packages/qt5-qtbase
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

转换LFS仓库为普通仓库

Browse Source
This commit is contained in:
Jiayi Yin 2025-05-18 18:04:03 +00:00
commit a50b3e3312
42 changed files with 3858 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

233
0001-modify-kwin_5.18-complier-error.patch Normal file
View File

@ -0,0 +1,233 @@
From bc16340b2eee8b7f7c7a8fd4cf7ba0c288bfc6bc Mon Sep 17 00:00:00 2001
From: pei-jiankang <peijiankang@kylinos.cn>
Date: Wed, 10 Nov 2021 22:09:24 +0800
Subject: [PATCH] modify-kwin_5.18-complier-error
---
examples/corelib/serialization/cbordump/main.cpp | 8 ++++----
.../src_corelib_serialization_qcborstream.cpp | 2 +-
src/corelib/serialization/qcborcommon.h | 4 ++--
src/corelib/serialization/qcborstreamreader.h | 6 +++---
src/corelib/serialization/qcborstreamwriter.h | 2 +-
src/corelib/serialization/qcborvalue.cpp | 4 ++--
src/corelib/serialization/qcborvalue.h | 4 ++--
.../corelib/kernel/qmetatype/tst_qmetatype.h | 2 +-
.../qcborstreamreader/tst_qcborstreamreader.cpp | 8 ++++----
.../serialization/qcborvalue/tst_qcborvalue.cpp | 16 ++++++++--------
10 files changed, 28 insertions(+), 28 deletions(-)
diff --git a/examples/corelib/serialization/cbordump/main.cpp b/examples/corelib/serialization/cbordump/main.cpp
index 222bd436..b43650eb 100644
--- a/examples/corelib/serialization/cbordump/main.cpp
+++ b/examples/corelib/serialization/cbordump/main.cpp
@@ -385,10 +385,10 @@ void CborDumper::dumpOne(int nestingLevel)
case QCborStreamReader::SimpleType:
switch (reader.toSimpleType()) {
- case QCborSimpleType::False:
+ case QCborSimpleType::False_QCb:
printf("false");
break;
- case QCborSimpleType::True:
+ case QCborSimpleType::True_QCb:
printf("true");
break;
case QCborSimpleType::Null:
@@ -620,10 +620,10 @@ void CborDumper::dumpOneDetailed(int nestingLevel)
QCborSimpleType st = reader.toSimpleType();
reader.next();
switch (st) {
- case QCborSimpleType::False:
+ case QCborSimpleType::False_QCb:
print("Simple Type", "false");
break;
- case QCborSimpleType::True:
+ case QCborSimpleType::True_QCb:
print("Simple Type", "true");
break;
case QCborSimpleType::Null:
diff --git a/src/corelib/doc/snippets/code/src_corelib_serialization_qcborstream.cpp b/src/corelib/doc/snippets/code/src_corelib_serialization_qcborstream.cpp
index 6ddb5a93..993a0a03 100644
--- a/src/corelib/doc/snippets/code/src_corelib_serialization_qcborstream.cpp
+++ b/src/corelib/doc/snippets/code/src_corelib_serialization_qcborstream.cpp
@@ -192,7 +192,7 @@
//! [15]
//! [16]
- writer.append(b ? QCborSimpleType::True : QCborSimpleType::False);
+ writer.append(b ? QCborSimpleType::True_QCb : QCborSimpleType::False_QCb);
//! [16]
//! [17]
diff --git a/src/corelib/serialization/qcborcommon.h b/src/corelib/serialization/qcborcommon.h
index bec46399..1d80e076 100644
--- a/src/corelib/serialization/qcborcommon.h
+++ b/src/corelib/serialization/qcborcommon.h
@@ -58,8 +58,8 @@
QT_BEGIN_NAMESPACE
enum class QCborSimpleType : quint8 {
- False = 20,
- True = 21,
+ False_QCb = 20,
+ True_QCb = 21,
Null = 22,
Undefined = 23
};
diff --git a/src/corelib/serialization/qcborstreamreader.h b/src/corelib/serialization/qcborstreamreader.h
index 6d5feccf..1fd22b79 100644
--- a/src/corelib/serialization/qcborstreamreader.h
+++ b/src/corelib/serialization/qcborstreamreader.h
@@ -140,8 +140,8 @@ public:
bool isInvalid() const { return type() == Invalid; }
bool isSimpleType(QCborSimpleType st) const { return isSimpleType() && toSimpleType() == st; }
- bool isFalse() const { return isSimpleType(QCborSimpleType::False); }
- bool isTrue() const { return isSimpleType(QCborSimpleType::True); }
+ bool isFalse() const { return isSimpleType(QCborSimpleType::False_QCb); }
+ bool isTrue() const { return isSimpleType(QCborSimpleType::True_QCb); }
bool isBool() const { return isFalse() || isTrue(); }
bool isNull() const { return isSimpleType(QCborSimpleType::Null); }
bool isUndefined() const { return isSimpleType(QCborSimpleType::Undefined); }
@@ -158,7 +158,7 @@ public:
qsizetype currentStringChunkSize() const{ Q_ASSERT(isString() || isByteArray()); return _currentStringChunkSize(); }
StringResult<qsizetype> readStringChunk(char *ptr, qsizetype maxlen);
- bool toBool() const { Q_ASSERT(isBool()); return value64 - int(QCborSimpleType::False); }
+ bool toBool() const { Q_ASSERT(isBool()); return value64 - int(QCborSimpleType::False_QCb); }
QCborTag toTag() const { Q_ASSERT(isTag()); return QCborTag(value64); }
quint64 toUnsignedInteger() const { Q_ASSERT(isUnsignedInteger()); return value64; }
QCborNegativeInteger toNegativeInteger() const { Q_ASSERT(isNegativeInteger()); return QCborNegativeInteger(value64 + 1); }
diff --git a/src/corelib/serialization/qcborstreamwriter.h b/src/corelib/serialization/qcborstreamwriter.h
index f8c94ceb..befea659 100644
--- a/src/corelib/serialization/qcborstreamwriter.h
+++ b/src/corelib/serialization/qcborstreamwriter.h
@@ -93,7 +93,7 @@ public:
void appendTextString(const char *utf8, qsizetype len);
// convenience
- void append(bool b) { append(b ? QCborSimpleType::True : QCborSimpleType::False); }
+ void append(bool b) { append(b ? QCborSimpleType::True_QCb : QCborSimpleType::False_QCb); }
void appendNull() { append(QCborSimpleType::Null); }
void appendUndefined() { append(QCborSimpleType::Undefined); }
diff --git a/src/corelib/serialization/qcborvalue.cpp b/src/corelib/serialization/qcborvalue.cpp
index 89a928d3..465b8d20 100644
--- a/src/corelib/serialization/qcborvalue.cpp
+++ b/src/corelib/serialization/qcborvalue.cpp
@@ -3060,9 +3060,9 @@ QDebug operator<<(QDebug dbg, const QCborValue &v)
Q_CORE_EXPORT const char *qt_cbor_simpletype_id(QCborSimpleType st)
{
switch (st) {
- case QCborSimpleType::False:
+ case QCborSimpleType::False_QCb:
return "False";
- case QCborSimpleType::True:
+ case QCborSimpleType::True_QCb:
return "True";
case QCborSimpleType::Null:
return "Null";
diff --git a/src/corelib/serialization/qcborvalue.h b/src/corelib/serialization/qcborvalue.h
index aa51e5da..b96d500d 100644
--- a/src/corelib/serialization/qcborvalue.h
+++ b/src/corelib/serialization/qcborvalue.h
@@ -117,8 +117,8 @@ public:
// range 0x100 - 0x1ff for Simple Types
SimpleType = 0x100,
- False = SimpleType + int(QCborSimpleType::False),
- True = SimpleType + int(QCborSimpleType::True),
+ False = SimpleType + int(QCborSimpleType::False_QCb),
+ True = SimpleType + int(QCborSimpleType::True_QCb),
Null = SimpleType + int(QCborSimpleType::Null),
Undefined = SimpleType + int(QCborSimpleType::Undefined),
diff --git a/tests/auto/corelib/kernel/qmetatype/tst_qmetatype.h b/tests/auto/corelib/kernel/qmetatype/tst_qmetatype.h
index 22bcb69a..4d5bdc1a 100644
--- a/tests/auto/corelib/kernel/qmetatype/tst_qmetatype.h
+++ b/tests/auto/corelib/kernel/qmetatype/tst_qmetatype.h
@@ -275,7 +275,7 @@ template<> struct TestValueFactory<QMetaType::QJsonDocument> {
};
template<> struct TestValueFactory<QMetaType::QCborSimpleType> {
- static QCborSimpleType *create() { return new QCborSimpleType(QCborSimpleType::True); }
+ static QCborSimpleType *create() { return new QCborSimpleType(QCborSimpleType::True_QCb); }
};
template<> struct TestValueFactory<QMetaType::QCborValue> {
static QCborValue *create() { return new QCborValue(123.); }
diff --git a/tests/auto/corelib/serialization/qcborstreamreader/tst_qcborstreamreader.cpp b/tests/auto/corelib/serialization/qcborstreamreader/tst_qcborstreamreader.cpp
index f969bb90..a4d75422 100644
--- a/tests/auto/corelib/serialization/qcborstreamreader/tst_qcborstreamreader.cpp
+++ b/tests/auto/corelib/serialization/qcborstreamreader/tst_qcborstreamreader.cpp
@@ -454,10 +454,10 @@ static QString parseOne(QCborStreamReader &reader)
}
case QCborStreamReader::SimpleType:
switch (reader.toSimpleType()) {
- case QCborSimpleType::False:
+ case QCborSimpleType::False_QCb:
result = QStringLiteral("false");
break;
- case QCborSimpleType::True:
+ case QCborSimpleType::True_QCb:
result = QStringLiteral("true");
break;
case QCborSimpleType::Null:
@@ -577,10 +577,10 @@ bool parseNonRecursive(QString &result, bool &printingStringChunks, QCborStreamR
continue; // skip the comma
case QCborStreamReader::SimpleType:
switch (reader.toSimpleType()) {
- case QCborSimpleType::False:
+ case QCborSimpleType::False_QCb:
result += QStringLiteral("false");
break;
- case QCborSimpleType::True:
+ case QCborSimpleType::True_QCb:
result += QStringLiteral("true");
break;
case QCborSimpleType::Null:
diff --git a/tests/auto/corelib/serialization/qcborvalue/tst_qcborvalue.cpp b/tests/auto/corelib/serialization/qcborvalue/tst_qcborvalue.cpp
index 0a780d3e..cf3f9df3 100644
--- a/tests/auto/corelib/serialization/qcborvalue/tst_qcborvalue.cpp
+++ b/tests/auto/corelib/serialization/qcborvalue/tst_qcborvalue.cpp
@@ -240,12 +240,12 @@ void tst_QCborValue::basics_data()
add(QCborValue::Null, QCborValue::Null, st(QCborSimpleType::Null));
QTest::newRow("nullptr") << QCborValue::Null << QCborValue(nullptr)
<< st(QCborSimpleType::Null);
- add(QCborValue::False, false, st(QCborSimpleType::False));
+ add(QCborValue::False, false, st(QCborSimpleType::False_QCb));
QTest::newRow("false") << QCborValue::False << QCborValue(QCborValue::False)
- << st(QCborSimpleType::False);
- add(QCborValue::True, true, st(QCborSimpleType::True));
+ << st(QCborSimpleType::False_QCb);
+ add(QCborValue::True, true, st(QCborSimpleType::True_QCb));
QTest::newRow("true") << QCborValue::True << QCborValue(QCborValue::True)
- << st(QCborSimpleType::True);
+ << st(QCborSimpleType::True_QCb);
QTest::newRow("simpletype") << QCborValue::Type(QCborValue::SimpleType + 255)
<< QCborValue(QCborSimpleType(255))
<< st(QCborSimpleType(255));
@@ -297,8 +297,8 @@ static void basicTypeCheck(QCborValue::Type type, const QCborValue &v, const QVa
QCOMPARE(v.isInvalid(), type == QCborValue::Invalid);
QCOMPARE(v.isContainer(), type == QCborValue::Array || type == QCborValue::Map);
QCOMPARE(v.isSimpleType(), isSimpleType);
- QCOMPARE(v.isSimpleType(QCborSimpleType::False), st == QCborSimpleType::False);
- QCOMPARE(v.isSimpleType(QCborSimpleType::True), st == QCborSimpleType::True);
+ QCOMPARE(v.isSimpleType(QCborSimpleType::False_QCb), st == QCborSimpleType::False_QCb);
+ QCOMPARE(v.isSimpleType(QCborSimpleType::True_QCb), st == QCborSimpleType::True_QCb);
QCOMPARE(v.isSimpleType(QCborSimpleType::Null), st == QCborSimpleType::Null);
QCOMPARE(v.isSimpleType(QCborSimpleType::Undefined), st == QCborSimpleType::Undefined);
QCOMPARE(v.isSimpleType(QCborSimpleType(255)), st == QCborSimpleType(255));
@@ -310,8 +310,8 @@ static void basicTypeCheck(QCborValue::Type type, const QCborValue &v, const QVa
QCOMPARE(v.toInteger(), qint64(expectedValue.toDouble()));
QCOMPARE(v.toDouble(), expectedValue.toDouble());
}
- QCOMPARE(v.toBool(true), st != QCborSimpleType::False);
- QCOMPARE(v.toBool(), st == QCborSimpleType::True);
+ QCOMPARE(v.toBool(true), st != QCborSimpleType::False_QCb);
+ QCOMPARE(v.toBool(), st == QCborSimpleType::True_QCb);
if (st == QCborSimpleType::Undefined)
QCOMPARE(v.toSimpleType(QCborSimpleType::Null), QCborSimpleType::Undefined);
else if (isSimpleType)
--
2.27.0

14
10-qt5-check-opengl2.sh Normal file
View File

@ -0,0 +1,14 @@
#!/bin/bash
if [ -z "$QT_XCB_FORCE_SOFTWARE_OPENGL" ]; then
QT5_CHECK_OPENGL_VERSION=`LANG=C glxinfo 2> /dev/null | grep '^OpenGL version string: ' | head -n 1 | sed -e 's/^OpenGL version string: \([0-9]\).*$/\1/g'` ||:
if [ "$QT5_CHECK_OPENGL_VERSION" == "1" ]; then
QT_XCB_FORCE_SOFTWARE_OPENGL=1
export QT_XCB_FORCE_SOFTWARE_OPENGL
fi
unset QT5_CHECK_OPENGL_VERSION
fi

13
1000-add-loongarch64-support-for-syscall_fork.patch Normal file
View File

@ -0,0 +1,13 @@
diff --git a/src/3rdparty/forkfd/forkfd_linux.c b/src/3rdparty/forkfd/forkfd_linux.c
index ffe0e9a5..1ec9fea4 100644
--- a/src/3rdparty/forkfd/forkfd_linux.c
+++ b/src/3rdparty/forkfd/forkfd_linux.c
@@ -82,7 +82,7 @@ static int sys_clone(unsigned long cloneflags, int *ptid)
return syscall(__NR_clone, cloneflags, child_stack, stack_size, ptid, newtls, ctid);
#elif defined(__arc__) || defined(__arm__) || defined(__aarch64__) || defined(__mips__) || \
defined(__nds32__) || defined(__hppa__) || defined(__powerpc__) || defined(__i386__) || \
- defined(__x86_64__) || defined(__xtensa__) || defined(__alpha__) || defined(__riscv)
+ defined(__x86_64__) || defined(__xtensa__) || defined(__alpha__) || defined(__riscv) || defined(__loongarch64)
/* ctid and newtls are inverted on CONFIG_CLONE_BACKWARDS architectures,
* but since both values are 0, there's no harm. */
return syscall(__NR_clone, cloneflags, child_stack, ptid, ctid, newtls);

14
1001-add-sw_64-support-for-syscall_fork.patch Normal file
View File

@ -0,0 +1,14 @@
diff --git a/src/3rdparty/forkfd/forkfd_linux.c b/src/3rdparty/forkfd/forkfd_linux.c
index 1ec9fea4..2e9a7b68 100644
--- a/src/3rdparty/forkfd/forkfd_linux.c
+++ b/src/3rdparty/forkfd/forkfd_linux.c
@@ -82,7 +82,8 @@ static int sys_clone(unsigned long cloneflags, int *ptid)
return syscall(__NR_clone, cloneflags, child_stack, stack_size, ptid, newtls, ctid);
#elif defined(__arc__) || defined(__arm__) || defined(__aarch64__) || defined(__mips__) || \
defined(__nds32__) || defined(__hppa__) || defined(__powerpc__) || defined(__i386__) || \
- defined(__x86_64__) || defined(__xtensa__) || defined(__alpha__) || defined(__riscv) || defined(__loongarch64)
+ defined(__x86_64__) || defined(__xtensa__) || defined(__alpha__) || defined(__riscv) || \
+ defined(__loongarch64) ||defined(__sw_64__)
/* ctid and newtls are inverted on CONFIG_CLONE_BACKWARDS architectures,
* but since both values are 0, there's no harm. */
return syscall(__NR_clone, cloneflags, child_stack, ptid, ctid, newtls);

