(huffman_tables->root.start == NULL);
-+ assert(huffman_tables->curr_segment == NULL);
-+
- if (allow_recursion && VP8LReadBits(br, 1)) {
- // use meta Huffman codes.
- const int huffman_precision = VP8LReadBits(br, 3) + 2;
-@@ -434,16 +439,15 @@ static int ReadHuffmanCodes(VP8LDecoder* const dec, int xsize, int ysize,
-
- code_lengths = (int*)WebPSafeCalloc((uint64_t)max_alphabet_size,
- sizeof(*code_lengths));
-- huffman_tables = (HuffmanCode*)WebPSafeMalloc(num_htree_groups * table_size,
-- sizeof(*huffman_tables));
- htree_groups = VP8LHtreeGroupsNew(num_htree_groups);
-
-- if (htree_groups == NULL || code_lengths == NULL || huffman_tables == NULL) {
-+ if (htree_groups == NULL || code_lengths == NULL ||
-+ !VP8LHuffmanTablesAllocate(num_htree_groups * table_size,
-+ huffman_tables)) {
- dec->status_ = VP8_STATUS_OUT_OF_MEMORY;
- goto Error;
- }
-
-- huffman_table = huffman_tables;
- for (i = 0; i < num_htree_groups_max; ++i) {
- // If the index "i" is unused in the Huffman image, just make sure the
- // coefficients are valid but do not store them.
-@@ -468,19 +472,20 @@ static int ReadHuffmanCodes(VP8LDecoder* const dec, int xsize, int ysize,
- int max_bits = 0;
- for (j = 0; j < HUFFMAN_CODES_PER_META_CODE; ++j) {
- int alphabet_size = kAlphabetSize[j];
-- htrees[j] = huffman_table;
- if (j == 0 && color_cache_bits > 0) {
- alphabet_size += (1 << color_cache_bits);
- }
-- size = ReadHuffmanCode(alphabet_size, dec, code_lengths, huffman_table);
-+ size =
-+ ReadHuffmanCode(alphabet_size, dec, code_lengths, huffman_tables);
-+ htrees[j] = huffman_tables->curr_segment->curr_table;
- if (size == 0) {
- goto Error;
- }
- if (is_trivial_literal && kLiteralMap[j] == 1) {
-- is_trivial_literal = (huffman_table->bits == 0);
-+ is_trivial_literal = (htrees[j]->bits == 0);
- }
-- total_size += huffman_table->bits;
-- huffman_table += size;
-+ total_size += htrees[j]->bits;
-+ huffman_tables->curr_segment->curr_table += size;
- if (j <= ALPHA) {
- int local_max_bits = code_lengths[0];
- int k;
-@@ -515,14 +520,13 @@ static int ReadHuffmanCodes(VP8LDecoder* const dec, int xsize, int ysize,
- hdr->huffman_image_ = huffman_image;
- hdr->num_htree_groups_ = num_htree_groups;
- hdr->htree_groups_ = htree_groups;
-- hdr->huffman_tables_ = huffman_tables;
-
- Error:
- WebPSafeFree(code_lengths);
- WebPSafeFree(mapping);
- if (!ok) {
- WebPSafeFree(huffman_image);
-- WebPSafeFree(huffman_tables);
-+ VP8LHuffmanTablesDeallocate(huffman_tables);
- VP8LHtreeGroupsFree(htree_groups);
- }
- return ok;
-@@ -1358,7 +1362,7 @@ static void ClearMetadata(VP8LMetadata* const hdr) {
- assert(hdr != NULL);
-
- WebPSafeFree(hdr->huffman_image_);
-- WebPSafeFree(hdr->huffman_tables_);
-+ VP8LHuffmanTablesDeallocate(&hdr->huffman_tables_);
- VP8LHtreeGroupsFree(hdr->htree_groups_);
- VP8LColorCacheClear(&hdr->color_cache_);
- VP8LColorCacheClear(&hdr->saved_color_cache_);
-@@ -1673,7 +1677,7 @@ int VP8LDecodeImage(VP8LDecoder* const dec) {
-
- if (dec == NULL) return 0;
-
-- assert(dec->hdr_.huffman_tables_ != NULL);
-+ assert(dec->hdr_.huffman_tables_.root.start != NULL);
- assert(dec->hdr_.htree_groups_ != NULL);
- assert(dec->hdr_.num_htree_groups_ > 0);
-
-diff --git a/src/3rdparty/libwebp/src/dec/vp8li_dec.h b/src/3rdparty/libwebp/src/dec/vp8li_dec.h
-index 72b2e86..32540a4 100644
