[neon/qt/qtsvg/Neon/unstable] debian: Backport upstream commit to initialize QSvgFont::m_unitsPerEm.

Dmitry Shachnev null at kde.org
Tue Jul 23 15:14:26 BST 2024 

Git commit 404b56615d2542c70c99deeb330729fd8b05c316 by Dmitry Shachnev.
Committed on 21/05/2023 at 16:01.
Pushed by jriddell into branch 'Neon/unstable'.

Backport upstream commit to initialize QSvgFont::m_unitsPerEm.

CVE-2023-32573.

M  +3    -0    debian/changelog
A  +36   -0    debian/patches/CVE-2023-32573.diff
M  +1    -0    debian/patches/series

https://invent.kde.org/neon/qt/qtsvg/-/commit/404b56615d2542c70c99deeb330729fd8b05c316

diff --git a/debian/changelog b/debian/changelog
index 0e70f89..8dafd8d 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,5 +1,8 @@
 qtsvg-opensource-src (5.15.8-3) UNRELEASED; urgency=medium
 
+  [ Dmitry Shachnev ]
+  * Backport upstream commit to initialize QSvgFont::m_unitsPerEm
+    (CVE-2023-32573).
 
  -- Debian Qt/KDE Maintainers <debian-qt-kde at lists.debian.org>  Sun, 21 May 2023 18:44:13 +0300
 
diff --git a/debian/patches/CVE-2023-32573.diff b/debian/patches/CVE-2023-32573.diff
new file mode 100644
index 0000000..d404804
--- /dev/null
+++ b/debian/patches/CVE-2023-32573.diff
@@ -0,0 +1,36 @@
+Description: QSvgFont: initialize used member, remove unused
+Origin: upstream, https://download.qt.io/official_releases/qt/5.15/CVE-2023-32573-qtsvg-5.15.diff
+Last-Update: 2023-05-21
+
+--- a/src/svg/qsvgfont_p.h
++++ b/src/svg/qsvgfont_p.h
+@@ -74,6 +74,7 @@ public:
+ class Q_SVG_PRIVATE_EXPORT QSvgFont : public QSvgRefCounted
+ {
+ public:
++    static constexpr qreal DEFAULT_UNITS_PER_EM = 1000;
+     QSvgFont(qreal horizAdvX);
+ 
+     void setFamilyName(const QString &name);
+@@ -86,9 +87,7 @@ public:
+     void draw(QPainter *p, const QPointF &point, const QString &str, qreal pixelSize, Qt::Alignment alignment) const;
+ public:
+     QString m_familyName;
+-    qreal m_unitsPerEm;
+-    qreal m_ascent;
+-    qreal m_descent;
++    qreal m_unitsPerEm = DEFAULT_UNITS_PER_EM;
+     qreal m_horizAdvX;
+     QHash<QChar, QSvgGlyph> m_glyphs;
+ };
+--- a/src/svg/qsvghandler.cpp
++++ b/src/svg/qsvghandler.cpp
+@@ -2666,7 +2666,7 @@ static bool parseFontFaceNode(QSvgStyleP
+ 
+     qreal unitsPerEm = toDouble(unitsPerEmStr);
+     if (!unitsPerEm)
+-        unitsPerEm = 1000;
++        unitsPerEm = QSvgFont::DEFAULT_UNITS_PER_EM;
+ 
+     if (!name.isEmpty())
+         font->setFamilyName(name);
diff --git a/debian/patches/series b/debian/patches/series
index a818b33..bd70297 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -1 +1,2 @@
 reject_oversize_svgs.diff
+CVE-2023-32573.diff

More information about the Neon-commits mailing list