84
CVE-2021-38593.patch Normal file
View File

@ -0,0 +1,84 @@
Description: avoid processing-intensive painting of high number of tiny dashes
When stroking a dashed path, an unnecessary amount of processing would
be spent if there is a huge number of dashes visible, e.g. because of
scaling. Since the dashes are too small to be individually visible
anyway, just replace with a semi-transparent solid line for such
cases.
Origin: upstream, commits:
https://code.qt.io/cgit/qt/qtbase.git/commit/?id=f4d791b330d02777
https://code.qt.io/cgit/qt/qtbase.git/commit/?id=6b400e3147dcfd8c
https://code.qt.io/cgit/qt/qtbase.git/commit/?id=84aba80944a2e1c3
https://code.qt.io/cgit/qt/qtbase.git/commit/?id=cca8ed0547405b1c
Last-Update: 2021-11-27
--- a/src/gui/painting/qpaintengineex.cpp
+++ b/src/gui/painting/qpaintengineex.cpp
@@ -385,10 +385,10 @@ QPainterState *QPaintEngineEx::createSta
Q_GUI_EXPORT extern bool qt_scaleForTransform(const QTransform &transform, qreal *scale); // qtransform.cpp
-void QPaintEngineEx::stroke(const QVectorPath &path, const QPen &pen)
+void QPaintEngineEx::stroke(const QVectorPath &path, const QPen &inPen)
{
#ifdef QT_DEBUG_DRAW
- qDebug() << "QPaintEngineEx::stroke()" << pen;
+ qDebug() << "QPaintEngineEx::stroke()" << inPen;
#endif
Q_D(QPaintEngineEx);
@@ -403,6 +403,38 @@ void QPaintEngineEx::stroke(const QVecto
d->stroker.setCubicToHook(qpaintengineex_cubicTo);
}
+ QRectF clipRect;
+ QPen pen = inPen;
+ if (pen.style() > Qt::SolidLine) {
+ QRectF cpRect = path.controlPointRect();
+ const QTransform &xf = state()->matrix;
+ if (qt_pen_is_cosmetic(pen, state()->renderHints)) {
+ clipRect = d->exDeviceRect;
+ cpRect.translate(xf.dx(), xf.dy());
+ } else {
+ clipRect = xf.inverted().mapRect(QRectF(d->exDeviceRect));
+ }
+ // Check to avoid generating unwieldy amount of dashes that will not be visible anyway
+ qreal pw = pen.widthF() ? pen.widthF() : 1;
+ QRectF extentRect = cpRect.adjusted(-pw, -pw, pw, pw) & clipRect;
+ qreal extent = qMax(extentRect.width(), extentRect.height());
+ qreal patternLength = 0;
+ const QVector<qreal> pattern = pen.dashPattern();
+ const int patternSize = qMin(pattern.size(), 32);
+ for (int i = 0; i < patternSize; i++)
+ patternLength += qMax(pattern.at(i), qreal(0));
+ patternLength *= pw;
+ if (qFuzzyIsNull(patternLength)) {
+ pen.setStyle(Qt::NoPen);
+ } else if (extent / patternLength > 10000) {
+ // approximate stream of tiny dashes with semi-transparent solid line
+ pen.setStyle(Qt::SolidLine);
+ QColor color(pen.color());
+ color.setAlpha(color.alpha() / 2);
+ pen.setColor(color);
+ }
+ }
+
if (!qpen_fast_equals(pen, d->strokerPen)) {
d->strokerPen = pen;
d->stroker.setJoinStyle(pen.joinStyle());
@@ -430,14 +462,8 @@ void QPaintEngineEx::stroke(const QVecto
return;
}
- if (pen.style() > Qt::SolidLine) {
- if (qt_pen_is_cosmetic(pen, state()->renderHints)){
- d->activeStroker->setClipRect(d->exDeviceRect);
- } else {
- QRectF clipRect = state()->matrix.inverted().mapRect(QRectF(d->exDeviceRect));
- d->activeStroker->setClipRect(clipRect);
- }
- }
+ if (!clipRect.isNull())
+ d->activeStroker->setClipRect(clipRect);
if (d->activeStroker == &d->stroker)
d->stroker.setForceOpen(path.hasExplicitOpen());

92
CVE-2022-25255.patch Normal file
View File

@ -0,0 +1,92 @@
Description: QProcess: ensure we don't accidentally execute something from CWD
Unless "." (or the empty string) is in $PATH, we're not supposed to find
executables in the current directory. This is how the Unix shells behave
and we match their behavior. It's also the behavior Qt had prior to 5.9
(commit 28666d167aa8e602c0bea25ebc4d51b55005db13). On Windows, searching
the current directory is the norm, so we keep that behavior.
.
This commit does not add an explicit check for an empty return from
QStandardPaths::findExecutable(). Instead, we allow that empty string to
go all the way to execve(2), which will fail with ENOENT. We could catch
it early, before fork(2), but why add code for the error case?
.
See https://kde.org/info/security/advisory-20220131-1.txt
Origin: upstream, https://download.qt.io/official_releases/qt/5.15/CVE-2022-25255-qprocess5-15.diff
Last-Update: 2022-02-21
--- a/src/corelib/io/qprocess_unix.cpp
+++ b/src/corelib/io/qprocess_unix.cpp
@@ -1,7 +1,7 @@
/****************************************************************************
**
** Copyright (C) 2016 The Qt Company Ltd.
-** Copyright (C) 2016 Intel Corporation.
+** Copyright (C) 2022 Intel Corporation.
** Contact: https://www.qt.io/licensing/
**
** This file is part of the QtCore module of the Qt Toolkit.
@@ -422,14 +422,15 @@ void QProcessPrivate::startProcess()
// Add the program name to the argument list.
argv[0] = nullptr;
if (!program.contains(QLatin1Char('/'))) {
+ // findExecutable() returns its argument if it's an absolute path,
+ // otherwise it searches $PATH; returns empty if not found (we handle
+ // that case much later)
const QString &exeFilePath = QStandardPaths::findExecutable(program);
- if (!exeFilePath.isEmpty()) {
- const QByteArray &tmp = QFile::encodeName(exeFilePath);
- argv[0] = ::strdup(tmp.constData());
- }
- }
- if (!argv[0])
+ const QByteArray &tmp = QFile::encodeName(exeFilePath);
+ argv[0] = ::strdup(tmp.constData());
+ } else {
argv[0] = ::strdup(encodedProgramName.constData());
+ }
// Add every argument to the list
for (int i = 0; i < arguments.count(); ++i)
@@ -983,15 +984,16 @@ bool QProcessPrivate::startDetached(qint
envp = _q_dupEnvironment(environment.d.constData()->vars, &envc);
}
- QByteArray tmp;
if (!program.contains(QLatin1Char('/'))) {
+ // findExecutable() returns its argument if it's an absolute path,
+ // otherwise it searches $PATH; returns empty if not found (we handle
+ // that case much later)
const QString &exeFilePath = QStandardPaths::findExecutable(program);
- if (!exeFilePath.isEmpty())
- tmp = QFile::encodeName(exeFilePath);
+ const QByteArray &tmp = QFile::encodeName(exeFilePath);
+ argv[0] = ::strdup(tmp.constData());
+ } else {
+ argv[0] = ::strdup(QFile::encodeName(program));
}
- if (tmp.isEmpty())
- tmp = QFile::encodeName(program);
- argv[0] = tmp.data();
if (envp)
qt_safe_execve(argv[0], argv, envp);
--- a/tests/auto/widgets/kernel/qapplication/tst_qapplication.cpp
+++ b/tests/auto/widgets/kernel/qapplication/tst_qapplication.cpp
@@ -1449,7 +1449,7 @@ void tst_QApplication::desktopSettingsAw
{
#if QT_CONFIG(process)
QProcess testProcess;
- testProcess.start("desktopsettingsaware_helper");
+ testProcess.start("./desktopsettingsaware_helper");
QVERIFY2(testProcess.waitForStarted(),
qPrintable(QString::fromLatin1("Cannot start 'desktopsettingsaware_helper': %1").arg(testProcess.errorString())));
QVERIFY(testProcess.waitForFinished(10000));
@@ -2365,7 +2365,7 @@ void tst_QApplication::qtbug_12673()
#if QT_CONFIG(process)
QProcess testProcess;
QStringList arguments;
- testProcess.start("modal_helper", arguments);
+ testProcess.start("./modal_helper", arguments);
QVERIFY2(testProcess.waitForStarted(),
qPrintable(QString::fromLatin1("Cannot start 'modal_helper': %1").arg(testProcess.errorString())));
QVERIFY(testProcess.waitForFinished(20000));

336
CVE-2023-24607.patch Normal file
View File

@ -0,0 +1,336 @@
src/plugins/sqldrivers/odbc/qsql_odbc.cpp | 210 ++++++++++++----------
1 file changed, 120 insertions(+), 90 deletions(-)
diff --git a/src/plugins/sqldrivers/odbc/qsql_odbc.cpp b/src/plugins/sqldrivers/odbc/qsql_odbc.cpp
index 547eb204..8d7ce3e3 100644
--- a/src/plugins/sqldrivers/odbc/qsql_odbc.cpp
+++ b/src/plugins/sqldrivers/odbc/qsql_odbc.cpp
@@ -91,23 +91,39 @@ inline static QString fromSQLTCHAR(const QVarLengthArray<SQLTCHAR>& input, int s
return result;
}
+template <size_t SizeOfChar = sizeof(SQLTCHAR)>
+void toSQLTCHARImpl(QVarLengthArray<SQLTCHAR> &result, const QString &input); // primary template undefined
+
+template <typename Container>
+void do_append(QVarLengthArray<SQLTCHAR> &result, const Container &c)
+{
+ result.append(reinterpret_cast<const SQLTCHAR *>(c.data()), c.size());
+}
+
+template <>
+void toSQLTCHARImpl<1>(QVarLengthArray<SQLTCHAR> &result, const QString &input)
+{
+ const auto u8 = input.toUtf8();
+ do_append(result, u8);
+}
+
+template <>
+void toSQLTCHARImpl<2>(QVarLengthArray<SQLTCHAR> &result, const QString &input)
+{
+ do_append(result, input);
+}
+
+template <>
+void toSQLTCHARImpl<4>(QVarLengthArray<SQLTCHAR> &result, const QString &input)
+{
+ const auto u32 = input.toUcs4();
+ do_append(result, u32);
+}
+
inline static QVarLengthArray<SQLTCHAR> toSQLTCHAR(const QString &input)
{
QVarLengthArray<SQLTCHAR> result;
- result.resize(input.size());
- switch(sizeof(SQLTCHAR)) {
- case 1:
- memcpy(result.data(), input.toUtf8().data(), input.size());
- break;
- case 2:
- memcpy(result.data(), input.unicode(), input.size() * 2);
- break;
- case 4:
- memcpy(result.data(), input.toUcs4().data(), input.size() * 4);
- break;
- default:
- qCritical("sizeof(SQLTCHAR) is %d. Don't know how to handle this.", int(sizeof(SQLTCHAR)));
- }
+ toSQLTCHARImpl(result, input);
result.append(0); // make sure it's null terminated, doesn't matter if it already is, it does if it isn't.
return result;
}
@@ -768,6 +784,14 @@ QChar QODBCDriverPrivate::quoteChar()
return quote;
}
+static SQLRETURN qt_string_SQLSetConnectAttr(SQLHDBC handle, SQLINTEGER attr, const QString &val)
+{
+ auto encoded = toSQLTCHAR(val);
+ return SQLSetConnectAttr(handle, attr,
+ encoded.data(),
+ SQLINTEGER(encoded.size() * sizeof(SQLTCHAR))); // size in bytes
+}
+
bool QODBCDriverPrivate::setConnectionOptions(const QString& connOpts)
{
@@ -803,10 +826,7 @@ bool QODBCDriverPrivate::setConnectionOptions(const QString& connOpts)
v = val.toUInt();
r = SQLSetConnectAttr(hDbc, SQL_ATTR_LOGIN_TIMEOUT, (SQLPOINTER) size_t(v), 0);
} else if (opt.toUpper() == QLatin1String("SQL_ATTR_CURRENT_CATALOG")) {
- val.utf16(); // 0 terminate
- r = SQLSetConnectAttr(hDbc, SQL_ATTR_CURRENT_CATALOG,
- toSQLTCHAR(val).data(),
- val.length()*sizeof(SQLTCHAR));
+ r = qt_string_SQLSetConnectAttr(hDbc, SQL_ATTR_CURRENT_CATALOG, val);
} else if (opt.toUpper() == QLatin1String("SQL_ATTR_METADATA_ID")) {
if (val.toUpper() == QLatin1String("SQL_TRUE")) {
v = SQL_TRUE;
@@ -821,10 +841,7 @@ bool QODBCDriverPrivate::setConnectionOptions(const QString& connOpts)
v = val.toUInt();
r = SQLSetConnectAttr(hDbc, SQL_ATTR_PACKET_SIZE, (SQLPOINTER) size_t(v), 0);
} else if (opt.toUpper() == QLatin1String("SQL_ATTR_TRACEFILE")) {
- val.utf16(); // 0 terminate
- r = SQLSetConnectAttr(hDbc, SQL_ATTR_TRACEFILE,
- toSQLTCHAR(val).data(),
- val.length()*sizeof(SQLTCHAR));
+ r = qt_string_SQLSetConnectAttr(hDbc, SQL_ATTR_TRACEFILE, val);
} else if (opt.toUpper() == QLatin1String("SQL_ATTR_TRACE")) {
if (val.toUpper() == QLatin1String("SQL_OPT_TRACE_OFF")) {
v = SQL_OPT_TRACE_OFF;
@@ -1027,9 +1044,13 @@ bool QODBCResult::reset (const QString& query)
return false;
}
- r = SQLExecDirect(d->hStmt,
- toSQLTCHAR(query).data(),
- (SQLINTEGER) query.length());
+ {
+ auto encoded = toSQLTCHAR(query);
+ r = SQLExecDirect(d->hStmt,
+ encoded.data(),
+ SQLINTEGER(encoded.size()));
+ }
+
if (r != SQL_SUCCESS && r != SQL_SUCCESS_WITH_INFO && r!= SQL_NO_DATA) {
setLastError(qMakeError(QCoreApplication::translate("QODBCResult",
"Unable to execute statement"), QSqlError::StatementError, d));
@@ -1375,9 +1396,12 @@ bool QODBCResult::prepare(const QString& query)
return false;
}
- r = SQLPrepare(d->hStmt,
- toSQLTCHAR(query).data(),
- (SQLINTEGER) query.length());
+ {
+ auto encoded = toSQLTCHAR(query);
+ r = SQLPrepare(d->hStmt,
+ encoded.data(),
+ SQLINTEGER(encoded.size()));
+ }
if (r != SQL_SUCCESS) {
setLastError(qMakeError(QCoreApplication::translate("QODBCResult",
@@ -1405,7 +1429,7 @@ bool QODBCResult::exec()
SQLCloseCursor(d->hStmt);
QVector<QVariant>& values = boundValues();
- QVector<QByteArray> tmpStorage(values.count(), QByteArray()); // holds temporary buffers
+ QVector<QByteArray> tmpStorage(values.count(), QByteArray()); // targets for SQLBindParameter()
QVarLengthArray<SQLLEN, 32> indicators(values.count());
memset(indicators.data(), 0, indicators.size() * sizeof(SQLLEN));
@@ -1582,35 +1606,36 @@ bool QODBCResult::exec()
case QVariant::String:
if (d->unicode) {
QByteArray &ba = tmpStorage[i];
- QString str = val.toString();
+ {
+ const auto encoded = toSQLTCHAR(val.toString());
+ ba = QByteArray(reinterpret_cast<const char *>(encoded.data()),
+ encoded.size() * sizeof(SQLTCHAR));
+ }
+
if (*ind != SQL_NULL_DATA)
- *ind = str.length() * sizeof(SQLTCHAR);
- int strSize = str.length() * sizeof(SQLTCHAR);
+ *ind = ba.size();
if (bindValueType(i) & QSql::Out) {
- const QVarLengthArray<SQLTCHAR> a(toSQLTCHAR(str));
- ba = QByteArray((const char *)a.constData(), a.size() * sizeof(SQLTCHAR));
r = SQLBindParameter(d->hStmt,
i + 1,
qParamType[bindValueType(i) & QSql::InOut],
SQL_C_TCHAR,
- strSize > 254 ? SQL_WLONGVARCHAR : SQL_WVARCHAR,
+ ba.size() > 254 ? SQL_WLONGVARCHAR : SQL_WVARCHAR,
0, // god knows... don't change this!
0,
- ba.data(),
+ const_cast<char *>(ba.constData()), // don't detach
ba.size(),
ind);
break;
}
- ba = QByteArray ((const char *)toSQLTCHAR(str).constData(), str.size()*sizeof(SQLTCHAR));
r = SQLBindParameter(d->hStmt,
i + 1,
qParamType[bindValueType(i) & QSql::InOut],
SQL_C_TCHAR,
- strSize > 254 ? SQL_WLONGVARCHAR : SQL_WVARCHAR,
- strSize,
+ ba.size() > 254 ? SQL_WLONGVARCHAR : SQL_WVARCHAR,
+ ba.size(),
0,
- const_cast<char *>(ba.constData()),
+ const_cast<char *>(ba.constData()), // don't detach
ba.size(),
ind);
break;
@@ -1718,10 +1743,11 @@ bool QODBCResult::exec()
case QVariant::String:
if (d->unicode) {
if (bindValueType(i) & QSql::Out) {
- const QByteArray &first = tmpStorage.at(i);
- QVarLengthArray<SQLTCHAR> array;
- array.append((const SQLTCHAR *)first.constData(), first.size());
- values[i] = fromSQLTCHAR(array, first.size()/sizeof(SQLTCHAR));
+ const QByteArray &bytes = tmpStorage.at(i);
+ const auto strSize = bytes.size() / int(sizeof(SQLTCHAR));
+ QVarLengthArray<SQLTCHAR> string(strSize);
+ memcpy(string.data(), bytes.data(), strSize * sizeof(SQLTCHAR));
+ values[i] = fromSQLTCHAR(string);
}
break;
}
@@ -1968,14 +1993,16 @@ bool QODBCDriver::open(const QString & db,
SQLSMALLINT cb;
QVarLengthArray<SQLTCHAR> connOut(1024);
memset(connOut.data(), 0, connOut.size() * sizeof(SQLTCHAR));
- r = SQLDriverConnect(d->hDbc,
- NULL,
- toSQLTCHAR(connQStr).data(),
- (SQLSMALLINT)connQStr.length(),
- connOut.data(),
- 1024,
- &cb,
- /*SQL_DRIVER_NOPROMPT*/0);
+ {
+ auto encoded = toSQLTCHAR(connQStr);
+ r = SQLDriverConnect(d->hDbc,
+ nullptr,
+ encoded.data(), SQLSMALLINT(encoded.size()),
+ connOut.data(),
+ 1024,
+ &cb,
+ /*SQL_DRIVER_NOPROMPT*/0);
+ }
if (r != SQL_SUCCESS && r != SQL_SUCCESS_WITH_INFO) {
setLastError(qMakeError(tr("Unable to connect"), QSqlError::ConnectionError, d));
@@ -2354,17 +2381,15 @@ QStringList QODBCDriver::tables(QSql::TableType type) const
if (tableType.isEmpty())
return tl;
- QString joinedTableTypeString = tableType.join(QLatin1Char(','));
+ {
+ auto joinedTableTypeString = toSQLTCHAR(tableType.join(u','));
- r = SQLTables(hStmt,
- NULL,
- 0,
- NULL,
- 0,
- NULL,
- 0,
- toSQLTCHAR(joinedTableTypeString).data(),
- joinedTableTypeString.length() /* characters, not bytes */);
+ r = SQLTables(hStmt,
+ nullptr, 0,
+ nullptr, 0,
+ nullptr, 0,
+ joinedTableTypeString.data(), joinedTableTypeString.size());
+ }
if (r != SQL_SUCCESS)
qSqlWarning(QLatin1String("QODBCDriver::tables Unable to execute table list"), d);
@@ -2438,28 +2463,30 @@ QSqlIndex QODBCDriver::primaryIndex(const QString& tablename) const
SQL_ATTR_CURSOR_TYPE,
(SQLPOINTER)SQL_CURSOR_FORWARD_ONLY,
SQL_IS_UINTEGER);
- r = SQLPrimaryKeys(hStmt,
- catalog.length() == 0 ? NULL : toSQLTCHAR(catalog).data(),
- catalog.length(),
- schema.length() == 0 ? NULL : toSQLTCHAR(schema).data(),
- schema.length(),
- toSQLTCHAR(table).data(),
- table.length() /* in characters, not in bytes */);
+ {
+ auto c = toSQLTCHAR(catalog);
+ auto s = toSQLTCHAR(schema);
+ auto t = toSQLTCHAR(table);
+ r = SQLPrimaryKeys(hStmt,
+ catalog.isEmpty() ? nullptr : c.data(), c.size(),
+ schema.isEmpty() ? nullptr : s.data(), s.size(),
+ t.data(), t.size());
+ }
// if the SQLPrimaryKeys() call does not succeed (e.g the driver
// does not support it) - try an alternative method to get hold of
// the primary index (e.g MS Access and FoxPro)
if (r != SQL_SUCCESS) {
- r = SQLSpecialColumns(hStmt,
- SQL_BEST_ROWID,
- catalog.length() == 0 ? NULL : toSQLTCHAR(catalog).data(),
- catalog.length(),
- schema.length() == 0 ? NULL : toSQLTCHAR(schema).data(),
- schema.length(),
- toSQLTCHAR(table).data(),
- table.length(),
- SQL_SCOPE_CURROW,
- SQL_NULLABLE);
+ auto c = toSQLTCHAR(catalog);
+ auto s = toSQLTCHAR(schema);
+ auto t = toSQLTCHAR(table);
+ r = SQLSpecialColumns(hStmt,
+ SQL_BEST_ROWID,
+ catalog.isEmpty() ? nullptr : c.data(), c.size(),
+ schema.isEmpty() ? nullptr : s.data(), s.size(),
+ t.data(), t.size(),
+ SQL_SCOPE_CURROW,
+ SQL_NULLABLE);
if (r != SQL_SUCCESS) {
qSqlWarning(QLatin1String("QODBCDriver::primaryIndex: Unable to execute primary key list"), d);
@@ -2540,15 +2567,18 @@ QSqlRecord QODBCDriver::record(const QString& tablename) const
SQL_ATTR_CURSOR_TYPE,
(SQLPOINTER)SQL_CURSOR_FORWARD_ONLY,
SQL_IS_UINTEGER);
- r = SQLColumns(hStmt,
- catalog.length() == 0 ? NULL : toSQLTCHAR(catalog).data(),
- catalog.length(),
- schema.length() == 0 ? NULL : toSQLTCHAR(schema).data(),
- schema.length(),
- toSQLTCHAR(table).data(),
- table.length(),
- NULL,
- 0);
+ {
+ auto c = toSQLTCHAR(catalog);
+ auto s = toSQLTCHAR(schema);
+ auto t = toSQLTCHAR(table);
+ r = SQLColumns(hStmt,
+ catalog.isEmpty() ? nullptr : c.data(), c.size(),
+ schema.isEmpty() ? nullptr : s.data(), s.size(),
+ t.data(), t.size(),
+ nullptr,
+ 0);
+ }
+
if (r != SQL_SUCCESS)
qSqlWarning(QLatin1String("QODBCDriver::record: Unable to execute column list"), d);
--
2.39.1