---- a/src/3rdparty/libwebp/src/dec/vp8li_dec.h
-+++ b/src/3rdparty/libwebp/src/dec/vp8li_dec.h
-@@ -51,7 +51,7 @@ typedef struct {
- uint32_t* huffman_image_;
- int num_htree_groups_;
- HTreeGroup* htree_groups_;
-- HuffmanCode* huffman_tables_;
-+ HuffmanTables huffman_tables_;
- } VP8LMetadata;
-
- typedef struct VP8LDecoder VP8LDecoder;
-diff --git a/src/3rdparty/libwebp/src/demux/demux.c b/src/3rdparty/libwebp/src/demux/demux.c
-index fd45a25..4b0d3f5 100644
---- a/src/3rdparty/libwebp/src/demux/demux.c
-+++ b/src/3rdparty/libwebp/src/demux/demux.c
-@@ -25,7 +25,7 @@
-
- #define DMUX_MAJ_VERSION 1
- #define DMUX_MIN_VERSION 3
--#define DMUX_REV_VERSION 1
-+#define DMUX_REV_VERSION 2
-
- typedef struct {
- size_t start_; // start location of the data
-diff --git a/src/3rdparty/libwebp/src/enc/vp8i_enc.h b/src/3rdparty/libwebp/src/enc/vp8i_enc.h
-index 19d9a6e..0864fbf 100644
---- a/src/3rdparty/libwebp/src/enc/vp8i_enc.h
-+++ b/src/3rdparty/libwebp/src/enc/vp8i_enc.h
-@@ -32,7 +32,7 @@ extern "C" {
- // version numbers
- #define ENC_MAJ_VERSION 1
- #define ENC_MIN_VERSION 3
--#define ENC_REV_VERSION 1
-+#define ENC_REV_VERSION 2
-
- enum { MAX_LF_LEVELS = 64, // Maximum loop filter level
- MAX_VARIABLE_LEVEL = 67, // last (inclusive) level with variable cost
-diff --git a/src/3rdparty/libwebp/src/mux/muxi.h b/src/3rdparty/libwebp/src/mux/muxi.h
-index fc44d6f..afc5954 100644
---- a/src/3rdparty/libwebp/src/mux/muxi.h
-+++ b/src/3rdparty/libwebp/src/mux/muxi.h
-@@ -29,7 +29,7 @@ extern "C" {
-
- #define MUX_MAJ_VERSION 1
- #define MUX_MIN_VERSION 3
--#define MUX_REV_VERSION 1
-+#define MUX_REV_VERSION 2
-
- // Chunk object.
- typedef struct WebPChunk WebPChunk;
-diff --git a/src/3rdparty/libwebp/src/utils/huffman_utils.c b/src/3rdparty/libwebp/src/utils/huffman_utils.c
-index 90c2fbf..cf73abd 100644
---- a/src/3rdparty/libwebp/src/utils/huffman_utils.c
-+++ b/src/3rdparty/libwebp/src/utils/huffman_utils.c
-@@ -177,21 +177,24 @@ static int BuildHuffmanTable(HuffmanCode* const root_table, int root_bits,
- if (num_open < 0) {
- return 0;
- }
-- if (root_table == NULL) continue;
- for (; count[len] > 0; --count[len]) {
- HuffmanCode code;
- if ((key & mask) != low) {
-- table += table_size;
-+ if (root_table != NULL) table += table_size;
- table_bits = NextTableBitSize(count, len, root_bits);
- table_size = 1 << table_bits;
- total_size += table_size;
- low = key & mask;
-- root_table[low].bits = (uint8_t)(table_bits + root_bits);
-- root_table[low].value = (uint16_t)((table - root_table) - low);
-+ if (root_table != NULL) {
-+ root_table[low].bits = (uint8_t)(table_bits + root_bits);
-+ root_table[low].value = (uint16_t)((table - root_table) - low);
-+ }
-+ }
-+ if (root_table != NULL) {
-+ code.bits = (uint8_t)(len - root_bits);
-+ code.value = (uint16_t)sorted[symbol++];
-+ ReplicateValue(&table[key >> root_bits], step, table_size, code);
- }
-- code.bits = (uint8_t)(len - root_bits);
-- code.value = (uint16_t)sorted[symbol++];
-- ReplicateValue(&table[key >> root_bits], step, table_size, code);
- key = GetNextKey(key, len);
- }
- }
-@@ -211,25 +214,83 @@ static int BuildHuffmanTable(HuffmanCode* const root_table, int root_bits,
- ((1 << MAX_CACHE_BITS) + NUM_LITERAL_CODES + NUM_LENGTH_CODES)
- // Cut-off value for switching between heap and stack allocation.