50
CVE-2023-32762.patch Normal file
View File

@ -0,0 +1,50 @@
From 1b736a815be0222f4b24289cf17575fc15707305 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?M=C3=A5rten=20Nordheim?= <marten.nordheim@qt.io>
Date: Fri, 5 May 2023 11:07:26 +0200
Subject: [PATCH] Hsts: match header names case insensitively
Header field names are always considered to be case-insensitive.
Pick-to: 6.5 6.5.1 6.2 5.15
Fixes: QTBUG-113392
Change-Id: Ifb4def4bb7f2ac070416cdc76581a769f1e52b43
Reviewed-by: Qt CI Bot <qt_ci_bot@qt-project.org>
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
Reviewed-by: Volker Hilsheimer <volker.hilsheimer@qt.io>
---
src/network/access/qhsts.cpp | 4 ++--
tests/auto/network/access/hsts/tst_qhsts.cpp | 6 ++++++
2 files changed, 8 insertions(+), 2 deletions(-)
diff --git a/src/network/access/qhsts.cpp b/src/network/access/qhsts.cpp
index 39905f354807..82deede17298 100644
--- a/src/network/access/qhsts.cpp
+++ b/src/network/access/qhsts.cpp
@@ -327,8 +327,8 @@ quoted-pair = "\" CHAR
bool QHstsHeaderParser::parse(const QList<QPair<QByteArray, QByteArray>> &headers)
{
for (const auto &h : headers) {
- // We use '==' since header name was already 'trimmed' for us:
- if (h.first == "Strict-Transport-Security") {
+ // We compare directly because header name was already 'trimmed' for us:
+ if (h.first.compare("Strict-Transport-Security", Qt::CaseInsensitive) == 0) {
header = h.second;
// RFC6797, 8.1:
//
diff --git a/tests/auto/network/access/hsts/tst_qhsts.cpp b/tests/auto/network/access/hsts/tst_qhsts.cpp
index 252f5e8f5792..97a2d2889e57 100644
--- a/tests/auto/network/access/hsts/tst_qhsts.cpp
+++ b/tests/auto/network/access/hsts/tst_qhsts.cpp
@@ -216,6 +216,12 @@ void tst_QHsts::testSTSHeaderParser()
QVERIFY(parser.expirationDate() > QDateTime::currentDateTimeUtc());
QVERIFY(parser.includeSubDomains());
+ list.pop_back();
+ list << Header("strict-transport-security", "includeSubDomains;max-age=1000");
+ QVERIFY(parser.parse(list));
+ QVERIFY(parser.expirationDate() > QDateTime::currentDateTimeUtc());
+ QVERIFY(parser.includeSubDomains());
+
list.pop_back();
// Invalid (includeSubDomains twice):
list << Header("Strict-Transport-Security", "max-age = 1000 ; includeSubDomains;includeSubDomains");

64
CVE-2023-32763.patch Normal file
View File

@ -0,0 +1,64 @@
From 9e92024a183e93c63cb96a0a48cca07c20c7a243 Mon Sep 17 00:00:00 2001
From: starlet-dx <15929766099@163.com>
Date: Wed, 28 Jun 2023 11:47:13 +0800
Subject: [PATCH 1/1] Fix CVE-2023-32763
Origin: https://download.qt.io/official_releases/qt/5.15/CVE-2023-32763-qtbase-5.15.diff
---
src/gui/painting/qfixed_p.h | 9 +++++++++
src/gui/text/qtextlayout.cpp | 9 ++++++---
2 files changed, 15 insertions(+), 3 deletions(-)
diff --git a/src/gui/painting/qfixed_p.h b/src/gui/painting/qfixed_p.h
index 84659288..57d750a4 100644
--- a/src/gui/painting/qfixed_p.h
+++ b/src/gui/painting/qfixed_p.h
@@ -54,6 +54,7 @@
#include <QtGui/private/qtguiglobal_p.h>
#include "QtCore/qdebug.h"
#include "QtCore/qpoint.h"
+#include <QtCore/private/qnumeric_p.h>
#include "QtCore/qsize.h"
QT_BEGIN_NAMESPACE
@@ -182,6 +183,14 @@ Q_DECL_CONSTEXPR inline bool operator<(int i, const QFixed &f) { return i * 64 <
Q_DECL_CONSTEXPR inline bool operator>(const QFixed &f, int i) { return f.value() > i * 64; }
Q_DECL_CONSTEXPR inline bool operator>(int i, const QFixed &f) { return i * 64 > f.value(); }
+inline bool qAddOverflow(QFixed v1, QFixed v2, QFixed *r)
+{
+ int val;
+ bool result = add_overflow(v1.value(), v2.value(), &val);
+ r->setValue(val);
+ return result;
+}
+
#ifndef QT_NO_DEBUG_STREAM
inline QDebug &operator<<(QDebug &dbg, const QFixed &f)
{ return dbg << f.toReal(); }
diff --git a/src/gui/text/qtextlayout.cpp b/src/gui/text/qtextlayout.cpp
index b2f12ef1..897a1bc9 100644
--- a/src/gui/text/qtextlayout.cpp
+++ b/src/gui/text/qtextlayout.cpp
@@ -2138,11 +2138,14 @@ found:
eng->maxWidth = qMax(eng->maxWidth, line.textWidth);
} else {
eng->minWidth = qMax(eng->minWidth, lbh.minw);
- eng->maxWidth += line.textWidth;
+ if (qAddOverflow(eng->maxWidth, line.textWidth, &eng->maxWidth))
+ eng->maxWidth = QFIXED_MAX;
}
- if (line.textWidth > 0 && item < eng->layoutData->items.size())
- eng->maxWidth += lbh.spaceData.textWidth;
+ if (line.textWidth > 0 && item < eng->layoutData->items.size()) {
+ if (qAddOverflow(eng->maxWidth, lbh.spaceData.textWidth, &eng->maxWidth))
+ eng->maxWidth = QFIXED_MAX;
+ }
line.textWidth += trailingSpace;
if (lbh.spaceData.length) {
--
2.30.0

73
CVE-2023-33285.patch Normal file
View File

@ -0,0 +1,73 @@
diff --git a/src/network/kernel/qdnslookup_unix.cpp b/src/network/kernel/qdnslookup_unix.cpp
index 12b40fc3..99e999d4 100644
--- a/src/network/kernel/qdnslookup_unix.cpp
+++ b/src/network/kernel/qdnslookup_unix.cpp
@@ -227,7 +227,6 @@ void QDnsLookupRunnable::query(const int requestType, const QByteArray &requestN
// responseLength in case of error, we still can extract the
// exact error code from the response.
HEADER *header = (HEADER*)response;
- const int answerCount = ntohs(header->ancount);
switch (header->rcode) {
case NOERROR:
break;
@@ -260,18 +259,31 @@ void QDnsLookupRunnable::query(const int requestType, const QByteArray &requestN
return;
}
- // Skip the query host, type (2 bytes) and class (2 bytes).
char host[PACKETSZ], answer[PACKETSZ];
unsigned char *p = response + sizeof(HEADER);
- int status = local_dn_expand(response, response + responseLength, p, host, sizeof(host));
- if (status < 0) {
+ int status;
+
+ if (ntohs(header->qdcount) == 1) {
+ // Skip the query host, type (2 bytes) and class (2 bytes).
+ status = local_dn_expand(response, response + responseLength, p, host, sizeof(host));
+ if (status < 0) {
+ reply->error = QDnsLookup::InvalidReplyError;
+ reply->errorString = tr("Could not expand domain name");
+ return;
+ }
+ if ((p - response) + status + 4 >= responseLength)
+ header->qdcount = 0xffff; // invalid reply below
+ else
+ p += status + 4;
+ }
+ if (ntohs(header->qdcount) > 1) {
reply->error = QDnsLookup::InvalidReplyError;
- reply->errorString = tr("Could not expand domain name");
+ reply->errorString = tr("Invalid reply received");
return;
}
- p += status + 4;
// Extract results.
+ const int answerCount = ntohs(header->ancount);
int answerIndex = 0;
while ((p < response + responseLength) && (answerIndex < answerCount)) {
status = local_dn_expand(response, response + responseLength, p, host, sizeof(host));
@@ -283,6 +295,11 @@ void QDnsLookupRunnable::query(const int requestType, const QByteArray &requestN
const QString name = QUrl::fromAce(host);
p += status;
+
+ if ((p - response) + 10 > responseLength) {
+ // probably just a truncated reply, return what we have
+ return;
+ }
const quint16 type = (p[0] << 8) | p[1];
p += 2; // RR type
p += 2; // RR class
@@ -290,6 +307,8 @@ void QDnsLookupRunnable::query(const int requestType, const QByteArray &requestN
p += 4;
const quint16 size = (p[0] << 8) | p[1];
p += 2;
+ if ((p - response) + size > responseLength)
+ return; // truncated
if (type == QDnsLookup::A) {
if (size != 4) {
--
2.27.0

32
CVE-2023-37369-pre.patch Normal file
View File

@ -0,0 +1,32 @@
From d76b11a0d55f40e964686564bac512e5895147b6 Mon Sep 17 00:00:00 2001
From: Allan Sandfeld Jensen <allan.jensen@qt.io>
Date: Wed, 14 Apr 2021 22:13:32 +0200
Subject: [PATCH] Don't parse XML symbols longer than 4096 characters
It is slow and will use too much memory.
Fixes: QTBUG-91889
Change-Id: I45c5e6038357c87bbb85b1ace17ef39a2a814ea0
Reviewed-by: Thiago Macieira <thiago.macieira@intel.com>
(cherry picked from commit 38e111158a38507c63fd70f9ee18b9116b537976)
Reviewed-by: Qt Cherry-pick Bot <cherrypick_bot@qt-project.org>
---
src/corelib/serialization/qxmlstream.cpp | 5 +++++
1 file changed, 5 insertions(+)
diff --git a/src/corelib/serialization/qxmlstream.cpp b/src/corelib/serialization/qxmlstream.cpp
index 9a3e306f424..a38720b370f 100644
--- a/src/corelib/serialization/qxmlstream.cpp
+++ b/src/corelib/serialization/qxmlstream.cpp
@@ -1307,6 +1307,11 @@ inline int QXmlStreamReaderPrivate::fastScanName(int *prefix)
int n = 0;
uint c;
while ((c = getChar()) != StreamEOF) {
+ if (n >= 4096) {
+ // This is too long to be a sensible name, and
+ // can exhaust memory
+ return 0;
+ }
switch (c) {
case '\n':
case ' ':

203
CVE-2023-37369.patch Normal file
View File

@ -0,0 +1,203 @@
diff --git a/src/corelib/serialization/qxmlstream.cpp b/src/corelib/serialization/qxmlstream.cpp
index 7cd457ba3a..11d162cb79 100644
--- a/src/corelib/serialization/qxmlstream.cpp
+++ b/src/corelib/serialization/qxmlstream.cpp
@@ -1302,15 +1302,18 @@ inline int QXmlStreamReaderPrivate::fastScanContentCharList()
return n;
}
-inline int QXmlStreamReaderPrivate::fastScanName(int *prefix)
+// Fast scan an XML attribute name (e.g. "xml:lang").
+inline QXmlStreamReaderPrivate::FastScanNameResult
+QXmlStreamReaderPrivate::fastScanName(Value *val)
{
int n = 0;
uint c;
while ((c = getChar()) != StreamEOF) {
if (n >= 4096) {
// This is too long to be a sensible name, and
- // can exhaust memory
- return 0;
+ // can exhaust memory, or the range of decltype(*prefix)
+ raiseNamePrefixTooLongError();
+ return {};
}
switch (c) {
case '\n':
@@ -1339,23 +1342,23 @@ inline int QXmlStreamReaderPrivate::fastScanName(int *prefix)
case '+':
case '*':
putChar(c);
- if (prefix && *prefix == n+1) {
- *prefix = 0;
+ if (val && val->prefix == n + 1) {
+ val->prefix = 0;
putChar(':');
--n;
}
- return n;
+ return FastScanNameResult(n);
case ':':
- if (prefix) {
- if (*prefix == 0) {
- *prefix = n+2;
+ if (val) {
+ if (val->prefix == 0) {
+ val->prefix = n + 2;
} else { // only one colon allowed according to the namespace spec.
putChar(c);
- return n;
+ return FastScanNameResult(n);
}
} else {
putChar(c);
- return n;
+ return FastScanNameResult(n);
}
Q_FALLTHROUGH();
default:
@@ -1364,12 +1367,12 @@ inline int QXmlStreamReaderPrivate::fastScanName(int *prefix)
}
}
- if (prefix)
- *prefix = 0;
+ if (val)
+ val->prefix = 0;
int pos = textBuffer.size() - n;
putString(textBuffer, pos);
textBuffer.resize(pos);
- return 0;
+ return FastScanNameResult(0);
}
enum NameChar { NameBeginning, NameNotBeginning, NotName };
@@ -1878,6 +1881,14 @@ void QXmlStreamReaderPrivate::raiseWellFormedError(const QString &message)
raiseError(QXmlStreamReader::NotWellFormedError, message);
}
+void QXmlStreamReaderPrivate::raiseNamePrefixTooLongError()
+{
+ // TODO: add a ImplementationLimitsExceededError and use it instead
+ raiseError(QXmlStreamReader::NotWellFormedError,
+ QXmlStream::tr("Length of XML attribute name exceeds implemnetation limits (4KiB "
+ "characters)."));
+}
+
void QXmlStreamReaderPrivate::parseError()
{
diff --git a/src/corelib/serialization/qxmlstream.g b/src/corelib/serialization/qxmlstream.g
index 4321fed68a..8c6a1a5887 100644
--- a/src/corelib/serialization/qxmlstream.g
+++ b/src/corelib/serialization/qxmlstream.g
@@ -516,7 +516,16 @@ public:
int fastScanLiteralContent();
int fastScanSpace();
int fastScanContentCharList();
- int fastScanName(int *prefix = nullptr);
+
+ struct FastScanNameResult {
+ FastScanNameResult() : ok(false) {}
+ explicit FastScanNameResult(int len) : addToLen(len), ok(true) { }
+ operator bool() { return ok; }
+ int operator*() { Q_ASSERT(ok); return addToLen; }
+ int addToLen;
+ bool ok;
+ };
+ FastScanNameResult fastScanName(Value *val = nullptr);
inline int fastScanNMTOKEN();
@@ -525,6 +534,7 @@ public:
void raiseError(QXmlStreamReader::Error error, const QString& message = QString());
void raiseWellFormedError(const QString &message);
+ void raiseNamePrefixTooLongError();
QXmlStreamEntityResolver *entityResolver;
@@ -1811,7 +1821,12 @@ space_opt ::= space;
qname ::= LETTER;
/.
case $rule_number: {
- sym(1).len += fastScanName(&sym(1).prefix);
+ Value &val = sym(1);
+ if (auto res = fastScanName(&val))
+ val.len += *res;
+ else
+ return false;
+
if (atEnd) {
resume($rule_number);
return false;
@@ -1822,7 +1837,11 @@ qname ::= LETTER;
name ::= LETTER;
/.
case $rule_number:
- sym(1).len += fastScanName();
+ if (auto res = fastScanName())
+ sym(1).len += *res;
+ else
+ return false;
+
if (atEnd) {
resume($rule_number);
return false;
diff --git a/src/corelib/serialization/qxmlstream_p.h b/src/corelib/serialization/qxmlstream_p.h
index e5bde7b98e..b01484cac3 100644
--- a/src/corelib/serialization/qxmlstream_p.h
+++ b/src/corelib/serialization/qxmlstream_p.h
@@ -1005,7 +1005,16 @@ public:
int fastScanLiteralContent();
int fastScanSpace();
int fastScanContentCharList();
- int fastScanName(int *prefix = nullptr);
+
+ struct FastScanNameResult {
+ FastScanNameResult() : ok(false) {}
+ explicit FastScanNameResult(int len) : addToLen(len), ok(true) { }
+ operator bool() { return ok; }
+ int operator*() { Q_ASSERT(ok); return addToLen; }
+ int addToLen;
+ bool ok;
+ };
+ FastScanNameResult fastScanName(Value *val = nullptr);
inline int fastScanNMTOKEN();
@@ -1014,6 +1023,7 @@ public:
void raiseError(QXmlStreamReader::Error error, const QString& message = QString());
void raiseWellFormedError(const QString &message);
+ void raiseNamePrefixTooLongError();
QXmlStreamEntityResolver *entityResolver;
@@ -1939,7 +1949,12 @@ bool QXmlStreamReaderPrivate::parse()
break;
case 262: {
- sym(1).len += fastScanName(&sym(1).prefix);
+ Value &val = sym(1);
+ if (auto res = fastScanName(&val))
+ val.len += *res;
+ else
+ return false;
+
if (atEnd) {
resume(262);
return false;
@@ -1947,7 +1962,11 @@ bool QXmlStreamReaderPrivate::parse()
} break;
case 263:
- sym(1).len += fastScanName();
+ if (auto res = fastScanName())
+ sym(1).len += *res;
+ else
+ return false;
+
if (atEnd) {
resume(263);
return false;

31
CVE-2023-45935.patch Normal file
View File

@ -0,0 +1,31 @@
From b349ef7d08deb9d7ee64cf161fdf3a92b0f3f706 Mon Sep 17 00:00:00 2001
From: Liang Qi <liang.qi@qt.io>
Date: 2023-07-31 05:35:11 +0200
Subject: [PATCH] CVE-2023-45935
port invokeMethodImpl() from QScopeGuard to SlotObjUniquePtr
---
src/plugins/platforms/xcb/qxcbatom.cpp | 6 ++++--
1 file changed, 4 insertions(+), 2 deletions(-)
diff --git a/src/plugins/platforms/xcb/qxcbatom.cpp b/src/plugins/platforms/xcb/qxcbatom.cpp
index 78081660..11d356dd 100644
--- a/src/plugins/platforms/xcb/qxcbatom.cpp
+++ b/src/plugins/platforms/xcb/qxcbatom.cpp
@@ -268,8 +268,10 @@ void QXcbAtom::initializeAllAtoms(xcb_connection_t *connection) {
for (i = 0; i < QXcbAtom::NAtoms; ++i) {
xcb_intern_atom_reply_t *reply = xcb_intern_atom_reply(connection, cookies[i], nullptr);
- m_allAtoms[i] = reply->atom;
- free(reply);
+ if (reply) {
+ m_allAtoms[i] = reply->atom;
+ free(reply);
+ }
}
}
--
2.27.0

197
CVE-2024-25580-qtbase-5.15.diff Normal file
View File

@ -0,0 +1,197 @@
diff --git a/src/gui/util/qktxhandler.cpp b/src/gui/util/qktxhandler.cpp
index 0d98e97453..6a79e55109 100644
--- a/src/gui/util/qktxhandler.cpp
+++ b/src/gui/util/qktxhandler.cpp
@@ -73,7 +73,7 @@ struct KTXHeader {
quint32 bytesOfKeyValueData;
};
-static const quint32 headerSize = sizeof(KTXHeader);
+static constexpr quint32 qktxh_headerSize = sizeof(KTXHeader);
// Currently unused, declared for future reference
struct KTXKeyValuePairItem {
@@ -103,11 +103,36 @@ struct KTXMipmapLevel {
*/
};
-bool QKtxHandler::canRead(const QByteArray &suffix, const QByteArray &block)
+static bool qAddOverflow(quint32 v1, quint32 v2, quint32 *r) {
+ // unsigned additions are well-defined
+ *r = v1 + v2;
+ return v1 > quint32(v1 + v2);
+}
+
+// Returns the nearest multiple of 4 greater than or equal to 'value'
+static bool nearestMultipleOf4(quint32 value, quint32 *result)
+{
+ constexpr quint32 rounding = 4;
+ *result = 0;
+ if (qAddOverflow(value, rounding - 1, result))
+ return true;
+ *result &= ~(rounding - 1);
+ return false;
+}
+
+// Returns a slice with prechecked bounds
+static QByteArray safeSlice(const QByteArray& array, quint32 start, quint32 length)
{
- Q_UNUSED(suffix)
+ quint32 end = 0;
+ if (qAddOverflow(start, length, &end) || end > quint32(array.length()))
+ return {};
+ return QByteArray(array.data() + start, length);
+}
- return (qstrncmp(block.constData(), ktxIdentifier, KTX_IDENTIFIER_LENGTH) == 0);
+bool QKtxHandler::canRead(const QByteArray &suffix, const QByteArray &block)
+{
+ Q_UNUSED(suffix);
+ return block.startsWith(QByteArray::fromRawData(ktxIdentifier, KTX_IDENTIFIER_LENGTH));
}
QTextureFileData QKtxHandler::read()
@@ -115,42 +140,97 @@ QTextureFileData QKtxHandler::read()
if (!device())
return QTextureFileData();
- QByteArray buf = device()->readAll();
- const quint32 dataSize = quint32(buf.size());
- if (dataSize < headerSize || !canRead(QByteArray(), buf)) {
- qCDebug(lcQtGuiTextureIO, "Invalid KTX file %s", logName().constData());
+ const QByteArray buf = device()->readAll();
+ if (size_t(buf.size()) > std::numeric_limits<quint32>::max()) {
+ qWarning(lcQtGuiTextureIO, "Too big KTX file %s", logName().constData());
+ return QTextureFileData();
+ }
+
+ if (!canRead(QByteArray(), buf)) {
+ qWarning(lcQtGuiTextureIO, "Invalid KTX file %s", logName().constData());
+ return QTextureFileData();
+ }
+
+ if (buf.size() < qsizetype(qktxh_headerSize)) {
+ qWarning(lcQtGuiTextureIO, "Invalid KTX header size in %s", logName().constData());
return QTextureFileData();
}
- const KTXHeader *header = reinterpret_cast<const KTXHeader *>(buf.constData());
- if (!checkHeader(*header)) {
- qCDebug(lcQtGuiTextureIO, "Unsupported KTX file format in %s", logName().constData());
+ KTXHeader header;
+ memcpy(&header, buf.data(), qktxh_headerSize);
+ if (!checkHeader(header)) {
+ qWarning(lcQtGuiTextureIO, "Unsupported KTX file format in %s", logName().constData());
return QTextureFileData();
}
QTextureFileData texData;
texData.setData(buf);
- texData.setSize(QSize(decode(header->pixelWidth), decode(header->pixelHeight)));
- texData.setGLFormat(decode(header->glFormat));
- texData.setGLInternalFormat(decode(header->glInternalFormat));
- texData.setGLBaseInternalFormat(decode(header->glBaseInternalFormat));
-
- texData.setNumLevels(decode(header->numberOfMipmapLevels));
- quint32 offset = headerSize + decode(header->bytesOfKeyValueData);
- const int maxLevels = qMin(texData.numLevels(), 32); // Cap iterations in case of corrupt file.
- for (int i = 0; i < maxLevels; i++) {
- if (offset + sizeof(KTXMipmapLevel) > dataSize) // Corrupt file; avoid oob read
- break;
- const KTXMipmapLevel *level = reinterpret_cast<const KTXMipmapLevel *>(buf.constData() + offset);
- quint32 levelLen = decode(level->imageSize);
- texData.setDataOffset(offset + sizeof(KTXMipmapLevel::imageSize), i);
- texData.setDataLength(levelLen, i);
- offset += sizeof(KTXMipmapLevel::imageSize) + levelLen + (3 - ((levelLen + 3) % 4));
+ texData.setSize(QSize(decode(header.pixelWidth), decode(header.pixelHeight)));
+ texData.setGLFormat(decode(header.glFormat));
+ texData.setGLInternalFormat(decode(header.glInternalFormat));
+ texData.setGLBaseInternalFormat(decode(header.glBaseInternalFormat));
+
+ texData.setNumLevels(decode(header.numberOfMipmapLevels));
+
+ const quint32 bytesOfKeyValueData = decode(header.bytesOfKeyValueData);
+ quint32 headerKeyValueSize;
+ if (qAddOverflow(qktxh_headerSize, bytesOfKeyValueData, &headerKeyValueSize)) {
+ qWarning(lcQtGuiTextureIO, "Overflow in size of key value data in header of KTX file %s",
+ logName().constData());
+ return QTextureFileData();
+ }
+
+ if (headerKeyValueSize >= quint32(buf.size())) {
+ qWarning(lcQtGuiTextureIO, "OOB request in KTX file %s", logName().constData());
+ return QTextureFileData();
+ }
+
+ // Technically, any number of levels is allowed but if the value is bigger than
+ // what is possible in KTX V2 (and what makes sense) we return an error.
+ // maxLevels = log2(max(width, height, depth))
+ const int maxLevels = (sizeof(quint32) * 8)
+ - qCountLeadingZeroBits(std::max(
+ { header.pixelWidth, header.pixelHeight, header.pixelDepth }));
+
+ if (texData.numLevels() > maxLevels) {
+ qWarning(lcQtGuiTextureIO, "Too many levels in KTX file %s", logName().constData());
+ return QTextureFileData();
+ }
+
+ quint32 offset = headerKeyValueSize;
+ for (int level = 0; level < texData.numLevels(); level++) {
+ const auto imageSizeSlice = safeSlice(buf, offset, sizeof(quint32));
+ if (imageSizeSlice.isEmpty()) {
+ qWarning(lcQtGuiTextureIO, "OOB request in KTX file %s", logName().constData());
+ return QTextureFileData();
+ }
+
+ const quint32 imageSize = decode(qFromUnaligned<quint32>(imageSizeSlice.data()));
+ offset += sizeof(quint32); // overflow checked indirectly above
+
+ texData.setDataOffset(offset, level);
+ texData.setDataLength(imageSize, level);
+
+ // Add image data and padding to offset
+ quint32 padded = 0;
+ if (nearestMultipleOf4(imageSize, &padded)) {
+ qWarning(lcQtGuiTextureIO, "Overflow in KTX file %s", logName().constData());
+ return QTextureFileData();
+ }
+
+ quint32 offsetNext;
+ if (qAddOverflow(offset, padded, &offsetNext)) {
+ qWarning(lcQtGuiTextureIO, "OOB request in KTX file %s", logName().constData());
+ return QTextureFileData();
+ }
+
+ offset = offsetNext;
}
if (!texData.isValid()) {
- qCDebug(lcQtGuiTextureIO, "Invalid values in header of KTX file %s", logName().constData());
+ qWarning(lcQtGuiTextureIO, "Invalid values in header of KTX file %s",
+ logName().constData());
return QTextureFileData();
}
@@ -191,7 +271,7 @@ bool QKtxHandler::checkHeader(const KTXHeader &header)
(decode(header.numberOfFaces) == 1));
}
-quint32 QKtxHandler::decode(quint32 val)
+quint32 QKtxHandler::decode(quint32 val) const
{
return inverseEndian ? qbswap<quint32>(val) : val;
}
diff --git a/src/gui/util/qktxhandler_p.h b/src/gui/util/qktxhandler_p.h
index f831e59d95..cdf1b2eaf8 100644
--- a/src/gui/util/qktxhandler_p.h
+++ b/src/gui/util/qktxhandler_p.h
@@ -68,7 +68,7 @@ public:
private:
bool checkHeader(const KTXHeader &header);
- quint32 decode(quint32 val);
+ quint32 decode(quint32 val) const;
bool inverseEndian = false;
};