- #define SORTED_SIZE_CUTOFF 512
--int VP8LBuildHuffmanTable(HuffmanCode* const root_table, int root_bits,
-+int VP8LBuildHuffmanTable(HuffmanTables* const root_table, int root_bits,
- const int code_lengths[], int code_lengths_size) {
-- int total_size;
-+ const int total_size =
-+ BuildHuffmanTable(NULL, root_bits, code_lengths, code_lengths_size, NULL);
- assert(code_lengths_size <= MAX_CODE_LENGTHS_SIZE);
-- if (root_table == NULL) {
-- total_size = BuildHuffmanTable(NULL, root_bits,
-- code_lengths, code_lengths_size, NULL);
-- } else if (code_lengths_size <= SORTED_SIZE_CUTOFF) {
-+ if (total_size == 0 || root_table == NULL) return total_size;
-+
-+ if (root_table->curr_segment->curr_table + total_size >=
-+ root_table->curr_segment->start + root_table->curr_segment->size) {
-+ // If 'root_table' does not have enough memory, allocate a new segment.
-+ // The available part of root_table->curr_segment is left unused because we
-+ // need a contiguous buffer.
-+ const int segment_size = root_table->curr_segment->size;
-+ struct HuffmanTablesSegment* next =
-+ (HuffmanTablesSegment*)WebPSafeMalloc(1, sizeof(*next));
-+ if (next == NULL) return 0;
-+ // Fill the new segment.
-+ // We need at least 'total_size' but if that value is small, it is better to
-+ // allocate a big chunk to prevent more allocations later. 'segment_size' is
-+ // therefore chosen (any other arbitrary value could be chosen).
-+ next->size = total_size > segment_size ? total_size : segment_size;
-+ next->start =
-+ (HuffmanCode*)WebPSafeMalloc(next->size, sizeof(*next->start));
-+ if (next->start == NULL) {
-+ WebPSafeFree(next);
-+ return 0;
-+ }
-+ next->curr_table = next->start;
-+ next->next = NULL;
-+ // Point to the new segment.
-+ root_table->curr_segment->next = next;
-+ root_table->curr_segment = next;
-+ }
-+ if (code_lengths_size <= SORTED_SIZE_CUTOFF) {
- // use local stack-allocated array.
- uint16_t sorted[SORTED_SIZE_CUTOFF];
-- total_size = BuildHuffmanTable(root_table, root_bits,
-- code_lengths, code_lengths_size, sorted);
-- } else { // rare case. Use heap allocation.
-+ BuildHuffmanTable(root_table->curr_segment->curr_table, root_bits,
-+ code_lengths, code_lengths_size, sorted);
-+ } else { // rare case. Use heap allocation.
- uint16_t* const sorted =
- (uint16_t*)WebPSafeMalloc(code_lengths_size, sizeof(*sorted));
- if (sorted == NULL) return 0;
-- total_size = BuildHuffmanTable(root_table, root_bits,
-- code_lengths, code_lengths_size, sorted);
-+ BuildHuffmanTable(root_table->curr_segment->curr_table, root_bits,
-+ code_lengths, code_lengths_size, sorted);
- WebPSafeFree(sorted);
- }
- return total_size;
- }
-+
-+int VP8LHuffmanTablesAllocate(int size, HuffmanTables* huffman_tables) {
-+ // Have 'segment' point to the first segment for now, 'root'.