156
CVE-2025-30348.patch Normal file
View File

@ -0,0 +1,156 @@
From 16918c1df3e709df2a97281e3825d94c84edb668 Mon Sep 17 00:00:00 2001
From: Christian Ehrlicher <ch.ehrlicher@gmx.de>
Date: Tue, 06 Aug 2024 22:39:44 +0200
Subject: [PATCH] XML/QDom: speedup encodeText()
The code copied the whole string, then replaced parts inline, at
the cost of relocating everything beyond, at each replacement.
Instead, copy character by character (in chunks where possible)
and append replacements as we skip what they replace.
Manual conflict resolution for 6.5:
- This is a manual cherry-pick. The original change was only
picked to 6.8, but the quadratic behavior is present in Qt 5, too.
- Changed Task-number to Fixes: because this is the real fix;
the QString change, 315210de916d060c044c01e53ff249d676122b1b,
was unrelated to the original QTBUG-127549.
Manual conflcit resolution for 5.15:
- Kept/re-added QTextCodec::canEncode() check
- Ported from Qt 6 to 5, to wit:
- qsizetype -> int
- QStringView::first/sliced(n) -> left/mid(n)
(these functions are clearly called in-range, so the widened
contract of the Qt 5 functions doesn't matter)
- Ported from C++17- and C++14-isms to C++11:
- replaced polymorphic lambda with a normal one (this requires
rewriting the !canEncode() branch to use QByteArray/QLatin1String
instead of QString)
- As a drive-by, corrected the indentation of the case labels to
horizontally align existing code (and follow Qt style)
Fixes: QTBUG-127549
Change-Id: I368482859ed0c4127f1eec2919183711b5488ada
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
(cherry picked from commit 2ce08e3671b8d18b0284447e5908ce15e6e8f80f)
Reviewed-by: Qt Cherry-pick Bot <cherrypick_bot@qt-project.org>
(cherry picked from commit 225e235cf966a44af23dbe9aaaa2fd20ab6430ee)
Reviewed-by: Fabian Kosmale <fabian.kosmale@qt.io>
(cherry picked from commit 905a5bd421efff6a1d90b6140500d134d32ca745)
---
diff --git a/src/xml/dom/qdom.cpp b/src/xml/dom/qdom.cpp
index 872221c..bf70477 100644
--- a/src/xml/dom/qdom.cpp
+++ b/src/xml/dom/qdom.cpp
@@ -3676,59 +3676,67 @@
const QTextCodec *const codec = s.codec();
Q_ASSERT(codec);
#endif
- QString retval(str);
- int len = retval.length();
- int i = 0;
+ QString retval;
+ int start = 0;
+ auto appendToOutput = [&](int cur, QLatin1String replacement)
+ {
+ if (start < cur) {
+ retval.reserve(str.size() + replacement.size());
+ retval.append(QStringView(str).left(cur).mid(start));
+ }
+ // Skip over str[cur], replaced by replacement
+ start = cur + 1;
+ retval.append(replacement);
+ };
- while (i < len) {
- const QChar ati(retval.at(i));
-
- if (ati == QLatin1Char('<')) {
- retval.replace(i, 1, QLatin1String("&lt;"));
- len += 3;
- i += 4;
- } else if (encodeQuotes && (ati == QLatin1Char('"'))) {
- retval.replace(i, 1, QLatin1String("&quot;"));
- len += 5;
- i += 6;
- } else if (ati == QLatin1Char('&')) {
- retval.replace(i, 1, QLatin1String("&amp;"));
- len += 4;
- i += 5;
- } else if (ati == QLatin1Char('>') && i >= 2 && retval[i - 1] == QLatin1Char(']') && retval[i - 2] == QLatin1Char(']')) {
- retval.replace(i, 1, QLatin1String("&gt;"));
- len += 3;
- i += 4;
- } else if (performAVN &&
- (ati == QChar(0xA) ||
- ati == QChar(0xD) ||
- ati == QChar(0x9))) {
- const QString replacement(QLatin1String("&#x") + QString::number(ati.unicode(), 16) + QLatin1Char(';'));
- retval.replace(i, 1, replacement);
- i += replacement.length();
- len += replacement.length() - 1;
- } else if (encodeEOLs && ati == QChar(0xD)) {
- retval.replace(i, 1, QLatin1String("&#xd;")); // Replace a single 0xD with a ref for 0xD
- len += 4;
- i += 5;
- } else {
+ const int len = str.size();
+ for (int cur = 0; cur < len; ++cur) {
+ switch (const char16_t ati = str[cur].unicode()) {
+ case u'<':
+ appendToOutput(cur, QLatin1String("&lt;"));
+ break;
+ case u'"':
+ if (encodeQuotes)
+ appendToOutput(cur, QLatin1String("&quot;"));
+ break;
+ case u'&':
+ appendToOutput(cur, QLatin1String("&amp;"));
+ break;
+ case u'>':
+ if (cur >= 2 && str[cur - 1] == u']' && str[cur - 2] == u']')
+ appendToOutput(cur, QLatin1String("&gt;"));
+ break;
+ case u'\r':
+ if (performAVN || encodeEOLs)
+ appendToOutput(cur, QLatin1String("&#xd;")); // \r == 0x0d
+ break;
+ case u'\n':
+ if (performAVN)
+ appendToOutput(cur, QLatin1String("&#xa;")); // \n == 0x0a
+ break;
+ case u'\t':
+ if (performAVN)
+ appendToOutput(cur, QLatin1String("&#x9;")); // \t == 0x09
+ break;
+ default:
#if QT_CONFIG(textcodec)
if(codec->canEncode(ati))
- ++i;
+ ; // continue
else
#endif
{
// We have to use a character reference to get it through.
- const ushort codepoint(ati.unicode());
- const QString replacement(QLatin1String("&#x") + QString::number(codepoint, 16) + QLatin1Char(';'));
- retval.replace(i, 1, replacement);
- i += replacement.length();
- len += replacement.length() - 1;
+ const QByteArray replacement = "&#x" + QByteArray::number(uint{ati}, 16) + ';';
+ appendToOutput(cur, QLatin1String{replacement});
}
+ break;
}
}
-
- return retval;
+ if (start > 0) {
+ retval.append(QStringView(str).left(len).mid(start));
+ return retval;
+ }
+ return str;
}
void QDomAttrPrivate::save(QTextStream& s, int, int) const

40
add-loongarch64-support.patch Normal file
View File

@ -0,0 +1,40 @@
diff --git a/src/3rdparty/double-conversion/include/double-conversion/utils.h b/src/3rdparty/double-conversion/include/double-conversion/utils.h
index 70e697ca..9be294a2 100644
--- a/src/3rdparty/double-conversion/include/double-conversion/utils.h
+++ b/src/3rdparty/double-conversion/include/double-conversion/utils.h
@@ -102,6 +102,7 @@ int main(int argc, char** argv) {
defined(__AARCH64EL__) || defined(__aarch64__) || defined(__AARCH64EB__) || \
defined(__riscv) || \
defined(__or1k__) || defined(__arc__) || \
+ defined(__loongarch64) || \
defined(__EMSCRIPTEN__)
#define DOUBLE_CONVERSION_CORRECT_DOUBLE_OPERATIONS 1
#elif defined(__mc68000__) || \
diff --git a/src/corelib/global/archdetect.cpp b/src/corelib/global/archdetect.cpp
index 1d00b7f5..74f3c8fc 100644
--- a/src/corelib/global/archdetect.cpp
+++ b/src/corelib/global/archdetect.cpp
@@ -59,6 +59,8 @@
# define ARCH_PROCESSOR "x86_64"
#elif defined(Q_PROCESSOR_IA64)
# define ARCH_PROCESSOR "ia64"
+#elif defined(Q_PROCESSOR_LOONGARCH_64)
+# define ARCH_PROCESSOR "loongarch64"
#elif defined(Q_PROCESSOR_MIPS_64)
# define ARCH_PROCESSOR "mips64"
#elif defined(Q_PROCESSOR_MIPS)
diff --git a/src/corelib/global/qprocessordetection.h b/src/corelib/global/qprocessordetection.h
index 8d657208..69f84a15 100644
--- a/src/corelib/global/qprocessordetection.h
+++ b/src/corelib/global/qprocessordetection.h
@@ -223,6 +223,10 @@
# define Q_PROCESSOR_WORDSIZE 8
// Q_BYTE_ORDER not defined, use endianness auto-detection
+#elif defined(__loongarch64)
+# define Q_PROCESSOR_LOONGARCH_64
+# define Q_PROCESSOR_WORDSIZE 8
+
/*
MIPS family, known revisions: I, II, III, IV, 32, 64

4
macros.qt5-qtbase Normal file
View File

@ -0,0 +1,4 @@
%_qt5 @@NAME@@
%_qt5_epoch @@EPOCH@@
%_qt5_version @@VERSION@@
%_qt5_evr @@EVR@@

23
qconfig-multilib.h Normal file
View File

@ -0,0 +1,23 @@
/* qconfig.h */
/* This file is here to prevent a file conflict on multiarch systems. A
* conflict will occur because qconfig.h has arch-specific definitions.
*
* DO NOT INCLUDE THE NEW FILE DIRECTLY -- ALWAYS INCLUDE THIS ONE INSTEAD. */
#ifndef QCONFIG_MULTILIB_H
#define QCONFIG_MULTILIB_H
#ifndef __WORDSIZE
#include <bits/wordsize.h>
#endif
#if __WORDSIZE == 32
#include "QtCore/qconfig-32.h"
#elif __WORDSIZE == 64
#include "QtCore/qconfig-64.h"
#else
#error "unexpected value for __WORDSIZE macro"
#endif
#endif

29
qt5-qtbase-5.12.1-firebird.patch Normal file
View File

@ -0,0 +1,29 @@
diff -up qtbase-everywhere-src-5.12.1/src/plugins/sqldrivers/configure.json.firebird qtbase-everywhere-src-5.12.1/src/plugins/sqldrivers/configure.json
--- qtbase-everywhere-src-5.12.1/src/plugins/sqldrivers/configure.json.firebird 2019-01-28 11:11:52.000000000 -0600
+++ qtbase-everywhere-src-5.12.1/src/plugins/sqldrivers/configure.json 2019-02-03 13:41:27.392305128 -0600
@@ -49,10 +49,11 @@
"ibase": {
"label": "InterBase",
"test": {},
- "headers": "ibase.h",
+ "headers": "firebird/ibase.h",
"sources": [
{ "libs": "-lgds32_ms", "condition": "config.win32" },
- { "libs": "-lgds", "condition": "!config.win32" }
+ { "libs": "-lgds", "condition": "!config.win32" },
+ { "libs": "-lfbclient", "condition": "!config.win32" }
]
},
"mysql": {
diff -up qtbase-everywhere-src-5.12.1/src/plugins/sqldrivers/ibase/qsql_ibase_p.h.firebird qtbase-everywhere-src-5.12.1/src/plugins/sqldrivers/ibase/qsql_ibase_p.h
--- qtbase-everywhere-src-5.12.1/src/plugins/sqldrivers/ibase/qsql_ibase_p.h.firebird 2019-01-28 11:11:52.000000000 -0600
+++ qtbase-everywhere-src-5.12.1/src/plugins/sqldrivers/ibase/qsql_ibase_p.h 2019-02-03 13:27:30.683142996 -0600
@@ -52,7 +52,7 @@
//
#include <QtSql/qsqldriver.h>
-#include <ibase.h>
+#include <firebird/ibase.h>
#ifdef QT_PLUGIN
#define Q_EXPORT_SQLDRIVER_IBASE

141
qt5-qtbase-Add-sw64-architecture.patch Normal file
View File

@ -0,0 +1,141 @@
From 2d5384cdea1303e20c3c7f69b24703b4a2ad91b0 Mon Sep 17 00:00:00 2001
From: wuzx <wuzx1226@qq.com>
Date: Fri, 18 Nov 2022 01:17:49 +0800
Subject: [PATCH] Add sw64 architecture
Signed-off-by: wuzx <wuzx1226@qq.com>
---
.../include/double-conversion/utils.h | 2 +-
src/3rdparty/sha3/brg_endian.h | 1 +
src/corelib/global/qprocessordetection.h | 3 +-
src/corelib/io/qfilesystemwatcher_inotify.cpp | 4 +++
src/gui/image/qimage.cpp | 4 +++
src/testlib/3rdparty/cycle_p.h | 36 +++++++++++++++++++
6 files changed, 48 insertions(+), 2 deletions(-)
diff --git a/src/3rdparty/double-conversion/include/double-conversion/utils.h b/src/3rdparty/double-conversion/include/double-conversion/utils.h
index 70e697ca..1524e931 100644
--- a/src/3rdparty/double-conversion/include/double-conversion/utils.h
+++ b/src/3rdparty/double-conversion/include/double-conversion/utils.h
@@ -97,7 +97,7 @@ int main(int argc, char** argv) {
defined(__powerpc__) || defined(__ppc__) || defined(__ppc64__) || \
defined(_POWER) || defined(_ARCH_PPC) || defined(_ARCH_PPC64) || \
defined(__sparc__) || defined(__sparc) || defined(__s390__) || \
- defined(__SH4__) || defined(__alpha__) || \
+ defined(__SH4__) || defined(__alpha__) || defined(__sw_64__) || \
defined(_MIPS_ARCH_MIPS32R2) || defined(__ARMEB__) ||\
defined(__AARCH64EL__) || defined(__aarch64__) || defined(__AARCH64EB__) || \
defined(__riscv) || \
diff --git a/src/3rdparty/sha3/brg_endian.h b/src/3rdparty/sha3/brg_endian.h
index 9bb306e6..e3907596 100644
--- a/src/3rdparty/sha3/brg_endian.h
+++ b/src/3rdparty/sha3/brg_endian.h
@@ -105,6 +105,7 @@ Changes for ARM 9/9/2010 [Downstream relative to Gladman's GitHub, upstream to Q
#if !defined(PLATFORM_BYTE_ORDER)
#if defined( __alpha__ ) || defined( __alpha ) || defined( i386 ) || \
+#if defined( __sw_64__ ) || defined( __sw_64 ) || \
defined( __i386__ ) || defined( _M_I86 ) || defined( _M_IX86 ) || \
defined( __OS2__ ) || defined( sun386 ) || defined( __TURBOC__ ) || \
defined( vax ) || defined( vms ) || defined( VMS ) || \
diff --git a/src/corelib/global/qprocessordetection.h b/src/corelib/global/qprocessordetection.h
index 8d657208..20c9650d 100644
--- a/src/corelib/global/qprocessordetection.h
+++ b/src/corelib/global/qprocessordetection.h
@@ -87,7 +87,8 @@
// #elif defined(__alpha__) || defined(_M_ALPHA)
// # define Q_PROCESSOR_ALPHA
// Q_BYTE_ORDER not defined, use endianness auto-detection
-
+//#elif defined(__sw_64__) || defined(_M_SW_64)
+//# define Q_PROCESSOR_SW_64
/*
ARM family, known revisions: V5, V6, V7, V8
diff --git a/src/corelib/io/qfilesystemwatcher_inotify.cpp b/src/corelib/io/qfilesystemwatcher_inotify.cpp
index 94d9d06b..38b1e7e4 100644
--- a/src/corelib/io/qfilesystemwatcher_inotify.cpp
+++ b/src/corelib/io/qfilesystemwatcher_inotify.cpp
@@ -91,6 +91,10 @@
# define __NR_inotify_add_watch 285
# define __NR_inotify_rm_watch 286
# define __NR_inotify_init1 324
+#elif defined (__sw_64__)
+# define __NR_inotify_init 444
+# define __NR_inotify_add_watch 445
+# define __NR_inotify_rm_watch 446
#elif defined (__alpha__)
# define __NR_inotify_init 444
# define __NR_inotify_add_watch 445
diff --git a/src/gui/image/qimage.cpp b/src/gui/image/qimage.cpp
index ced5a505..c1096f45 100644
--- a/src/gui/image/qimage.cpp
+++ b/src/gui/image/qimage.cpp
@@ -83,6 +83,10 @@ static inline bool isLocked(QImageData *data)
return data != nullptr && data->is_locked;
}
+#if defined(Q_CC_DEC) && defined(__sw_64) && (__DECCXX_VER-0 >= 50190001)
+#pragma message disable narrowptr
+#endif
+
#if defined(Q_CC_DEC) && defined(__alpha) && (__DECCXX_VER-0 >= 50190001)
#pragma message disable narrowptr
#endif
diff --git a/src/testlib/3rdparty/cycle_p.h b/src/testlib/3rdparty/cycle_p.h
index 95e741a8..5577b873 100644
--- a/src/testlib/3rdparty/cycle_p.h
+++ b/src/testlib/3rdparty/cycle_p.h
@@ -405,6 +405,26 @@ INLINE_ELAPSED(__inline__)
#define HAVE_TICK_COUNTER
#endif
+/*----------------------------------------------------------------*/
+#if defined(__GNUC__) && defined(__sw_64__) && !defined(HAVE_TICK_COUNTER)
+/*
+ * The 32-bit cycle counter on sw_64 overflows pretty quickly,
+ * unfortunately. A 1GHz machine overflows in 4 seconds.
+ */
+typedef unsigned int CycleCounterTicks;
+
+static __inline__ CycleCounterTicks getticks(void)
+{
+ unsigned long cc;
+ __asm__ __volatile__ ("rtc %0" : "=r"(cc));
+ return (cc & 0xFFFFFFFF);
+}
+
+INLINE_ELAPSED(__inline__)
+
+#define HAVE_TICK_COUNTER
+#endif
+
/*----------------------------------------------------------------*/
#if defined(__GNUC__) && defined(__alpha__) && !defined(HAVE_TICK_COUNTER)
/*
@@ -441,6 +461,22 @@ INLINE_ELAPSED(__inline__)
#define HAVE_TICK_COUNTER
#endif
+/*----------------------------------------------------------------*/
+#if (defined(__DECC) || defined(__DECCXX)) && defined(__sw_64) && defined(HAVE_C_ASM_H) && !defined(HAVE_TICK_COUNTER)
+# include <c_asm.h>
+typedef unsigned int CycleCounterTicks;
+
+static __inline CycleCounterTicks getticks(void)
+{
+ unsigned long cc;
+ cc = asm("rtc %v0");
+ return (cc & 0xFFFFFFFF);
+}
+
+INLINE_ELAPSED(__inline)
+
+#define HAVE_TICK_COUNTER
+#endif
/*----------------------------------------------------------------*/
#if (defined(__DECC) || defined(__DECCXX)) && defined(__alpha) && defined(HAVE_C_ASM_H) && !defined(HAVE_TICK_COUNTER)
# include <c_asm.h>
--
2.33.0

13
qt5-qtbase-cxxflag.patch Normal file
View File

@ -0,0 +1,13 @@
diff --git a/mkspecs/common/gcc-base.conf b/mkspecs/common/gcc-base.conf
index e7e6ee1..ff2a939 100644
--- a/mkspecs/common/gcc-base.conf
+++ b/mkspecs/common/gcc-base.conf
@@ -32,7 +32,7 @@
#
QMAKE_CFLAGS_OPTIMIZE = -O2
-QMAKE_CFLAGS_OPTIMIZE_FULL = -O3
+QMAKE_CFLAGS_OPTIMIZE_FULL = -O2
QMAKE_CFLAGS_OPTIMIZE_DEBUG = -Og
QMAKE_CFLAGS_OPTIMIZE_SIZE = -Os

171
qt5-qtbase-gcc11.patch Normal file
View File

@ -0,0 +1,171 @@
diff --git a/src/corelib/codecs/qtextcodec.cpp b/src/corelib/codecs/qtextcodec.cpp
index 06fd88da..dbff3239 100644
--- a/src/corelib/codecs/qtextcodec.cpp
+++ b/src/corelib/codecs/qtextcodec.cpp
@@ -38,6 +38,7 @@
**
****************************************************************************/
+#include <limits>
#include "qplatformdefs.h"
#include "qtextcodec.h"
diff --git a/src/corelib/codecs/qutfcodec.cpp b/src/corelib/codecs/qutfcodec.cpp
index 8561f908..8128d3cf 100644
--- a/src/corelib/codecs/qutfcodec.cpp
+++ b/src/corelib/codecs/qutfcodec.cpp
@@ -38,6 +38,8 @@
**
****************************************************************************/
+#include <limits>
+
#include "qutfcodec_p.h"
#include "qlist.h"
#include "qendian.h"
diff --git a/src/corelib/global/qendian.cpp b/src/corelib/global/qendian.cpp
index eb08b2f8..6b41b3dd 100644
--- a/src/corelib/global/qendian.cpp
+++ b/src/corelib/global/qendian.cpp
@@ -38,6 +38,7 @@
**
****************************************************************************/
+#include <limits>
#include "qendian.h"
#include "qalgorithms.h"
diff --git a/src/corelib/global/qfloat16.cpp b/src/corelib/global/qfloat16.cpp
index c9733174..c62a1972 100644
--- a/src/corelib/global/qfloat16.cpp
+++ b/src/corelib/global/qfloat16.cpp
@@ -38,6 +38,7 @@
**
****************************************************************************/
+#include <limits>
#include "qfloat16.h"
#include "private/qsimd_p.h"
#include <cmath> // for fpclassify()'s return values
diff --git a/src/corelib/global/qrandom.cpp b/src/corelib/global/qrandom.cpp
index 10672c1f..6d5fd63e 100644
--- a/src/corelib/global/qrandom.cpp
+++ b/src/corelib/global/qrandom.cpp
@@ -40,6 +40,7 @@
// for rand_s
#define _CRT_RAND_S
+#include <limits>
#include "qrandom.h"
#include "qrandom_p.h"
#include <qobjectdefs.h>
diff --git a/src/corelib/plugin/qelfparser_p.cpp b/src/corelib/plugin/qelfparser_p.cpp
index 13eee353..9e7a7a41 100644
--- a/src/corelib/plugin/qelfparser_p.cpp
+++ b/src/corelib/plugin/qelfparser_p.cpp
@@ -37,6 +37,7 @@
**
****************************************************************************/
+#include <limits>
#include "qelfparser_p.h"
#if defined (Q_OF_ELF) && defined(Q_CC_GNU)
diff --git a/src/corelib/plugin/qmachparser.cpp b/src/corelib/plugin/qmachparser.cpp
index 11670caf..39f5596b 100644
--- a/src/corelib/plugin/qmachparser.cpp
+++ b/src/corelib/plugin/qmachparser.cpp
@@ -37,6 +37,8 @@
**
****************************************************************************/
+#include <limits>
+
#include "qmachparser_p.h"
#if defined(Q_OF_MACH_O)
diff --git a/src/corelib/plugin/quuid.cpp b/src/corelib/plugin/quuid.cpp
index 83873edf..5aafb4e5 100644
--- a/src/corelib/plugin/quuid.cpp
+++ b/src/corelib/plugin/quuid.cpp
@@ -38,6 +38,7 @@
**
****************************************************************************/
+#include <limits>
#include "quuid.h"
#include "qcryptographichash.h"
diff --git a/src/corelib/serialization/qdatastream.cpp b/src/corelib/serialization/qdatastream.cpp
index 5082a8cb..7eecfcca 100644
--- a/src/corelib/serialization/qdatastream.cpp
+++ b/src/corelib/serialization/qdatastream.cpp
@@ -40,6 +40,8 @@
#include "qdatastream.h"
#include "qdatastream_p.h"
+#include <limits>
+
#if !defined(QT_NO_DATASTREAM) || defined(QT_BOOTSTRAPPED)
#include "qbuffer.h"
#include "qfloat16.h"
diff --git a/src/corelib/text/qbytearray.cpp b/src/corelib/text/qbytearray.cpp
index 9a72df58..6651ee98 100644
--- a/src/corelib/text/qbytearray.cpp
+++ b/src/corelib/text/qbytearray.cpp
@@ -39,6 +39,7 @@
**
****************************************************************************/
+#include <limits>
#include "qbytearray.h"
#include "qbytearraymatcher.h"
#include "private/qtools_p.h"
diff --git a/src/corelib/text/qbytearraymatcher.cpp b/src/corelib/text/qbytearraymatcher.cpp
index 72e09226..80511cb5 100644
--- a/src/corelib/text/qbytearraymatcher.cpp
+++ b/src/corelib/text/qbytearraymatcher.cpp
@@ -37,6 +37,7 @@
**
****************************************************************************/
+#include <limits>
#include "qbytearraymatcher.h"
#include <limits.h>
diff --git a/src/corelib/tools/qbitarray.cpp b/src/corelib/tools/qbitarray.cpp
index ab3054d5..22efb3a0 100644
--- a/src/corelib/tools/qbitarray.cpp
+++ b/src/corelib/tools/qbitarray.cpp
@@ -38,6 +38,7 @@
**
****************************************************************************/
+#include <limits>
#include "qbitarray.h"
#include <qalgorithms.h>
#include <qdatastream.h>
diff --git a/src/corelib/tools/qcryptographichash.cpp b/src/corelib/tools/qcryptographichash.cpp
index fa8d21e0..cd85956d 100644
--- a/src/corelib/tools/qcryptographichash.cpp
+++ b/src/corelib/tools/qcryptographichash.cpp
@@ -38,6 +38,7 @@
**
****************************************************************************/
+#include <limits>
#include <qcryptographichash.h>
#include <qiodevice.h>
diff --git a/src/gui/text/qfontengine_qpf2.cpp b/src/gui/text/qfontengine_qpf2.cpp
index e00f9d05..917ab5f9 100644
--- a/src/gui/text/qfontengine_qpf2.cpp
+++ b/src/gui/text/qfontengine_qpf2.cpp
@@ -37,6 +37,7 @@
**
****************************************************************************/
+#include <limits>
#include "qfontengine_qpf2_p.h"
#include <QtCore/QFile>

1082
qt5-qtbase.spec Normal file
View File

File diff suppressed because it is too large Load Diff

4
qt5-qtbase.yaml Normal file
View File

@ -0,0 +1,4 @@
version_control: git
src_repo: https://code.qt.io/qt/qtbase.git
tag_prefix: "^v"
seperator: "."

11
qtbase-QTBUG-89977.patch Normal file
View File

@ -0,0 +1,11 @@
diff -up qtbase-everywhere-src-5.15.2/src/corelib/text/qbytearray.h.foo qtbase-everywhere-src-5.15.2/src/corelib/text/qbytearray.h
--- qtbase-everywhere-src-5.15.2/src/corelib/text/qbytearray.h.foo 2020-10-27 03:02:11.000000000 -0500
+++ qtbase-everywhere-src-5.15.2/src/corelib/text/qbytearray.h 2021-02-06 17:05:04.879201352 -0600
@@ -51,6 +49,7 @@
#include <string>
#include <iterator>
+#include <limits>
#ifdef truncate
#error qbytearray.h must be included before any header file that defines truncate

23
qtbase-QTBUG-90395.patch Normal file
View File

@ -0,0 +1,23 @@
diff -up qtbase-everywhere-src-5.15.2/src/corelib/global/qendian.h.QTBUG-90395 qtbase-everywhere-src-5.15.2/src/corelib/global/qendian.h
--- qtbase-everywhere-src-5.15.2/src/corelib/global/qendian.h.QTBUG-90395 2020-10-27 03:02:11.000000000 -0500
+++ qtbase-everywhere-src-5.15.2/src/corelib/global/qendian.h 2021-02-06 16:36:27.072105717 -0600
@@ -44,6 +44,8 @@
#include <QtCore/qfloat16.h>
#include <QtCore/qglobal.h>
+#include <limits>
+
// include stdlib.h and hope that it defines __GLIBC__ for glibc-based systems
#include <stdlib.h>
#include <string.h>
diff -up qtbase-everywhere-src-5.15.2/src/corelib/global/qfloat16.h.QTBUG-90395 qtbase-everywhere-src-5.15.2/src/corelib/global/qfloat16.h
--- qtbase-everywhere-src-5.15.2/src/corelib/global/qfloat16.h.QTBUG-90395 2021-02-06 16:36:27.074105730 -0600
+++ qtbase-everywhere-src-5.15.2/src/corelib/global/qfloat16.h 2021-02-06 16:37:19.212440114 -0600
@@ -43,6 +43,7 @@
#include <QtCore/qglobal.h>
#include <QtCore/qmetatype.h>
+#include <limits>
#include <string.h>
#if defined(QT_COMPILER_SUPPORTS_F16C) && defined(__AVX2__) && !defined(__F16C__)

31
qtbase-QTBUG-91909.patch Normal file
View File

@ -0,0 +1,31 @@
From 659f7a06e91c04b239e3f4c0bcfccbe3581af1c3 Mon Sep 17 00:00:00 2001
From: Sona Kurazyan <sona.kurazyan@qt.io>
Date: Wed, 17 Mar 2021 16:04:00 +0100
Subject: [PATCH] Remove the unnecessary template parameter from the class specialization
This seems to cause errors when compiling with gcc-11. Although this is
most likely a compiler bug, specifiying the template parameter type in
this case isn't necessary.
Fixes: QTBUG-91909
Fixes: QTBUG-90568
Pick-to: 6.0 6.1 5.15
Change-Id: Ib231257ccb2e16cc533f23ca5840d31e26a66d53
Reviewed-by: Mårten Nordheim <marten.nordheim@qt.io>
---
diff --git a/src/concurrent/qtconcurrentthreadengine.h b/src/concurrent/qtconcurrentthreadengine.h
index cbd8ad04..4cd5b85 100644
--- a/src/concurrent/qtconcurrentthreadengine.h
+++ b/src/concurrent/qtconcurrentthreadengine.h
@@ -256,8 +256,8 @@
class ThreadEngineStarter<void> : public ThreadEngineStarterBase<void>
{
public:
- ThreadEngineStarter<void>(ThreadEngine<void> *_threadEngine)
- :ThreadEngineStarterBase<void>(_threadEngine) {}
+ ThreadEngineStarter(ThreadEngine<void> *_threadEngine)
+ : ThreadEngineStarterBase<void>(_threadEngine) {}
void startBlocking()
{

9
qtbase-everywhere-src-5.11.1-python3.patch Normal file
View File

@ -0,0 +1,9 @@
diff -up qtbase-everywhere-src-5.11.1/mkspecs/features/uikit/devices.py.me qtbase-everywhere-src-5.11.1/mkspecs/features/uikit/devices.py
--- qtbase-everywhere-src-5.11.1/mkspecs/features/uikit/devices.py.me 2018-06-23 11:29:21.750066271 +0200
+++ qtbase-everywhere-src-5.11.1/mkspecs/features/uikit/devices.py 2018-06-23 11:30:07.457292033 +0200
@@ -1,4 +1,4 @@
-#!/usr/bin/python
+#!/usr/bin/python3
#############################################################################
##

14
qtbase-everywhere-src-5.12.1-qt5gui_cmake_isystem_includes.patch Normal file
View File

@ -0,0 +1,14 @@
diff -up qtbase-everywhere-src-5.12.1/src/gui/Qt5GuiConfigExtras.cmake.in.foo qtbase-everywhere-src-5.12.1/src/gui/Qt5GuiConfigExtras.cmake.in
--- qtbase-everywhere-src-5.12.1/src/gui/Qt5GuiConfigExtras.cmake.in.foo 2019-04-30 15:18:24.886346423 -0500
+++ qtbase-everywhere-src-5.12.1/src/gui/Qt5GuiConfigExtras.cmake.in 2019-04-30 15:19:48.303873296 -0500
@@ -66,8 +66,10 @@ unset(_GL_INCDIRS)
# Don\'t check for existence of the "_qt5gui_OPENGL_INCLUDE_DIR" because it is
# optional.
+if (NOT ${_qt5gui_OPENGL_INCLUDE_DIR} STREQUAL "/usr/include")
list(APPEND Qt5Gui_INCLUDE_DIRS ${_qt5gui_OPENGL_INCLUDE_DIR})
set_property(TARGET Qt5::Gui APPEND PROPERTY INTERFACE_INCLUDE_DIRECTORIES ${_qt5gui_OPENGL_INCLUDE_DIR})
+endif()
unset(_qt5gui_OPENGL_INCLUDE_DIR CACHE)

16
qtbase-everywhere-src-5.14.2-no_relocatable.patch Normal file
View File

@ -0,0 +1,16 @@
diff -up qtbase-everywhere-src-5.14.2/src/corelib/global/qlibraryinfo.cpp.no_relocatable qtbase-everywhere-src-5.14.2/src/corelib/global/qlibraryinfo.cpp
--- qtbase-everywhere-src-5.14.2/src/corelib/global/qlibraryinfo.cpp.no_relocatable 2020-03-27 04:49:31.000000000 -0500
+++ qtbase-everywhere-src-5.14.2/src/corelib/global/qlibraryinfo.cpp 2020-04-13 15:13:44.075705226 -0500
@@ -671,8 +671,11 @@ static QString getPrefix(
# if QT_CONFIGURE_CROSSBUILD
if (group == QLibraryInfo::DevicePaths)
return QString::fromLocal8Bit(QT_CONFIGURE_PREFIX_PATH);
-# endif
+# elif 0 //QT_CONFIG(relocatable)
return getExtPrefixFromHostBinDir();
+# else
+ return QString::fromLocal8Bit(QT_CONFIGURE_PREFIX_PATH);
+# endif
#elif QT_CONFIG(relocatable)
return getRelocatablePrefix();
#else

BIN
qtbase-everywhere-src-5.15.2.tar.xz Normal file
View File

Binary file not shown.