-+ HuffmanTablesSegment* const root = &huffman_tables->root;
-+ huffman_tables->curr_segment = root;
-+ // Allocate root.
-+ root->start = (HuffmanCode*)WebPSafeMalloc(size, sizeof(*root->start));
-+ if (root->start == NULL) return 0;
-+ root->curr_table = root->start;
-+ root->next = NULL;
-+ root->size = size;
-+ return 1;
-+}
-+
-+void VP8LHuffmanTablesDeallocate(HuffmanTables* const huffman_tables) {
-+ HuffmanTablesSegment *current, *next;
-+ if (huffman_tables == NULL) return;
-+ // Free the root node.
-+ current = &huffman_tables->root;
-+ next = current->next;
-+ WebPSafeFree(current->start);
-+ current->start = NULL;
-+ current->next = NULL;
-+ current = next;
-+ // Free the following nodes.
-+ while (current != NULL) {
-+ next = current->next;
-+ WebPSafeFree(current->start);
-+ WebPSafeFree(current);
-+ current = next;
-+ }
-+}
-diff --git a/src/3rdparty/libwebp/src/utils/huffman_utils.h b/src/3rdparty/libwebp/src/utils/huffman_utils.h
-index 13b7ad1..98415c5 100644
---- a/src/3rdparty/libwebp/src/utils/huffman_utils.h
-+++ b/src/3rdparty/libwebp/src/utils/huffman_utils.h
-@@ -43,6 +43,29 @@ typedef struct {
- // or non-literal symbol otherwise
- } HuffmanCode32;
-
-+// Contiguous memory segment of HuffmanCodes.
-+typedef struct HuffmanTablesSegment {
-+ HuffmanCode* start;
-+ // Pointer to where we are writing into the segment. Starts at 'start' and
-+ // cannot go beyond 'start' + 'size'.
-+ HuffmanCode* curr_table;
-+ // Pointer to the next segment in the chain.
-+ struct HuffmanTablesSegment* next;
-+ int size;
-+} HuffmanTablesSegment;
-+
-+// Chained memory segments of HuffmanCodes.
-+typedef struct HuffmanTables {
-+ HuffmanTablesSegment root;
-+ // Currently processed segment. At first, this is 'root'.
-+ HuffmanTablesSegment* curr_segment;
-+} HuffmanTables;
-+
-+// Allocates a HuffmanTables with 'size' contiguous HuffmanCodes. Returns 0 on
-+// memory allocation error, 1 otherwise.
-+int VP8LHuffmanTablesAllocate(int size, HuffmanTables* huffman_tables);
-+void VP8LHuffmanTablesDeallocate(HuffmanTables* const huffman_tables);
-+
- #define HUFFMAN_PACKED_BITS 6
- #define HUFFMAN_PACKED_TABLE_SIZE (1u << HUFFMAN_PACKED_BITS)
-
-@@ -78,9 +101,7 @@ void VP8LHtreeGroupsFree(HTreeGroup* const htree_groups);
- // the huffman table.
- // Returns built table size or 0 in case of error (invalid tree or
- // memory error).
--// If root_table is NULL, it returns 0 if a lookup cannot be built, something
--// > 0 otherwise (but not the table size).
--int VP8LBuildHuffmanTable(HuffmanCode* const root_table, int root_bits,
-+int VP8LBuildHuffmanTable(HuffmanTables* const root_table, int root_bits,
- const int code_lengths[], int code_lengths_size);
-
- #ifdef __cplusplus
---
-2.27.0.windows.1
-
diff --git a/debian/patches/series b/debian/patches/series
index 6bc4dcc..d598193 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -4,5 +4,3 @@ build_path_embedded_qtbuildinternalsextra_cmake.patch
# Don't use yield on CPUs that might not support it
armel-noyield.patch
-CVE-2023-4863-6.5.patch
-CVE-2023-43114-6.5.patch
More information about the Neon-commits
mailing list