15
qtbase-opensource-src-5.7.1-moc_macros.patch Normal file
View File

@ -0,0 +1,15 @@
diff -up qtbase-opensource-src-5.7.1/src/tools/moc/main.cpp.moc_WORDSIZE qtbase-opensource-src-5.7.1/src/tools/moc/main.cpp
--- qtbase-opensource-src-5.7.1/src/tools/moc/main.cpp.moc_WORDSIZE 2016-12-01 02:17:04.000000000 -0600
+++ qtbase-opensource-src-5.7.1/src/tools/moc/main.cpp 2016-12-08 12:37:28.931589338 -0600
@@ -179,6 +179,11 @@ int runMoc(int argc, char **argv)
Moc moc;
pp.macros["Q_MOC_RUN"];
pp.macros["__cplusplus"];
+ pp.macros["_SYS_SYSMACROS_H_OUTER"];
+ Macro macro;
+ macro.symbols = Preprocessor::tokenize(QByteArray::number(Q_PROCESSOR_WORDSIZE*8), 1, Preprocessor::TokenizeDefine);
+ macro.symbols.removeLast(); // remove the EOF symbol
+ pp.macros.insert("__WORDSIZE", macro);
// Don't stumble over GCC extensions
Macro dummyVariadicFunctionMacro;

11
qtbase-opensource-src-5.8.0-QT_VERSION_CHECK.patch Normal file
View File

@ -0,0 +1,11 @@
--- qtbase-opensource-src-5.8.0/src/corelib/global/qglobal.h.orig 2017-01-26 10:45:40.905010896 +0100
+++ qtbase-opensource-src-5.8.0/src/corelib/global/qglobal.h 2017-01-26 10:46:50.299858887 +0100
@@ -55,7 +55,7 @@
/*
can be used like #if (QT_VERSION >= QT_VERSION_CHECK(4, 4, 0))
*/
-#define QT_VERSION_CHECK(major, minor, patch) ((major<<16)|(minor<<8)|(patch))
+#define QT_VERSION_CHECK(qt_version_check_major, qt_version_check_minor, qt_version_check_patch) ((qt_version_check_major<<16)|(qt_version_check_minor<<8)|(qt_version_check_patch))
#ifdef QT_BOOTSTRAPPED
#include <QtCore/qconfig-bootstrapped.h>

12
qtbase-opensource-src-5.9.0-mysql.patch Normal file
View File

@ -0,0 +1,12 @@
diff -up qtbase-opensource-src-5.9.0/src/plugins/sqldrivers/mysql/qsql_mysql.cpp.than qtbase-opensource-src-5.9.0/src/plugins/sqldrivers/mysql/qsql_mysql.cpp
diff -up qtbase-opensource-src-5.9.0/src/plugins/sqldrivers/mysql/qsql_mysql_p.h.than qtbase-opensource-src-5.9.0/src/plugins/sqldrivers/mysql/qsql_mysql_p.h
--- qtbase-opensource-src-5.9.0/src/plugins/sqldrivers/mysql/qsql_mysql_p.h.than 2017-07-14 13:43:50.831203768 +0200
+++ qtbase-opensource-src-5.9.0/src/plugins/sqldrivers/mysql/qsql_mysql_p.h 2017-07-14 13:44:24.364948006 +0200
@@ -58,6 +58,7 @@
#endif
#include <mysql.h>
+#include <mysql_version.h>
#ifdef QT_PLUGIN
#define Q_EXPORT_SQLDRIVER_MYSQL

12
qtbase-qmake_LFLAGS.patch Normal file
View File

@ -0,0 +1,12 @@
diff -up qtbase-everywhere-src-5.10.1/qmake/Makefile.unix.qmake_LFLAGS qtbase-everywhere-src-5.10.1/qmake/Makefile.unix
--- qtbase-everywhere-src-5.10.1/qmake/Makefile.unix.qmake_LFLAGS 2018-02-08 12:24:48.000000000 -0600
+++ qtbase-everywhere-src-5.10.1/qmake/Makefile.unix 2018-02-15 10:25:07.077763061 -0600
@@ -142,7 +142,7 @@ CPPFLAGS = -g $(EXTRA_CPPFLAGS) \
-DQT_NO_FOREACH
CXXFLAGS = $(EXTRA_CXXFLAGS) $(CONFIG_CXXFLAGS) $(CPPFLAGS)
-LFLAGS = $(EXTRA_LFLAGS) $(CONFIG_LFLAGS)
+LFLAGS = $(EXTRA_LFLAGS) $(CONFIG_LFLAGS) $(QMAKE_LFLAGS_RELEASE)
first all: $(BUILD_PATH)/bin/qmake$(EXEEXT)
qmake: $(BUILD_PATH)/bin/qmake$(EXEEXT)

20
qtbase-use-wayland-on-gnome.patch Normal file
View File

@ -0,0 +1,20 @@
diff --git a/src/gui/kernel/qguiapplication.cpp b/src/gui/kernel/qguiapplication.cpp
index b8bfad4f16..676fdfad5e 100644
--- a/src/gui/kernel/qguiapplication.cpp
+++ b/src/gui/kernel/qguiapplication.cpp
@@ -1376,14 +1376,7 @@ void QGuiApplicationPrivate::createPlatformIntegration()
if (sessionType == QByteArrayLiteral("x11") && !platformName.contains(QByteArrayLiteral("xcb"))) {
platformName = QByteArrayLiteral("xcb");
} else if (sessionType == QByteArrayLiteral("wayland") && !platformName.contains(QByteArrayLiteral("wayland"))) {
- QByteArray currentDesktop = qgetenv("XDG_CURRENT_DESKTOP").toLower();
- QByteArray sessionDesktop = qgetenv("XDG_SESSION_DESKTOP").toLower();
- if (currentDesktop.contains("gnome") || sessionDesktop.contains("gnome")) {
- qInfo() << "Warning: Ignoring XDG_SESSION_TYPE=wayland on Gnome."
- << "Use QT_QPA_PLATFORM=wayland to run on Wayland anyway.";
- } else {
- platformName = QByteArrayLiteral("wayland");
- }
+ platformName = QByteArrayLiteral("wayland");
}
}
#ifdef QT_QPA_DEFAULT_PLATFORM_NAME

26
qtbase5.15-CVE-2023-34410.patch Normal file
View File

@ -0,0 +1,26 @@
diff --git a/src/network/ssl/qsslsocket.cpp b/src/network/ssl/qsslsocket.cpp
index fbeb9de1..6d1cdd1d 100644
--- a/src/network/ssl/qsslsocket.cpp
+++ b/src/network/ssl/qsslsocket.cpp
@@ -2221,6 +2221,10 @@ QSslSocketPrivate::QSslSocketPrivate()
, flushTriggered(false)
{
QSslConfigurationPrivate::deepCopyDefaultConfiguration(&configuration);
+ // If the global configuration doesn't allow root certificates to be loaded
+ // on demand then we have to disable it for this socket as well.
+ if (!configuration.allowRootCertOnDemandLoading)
+ allowRootCertOnDemandLoading = false;
}
/*!
@@ -2470,6 +2474,7 @@ void QSslConfigurationPrivate::deepCopyDefaultConfiguration(QSslConfigurationPri
ptr->sessionProtocol = global->sessionProtocol;
ptr->ciphers = global->ciphers;
ptr->caCertificates = global->caCertificates;
+ ptr->allowRootCertOnDemandLoading = global->allowRootCertOnDemandLoading;
ptr->protocol = global->protocol;
ptr->peerVerifyMode = global->peerVerifyMode;
ptr->peerVerifyDepth = global->peerVerifyDepth;
--
2.27.0

37
qtbase5.15-CVE-2023-51714.patch Normal file
View File

@ -0,0 +1,37 @@
From 061cbe5796a9ff1e998bd5753bb5b44e4481df11 Mon Sep 17 00:00:00 2001
From: peijiankang <peijiankang@kylinos.cn>
Date: Wed, 31 Jan 2024 13:38:10 +0800
Subject: [PATCH] qtbase5.15-CVE-2023-51714
---
src/network/access/http2/hpacktable.cpp | 7 +++++--
1 file changed, 5 insertions(+), 2 deletions(-)
diff --git a/src/network/access/http2/hpacktable.cpp b/src/network/access/http2/hpacktable.cpp
index fddb5fec..315f3e23 100644
--- a/src/network/access/http2/hpacktable.cpp
+++ b/src/network/access/http2/hpacktable.cpp
@@ -40,6 +40,7 @@
#include "hpacktable_p.h"
#include <QtCore/qdebug.h>
+#include <QtCore/private/qnumeric_p.h>
#include <algorithm>
#include <cstddef>
@@ -62,8 +63,10 @@ HeaderSize entry_size(const QByteArray &name, const QByteArray &value)
// for counting the number of references to the name and value would have
// 32 octets of overhead."
- const unsigned sum = unsigned(name.size() + value.size());
- if (std::numeric_limits<unsigned>::max() - 32 < sum)
+ size_t sum;
+ if (add_overflow(size_t(name.size()), size_t(value.size()), &sum))
+ return HeaderSize();
+ if (sum > (std::numeric_limits<unsigned>::max() - 32))
return HeaderSize();
return HeaderSize(true, quint32(sum + 32));
}
--
2.41.0

374
qtbase5.15.2-CVE-2023-38197.patch Normal file
View File

@ -0,0 +1,374 @@
From 4fb3cf1ad0efe261a7a6fb0b36224baccc407143 Mon Sep 17 00:00:00 2001
From: hua_yadong <huayadong@kylinos.cn>
Date: Fri, 24 Nov 2023 14:23:58 +0800
Subject: [PATCH] qtbase5.15.2-CVE-2023-38197
---
src/corelib/serialization/qxmlstream.cpp | 140 +++++++++++++++++-
src/corelib/serialization/qxmlstream_p.h | 11 ++
.../qxmlstream/tokenError/dtdInBody.xml | 21 +++
.../qxmlstream/tokenError/multipleDtd.xml | 21 +++
.../qxmlstream/tokenError/wellFormed.xml | 16 ++
.../qxmlstream/tst_qxmlstream.cpp | 39 +++++
6 files changed, 240 insertions(+), 8 deletions(-)
create mode 100644 tests/auto/corelib/serialization/qxmlstream/tokenError/dtdInBody.xml
create mode 100644 tests/auto/corelib/serialization/qxmlstream/tokenError/multipleDtd.xml
create mode 100644 tests/auto/corelib/serialization/qxmlstream/tokenError/wellFormed.xml
diff --git a/src/corelib/serialization/qxmlstream.cpp b/src/corelib/serialization/qxmlstream.cpp
index 6c98e7c0..3172239e 100644
--- a/src/corelib/serialization/qxmlstream.cpp
+++ b/src/corelib/serialization/qxmlstream.cpp
@@ -43,6 +43,7 @@
#include "qxmlutils_p.h"
#include <qdebug.h>
+#include <QtCore/private/qoffsetstringarray_p.h>
#include <qfile.h>
#include <stdio.h>
#if QT_CONFIG(textcodec)
@@ -160,7 +161,7 @@ enum { StreamEOF = ~0U };
addData() or by waiting for it to arrive on the device().
\value UnexpectedElementError The parser encountered an element
- that was different to those it expected.
+ or token that was different to those it expected.
*/
@@ -295,13 +296,34 @@ QXmlStreamEntityResolver *QXmlStreamReader::entityResolver() const
QXmlStreamReader is a well-formed XML 1.0 parser that does \e not
include external parsed entities. As long as no error occurs, the
- application code can thus be assured that the data provided by the
- stream reader satisfies the W3C's criteria for well-formed XML. For
- example, you can be certain that all tags are indeed nested and
- closed properly, that references to internal entities have been
- replaced with the correct replacement text, and that attributes have
- been normalized or added according to the internal subset of the
- DTD.
+ application code can thus be assured, that
+ \list
+ \li the data provided by the stream reader satisfies the W3C's
+ criteria for well-formed XML,
+ \li tokens are provided in a valid order.
+ \endlist
+
+ Unless QXmlStreamReader raises an error, it guarantees the following:
+ \list
+ \li All tags are nested and closed properly.
+ \li References to internal entities have been replaced with the
+ correct replacement text.
+ \li Attributes have been normalized or added according to the
+ internal subset of the \l DTD.
+ \li Tokens of type \l StartDocument happen before all others,
+ aside from comments and processing instructions.
+ \li At most one DOCTYPE element (a token of type \l DTD) is present.
+ \li If present, the DOCTYPE appears before all other elements,
+ aside from StartDocument, comments and processing instructions.
+ \endlist
+
+ In particular, once any token of type \l StartElement, \l EndElement,
+ \l Characters, \l EntityReference or \l EndDocument is seen, no
+ tokens of type StartDocument or DTD will be seen. If one is present in
+ the input stream, out of order, an error is raised.
+
+ \note The token types \l Comment and \l ProcessingInstruction may appear
+ anywhere in the stream.
If an error occurs while parsing, atEnd() and hasError() return
true, and error() returns the error that occurred. The functions
@@ -620,6 +642,7 @@ QXmlStreamReader::TokenType QXmlStreamReader::readNext()
d->token = -1;
return readNext();
}
+ d->checkToken();
return d->type;
}
@@ -739,6 +762,10 @@ static const short QXmlStreamReader_tokenTypeString_indices[] = {
0, 8, 16, 30, 42, 55, 66, 77, 85, 89, 105, 0
};
+static constexpr auto QXmlStreamReader_XmlContextString = qOffsetStringArray(
+ "Prolog",
+ "Body"
+);
/*!
\property QXmlStreamReader::namespaceProcessing
@@ -775,6 +802,15 @@ QString QXmlStreamReader::tokenString() const
QXmlStreamReader_tokenTypeString_indices[d->type]);
}
+/*!
+ \internal
+ \return \param loc (Prolog/Body) as a string.
+ */
+static constexpr QLatin1String contextString(QXmlStreamReaderPrivate::XmlContext ctxt)
+{
+ return QLatin1String(QXmlStreamReader_XmlContextString.at(static_cast<int>(ctxt)));
+}
+
#endif // QT_NO_XMLSTREAMREADER
QXmlStreamPrivateTagStack::QXmlStreamPrivateTagStack()
@@ -866,6 +902,8 @@ void QXmlStreamReaderPrivate::init()
type = QXmlStreamReader::NoToken;
error = QXmlStreamReader::NoError;
+ currentContext = XmlContext::Prolog;
+ foundDTD = false;
}
/*
@@ -4061,6 +4099,92 @@ void QXmlStreamWriter::writeCurrentToken(const QXmlStreamReader &reader)
}
}
+static bool isTokenAllowedInContext(QXmlStreamReader::TokenType type,
+ QXmlStreamReaderPrivate::XmlContext loc)
+{
+ switch (type) {
+ case QXmlStreamReader::StartDocument:
+ case QXmlStreamReader::DTD:
+ return loc == QXmlStreamReaderPrivate::XmlContext::Prolog;
+
+ case QXmlStreamReader::StartElement:
+ case QXmlStreamReader::EndElement:
+ case QXmlStreamReader::Characters:
+ case QXmlStreamReader::EntityReference:
+ case QXmlStreamReader::EndDocument:
+ return loc == QXmlStreamReaderPrivate::XmlContext::Body;
+
+ case QXmlStreamReader::Comment:
+ case QXmlStreamReader::ProcessingInstruction:
+ return true;
+
+ case QXmlStreamReader::NoToken:
+ case QXmlStreamReader::Invalid:
+ return false;
+ }
+
+ return false;
+}
+
+/*!
+ \internal
+ \brief QXmlStreamReader::isValidToken
+ \return \c true if \param type is a valid token type.
+ \return \c false if \param type is an unexpected token,
+ which indicates a non-well-formed or invalid XML stream.
+ */
+bool QXmlStreamReaderPrivate::isValidToken(QXmlStreamReader::TokenType type)
+{
+ // Don't change currentContext, if Invalid or NoToken occur in the prolog
+ if (type == QXmlStreamReader::Invalid || type == QXmlStreamReader::NoToken)
+ return false;
+
+ // If a token type gets rejected in the body, there is no recovery
+ const bool result = isTokenAllowedInContext(type, currentContext);
+ if (result || currentContext == XmlContext::Body)
+ return result;
+
+ // First non-Prolog token observed => switch context to body and check again.
+ currentContext = XmlContext::Body;
+ return isTokenAllowedInContext(type, currentContext);
+}
+
+/*!
+ \internal
+ Checks token type and raises an error, if it is invalid
+ in the current context (prolog/body).
+ */
+void QXmlStreamReaderPrivate::checkToken()
+{
+ Q_Q(QXmlStreamReader);
+
+ // The token type must be consumed, to keep track if the body has been reached.
+ const XmlContext context = currentContext;
+ const bool ok = isValidToken(type);
+
+ // Do nothing if an error has been raised already (going along with an unexpected token)
+ if (error != QXmlStreamReader::Error::NoError)
+ return;
+
+ if (!ok) {
+ raiseError(QXmlStreamReader::UnexpectedElementError,
+ QStringLiteral("Unexpected token type %1 in %2.")
+ .arg(q->tokenString(), contextString(context)));
+ return;
+ }
+
+ if (type != QXmlStreamReader::DTD)
+ return;
+
+ // Raise error on multiple DTD tokens
+ if (foundDTD) {
+ raiseError(QXmlStreamReader::UnexpectedElementError,
+ QStringLiteral("Found second DTD token in %1.").arg(contextString(context)));
+ } else {
+ foundDTD = true;
+ }
+}
+
/*!
\fn bool QXmlStreamAttributes::hasAttribute(const QString &qualifiedName) const
\since 4.5
diff --git a/src/corelib/serialization/qxmlstream_p.h b/src/corelib/serialization/qxmlstream_p.h
index 80e7f740..6db58386 100644
--- a/src/corelib/serialization/qxmlstream_p.h
+++ b/src/corelib/serialization/qxmlstream_p.h
@@ -804,6 +804,17 @@ public:
#endif
bool atEnd;
+ enum class XmlContext
+ {
+ Prolog,
+ Body,
+ };
+
+ XmlContext currentContext = XmlContext::Prolog;
+ bool foundDTD = false;
+ bool isValidToken(QXmlStreamReader::TokenType type);
+ void checkToken();
+
/*!
\sa setType()
*/
diff --git a/tests/auto/corelib/serialization/qxmlstream/tokenError/dtdInBody.xml b/tests/auto/corelib/serialization/qxmlstream/tokenError/dtdInBody.xml
new file mode 100644
index 00000000..68ef2962
--- /dev/null
+++ b/tests/auto/corelib/serialization/qxmlstream/tokenError/dtdInBody.xml
@@ -0,0 +1,21 @@
+<!DOCTYPE TEST [
+ <!ELEMENT TESTATTRIBUTE (CASE+)>
+ <!ELEMENT CASE (CLASS, FUNCTION)>
+ <!ELEMENT CLASS (#PCDATA)>
+
+ <!-- adding random ENTITY statement, as this is typical DTD content -->
+ <!ENTITY unite "&#x222a;">
+
+ <!ATTLIST CASE CLASS CDATA #REQUIRED>
+]>
+<TEST>
+ <CASE>
+ <CLASS>tst_QXmlStream</CLASS>
+ </CASE>
+ <!-- invalid DTD in XML body follows -->
+ <!DOCTYPE DTDTEST [
+ <!ELEMENT RESULT (CASE+)>
+ <!ATTLIST RESULT OUTPUT CDATA #REQUIRED>
+ ]>
+</TEST>
+
diff --git a/tests/auto/corelib/serialization/qxmlstream/tokenError/multipleDtd.xml b/tests/auto/corelib/serialization/qxmlstream/tokenError/multipleDtd.xml
new file mode 100644
index 00000000..1dbe75c4
--- /dev/null
+++ b/tests/auto/corelib/serialization/qxmlstream/tokenError/multipleDtd.xml
@@ -0,0 +1,21 @@
+<!DOCTYPE TEST [
+ <!ELEMENT TESTATTRIBUTE (CASE+)>
+ <!ELEMENT CASE (CLASS, FUNCTION, DATASET, COMMENTS)>
+ <!ELEMENT CLASS (#PCDATA)>
+
+ <!-- adding random ENTITY statements, as this is typical DTD content -->
+ <!ENTITY iff "&hArr;">
+
+ <!ATTLIST CASE CLASS CDATA #REQUIRED>
+]>
+<!-- invalid second DTD follows -->
+<!DOCTYPE SECOND [
+ <!ELEMENT SECONDATTRIBUTE (#PCDATA)>
+ <!ENTITY on "&#8728;">
+]>
+<TEST>
+ <CASE>
+ <CLASS>tst_QXmlStream</CLASS>
+ </CASE>
+</TEST>
+
diff --git a/tests/auto/corelib/serialization/qxmlstream/tokenError/wellFormed.xml b/tests/auto/corelib/serialization/qxmlstream/tokenError/wellFormed.xml
new file mode 100644
index 00000000..9dfbc0f9
--- /dev/null
+++ b/tests/auto/corelib/serialization/qxmlstream/tokenError/wellFormed.xml
@@ -0,0 +1,16 @@
+<!DOCTYPE TEST [
+ <!ELEMENT TESTATTRIBUTE (CASE+)>
+ <!ELEMENT CASE (CLASS, FUNCTION, DATASET, COMMENTS)>
+ <!ELEMENT CLASS (#PCDATA)>
+
+ <!-- adding random ENTITY statements, as this is typical DTD content -->
+ <!ENTITY unite "&#x222a;">
+
+ <!ATTLIST CASE CLASS CDATA #REQUIRED>
+]>
+<TEST>
+ <CASE>
+ <CLASS>tst_QXmlStream</CLASS>
+ </CASE>
+</TEST>
+
diff --git a/tests/auto/corelib/serialization/qxmlstream/tst_qxmlstream.cpp b/tests/auto/corelib/serialization/qxmlstream/tst_qxmlstream.cpp
index 28922574..abbdc9fc 100644
--- a/tests/auto/corelib/serialization/qxmlstream/tst_qxmlstream.cpp
+++ b/tests/auto/corelib/serialization/qxmlstream/tst_qxmlstream.cpp
@@ -583,6 +583,9 @@ private slots:
void entityExpansionLimit() const;
+ void tokenErrorHandling_data() const;
+ void tokenErrorHandling() const;
+
private:
static QByteArray readFile(const QString &filename);
@@ -1812,5 +1815,41 @@ void tst_QXmlStream::roundTrip() const
QCOMPARE(out, in);
}
+void tst_QXmlStream::tokenErrorHandling_data() const
+{
+ QTest::addColumn<QString>("fileName");
+ QTest::addColumn<QXmlStreamReader::Error>("expectedError");
+ QTest::addColumn<QString>("errorKeyWord");
+
+ constexpr auto invalid = QXmlStreamReader::Error::UnexpectedElementError;
+ constexpr auto valid = QXmlStreamReader::Error::NoError;
+ QTest::newRow("DtdInBody") << "dtdInBody.xml" << invalid << "DTD";
+ QTest::newRow("multipleDTD") << "multipleDtd.xml" << invalid << "second DTD";
+ QTest::newRow("wellFormed") << "wellFormed.xml" << valid << "";
+}
+
+void tst_QXmlStream::tokenErrorHandling() const
+{
+ QFETCH(const QString, fileName);
+ QFETCH(const QXmlStreamReader::Error, expectedError);
+ QFETCH(const QString, errorKeyWord);
+
+ const QDir dir(QFINDTESTDATA("tokenError"));
+ QFile file(dir.absoluteFilePath(fileName));
+
+ // Cross-compiling: File will be on host only
+ if (!file.exists())
+ QSKIP("Testfile not found.");
+
+ file.open(QIODevice::ReadOnly);
+ QXmlStreamReader reader(&file);
+ while (!reader.atEnd())
+ reader.readNext();
+
+ QCOMPARE(reader.error(), expectedError);
+ if (expectedError != QXmlStreamReader::Error::NoError)
+ QVERIFY(reader.errorString().contains(errorKeyWord));
+}
+
#include "tst_qxmlstream.moc"
// vim: et:ts=4:sw=4:sts=4
--
2.41.0

129
qtbase5.15.2-CVE-2023-43114.patch Normal file
View File

@ -0,0 +1,129 @@
From 2cfb68acb1a3f6d9e5dcc14ec210f46208daa21b Mon Sep 17 00:00:00 2001
From: hua_yadong <huayadong@kylinos.cn>
Date: Sat, 25 Nov 2023 11:22:22 +0800
Subject: [PATCH] qtbase5.15.2-CVE-2023-43114
---
.../windows/qwindowsfontdatabase.cpp | 67 ++++++++++++++-----
1 file changed, 51 insertions(+), 16 deletions(-)
diff --git a/src/platformsupport/fontdatabases/windows/qwindowsfontdatabase.cpp b/src/platformsupport/fontdatabases/windows/qwindowsfontdatabase.cpp
index a7345a13..8e7176b6 100644
--- a/src/platformsupport/fontdatabases/windows/qwindowsfontdatabase.cpp
+++ b/src/platformsupport/fontdatabases/windows/qwindowsfontdatabase.cpp
@@ -1469,36 +1469,70 @@ QT_WARNING_POP
return fontEngine;
}
-static QList<quint32> getTrueTypeFontOffsets(const uchar *fontData)
+static QList<quint32> getTrueTypeFontOffsets(const uchar *fontData, const uchar *fileEndSentinel)
{
QList<quint32> offsets;
- const quint32 headerTag = *reinterpret_cast<const quint32 *>(fontData);
+ if (fileEndSentinel - fontData < 12) {
+ qCWarning(lcQpaFonts) << "Corrupted font data detected";
+ return offsets;
+ }
+
+ const quint32 headerTag = qFromUnaligned<quint32>(fontData);
if (headerTag != MAKE_TAG('t', 't', 'c', 'f')) {
if (headerTag != MAKE_TAG(0, 1, 0, 0)
&& headerTag != MAKE_TAG('O', 'T', 'T', 'O')
&& headerTag != MAKE_TAG('t', 'r', 'u', 'e')
- && headerTag != MAKE_TAG('t', 'y', 'p', '1'))
+ && headerTag != MAKE_TAG('t', 'y', 'p', '1')) {
return offsets;
+ }
offsets << 0;
return offsets;
}
+
+ const quint32 maximumNumFonts = 0xffff;
const quint32 numFonts = qFromBigEndian<quint32>(fontData + 8);
- for (uint i = 0; i < numFonts; ++i) {
- offsets << qFromBigEndian<quint32>(fontData + 12 + i * 4);
+ if (numFonts > maximumNumFonts) {
+ qCWarning(lcQpaFonts) << "Font collection of" << numFonts << "fonts is too large. Aborting.";
+ return offsets;
}
+
+ if (quintptr(fileEndSentinel - fontData) > 12 + (numFonts - 1) * 4) {
+ for (quint32 i = 0; i < numFonts; ++i)
+ offsets << qFromBigEndian<quint32>(fontData + 12 + i * 4);
+ } else {
+ qCWarning(lcQpaFonts) << "Corrupted font data detected";
+ }
+
return offsets;
}
-static void getFontTable(const uchar *fileBegin, const uchar *data, quint32 tag, const uchar **table, quint32 *length)
+static void getFontTable(const uchar *fileBegin, const uchar *fileEndSentinel, const uchar *data, quint32 tag, const uchar **table, quint32 *length)
{
- const quint16 numTables = qFromBigEndian<quint16>(data + 4);
- for (uint i = 0; i < numTables; ++i) {
- const quint32 offset = 12 + 16 * i;
- if (*reinterpret_cast<const quint32 *>(data + offset) == tag) {
- *table = fileBegin + qFromBigEndian<quint32>(data + offset + 8);
- *length = qFromBigEndian<quint32>(data + offset + 12);
- return;
+ if (fileEndSentinel - data >= 6) {
+ const quint16 numTables = qFromBigEndian<quint16>(data + 4);
+ if (fileEndSentinel - data >= 28 + 16 * (numTables - 1)) {
+ for (quint32 i = 0; i < numTables; ++i) {
+ const quint32 offset = 12 + 16 * i;
+ if (qFromUnaligned<quint32>(data + offset) == tag) {
+ const quint32 tableOffset = qFromBigEndian<quint32>(data + offset + 8);
+ if (quintptr(fileEndSentinel - fileBegin) <= tableOffset) {
+ qCWarning(lcQpaFonts) << "Corrupted font data detected";
+ break;
+ }
+ *table = fileBegin + tableOffset;
+ *length = qFromBigEndian<quint32>(data + offset + 12);
+ if (quintptr(fileEndSentinel - *table) < *length) {
+ qCWarning(lcQpaFonts) << "Corrupted font data detected";
+ break;
+ }
+ return;
+ }
+ }
+ } else {
+ qCWarning(lcQpaFonts) << "Corrupted font data detected";
}
+ } else {
+ qCWarning(lcQpaFonts) << "Corrupted font data detected";
}
*table = 0;
*length = 0;
@@ -1511,8 +1545,9 @@ static void getFamiliesAndSignatures(const QByteArray &fontData,
QVector<QFontValues> *values)
{
const uchar *data = reinterpret_cast<const uchar *>(fontData.constData());
+ const uchar *dataEndSentinel = data + fontData.size();
- QList<quint32> offsets = getTrueTypeFontOffsets(data);
+ QList<quint32> offsets = getTrueTypeFontOffsets(data, dataEndSentinel);
if (offsets.isEmpty())
return;
@@ -1520,7 +1555,7 @@ static void getFamiliesAndSignatures(const QByteArray &fontData,
const uchar *font = data + offsets.at(i);
const uchar *table;
quint32 length;
- getFontTable(data, font, MAKE_TAG('n', 'a', 'm', 'e'), &table, &length);
+ getFontTable(data, dataEndSentinel, font, MAKE_TAG('n', 'a', 'm', 'e'), &table, &length);
if (!table)
continue;
QFontNames names = qt_getCanonicalFontNames(table, length);
@@ -1530,7 +1565,7 @@ static void getFamiliesAndSignatures(const QByteArray &fontData,
families->append(std::move(names));
if (values || signatures)
- getFontTable(data, font, MAKE_TAG('O', 'S', '/', '2'), &table, &length);
+ getFontTable(data, dataEndSentinel, font, MAKE_TAG('O', 'S', '/', '2'), &table, &length);
if (values) {
QFontValues fontValues;
--
2.41.0

3
qtlogging.ini Normal file
View File

@ -0,0 +1,3 @@
[Rules]
*.debug=false
qt.qpa.xcb.xcberror.warning=false

16
tell-the-truth-about-private-api.patch Normal file
View File

@ -0,0 +1,16 @@
diff --git a/mkspecs/features/qt_module.prf b/mkspecs/features/qt_module.prf
index e6a0d97..cf93041 100644
--- a/mkspecs/features/qt_module.prf
+++ b/mkspecs/features/qt_module.prf
@@ -216,9 +216,9 @@ android: CONFIG += qt_android_deps no_linker_version_script
QMAKE_LFLAGS += $${QMAKE_LFLAGS_VERSION_SCRIPT}$$verscript
internal_module {
- verscript_content = "Qt_$${QT_MAJOR_VERSION}_PRIVATE_API { *; };"
+ verscript_content = "Qt_$${QT_MAJOR_VERSION}.$${QT_MINOR_VERSION}.$${QT_PATCH_VERSION}_PRIVATE_API { *; };"
} else {
- verscript_content = "Qt_$${QT_MAJOR_VERSION}_PRIVATE_API {" \
+ verscript_content = "Qt_$${QT_MAJOR_VERSION}.$${QT_MINOR_VERSION}.$${QT_PATCH_VERSION}_PRIVATE_API {" \
" qt_private_api_tag*;"
private_api_headers = $$SYNCQT.PRIVATE_HEADER_FILES $$SYNCQT.QPA_HEADER_FILES