]> git.pld-linux.org Git - packages/qt5-qtsvg.git/blobdiff - CVE-2023-32573-qtsvg-5.15.diff
projects / packages / qt5-qtsvg.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
upstream fix for CVE-2023-32573; rel 2
[packages/qt5-qtsvg.git] / CVE-2023-32573-qtsvg-5.15.diff
diff --git a/CVE-2023-32573-qtsvg-5.15.diff b/CVE-2023-32573-qtsvg-5.15.diff
new file mode 100644 (file)
index 0000000..0554756
--- /dev/null
+++ b/CVE-2023-32573-qtsvg-5.15.diff
@@ -0,0 +1,34 @@
+--- a/src/svg/qsvgfont_p.h
++++ b/src/svg/qsvgfont_p.h
+@@ -74,6 +74,7 @@ public:
+ class Q_SVG_PRIVATE_EXPORT QSvgFont : public QSvgRefCounted
+ {
+ public:
++    static constexpr qreal DEFAULT_UNITS_PER_EM = 1000;
+     QSvgFont(qreal horizAdvX);
+
+     void setFamilyName(const QString &name);
+@@ -86,9 +87,7 @@ public:
+     void draw(QPainter *p, const QPointF &point, const QString &str, qreal pixelSize, Qt::Alignment alignment) const;
+ public:
+     QString m_familyName;
+-    qreal m_unitsPerEm;
+-    qreal m_ascent;
+-    qreal m_descent;
++    qreal m_unitsPerEm = DEFAULT_UNITS_PER_EM;
+     qreal m_horizAdvX;
+     QHash<QChar, QSvgGlyph> m_glyphs;
+ };
+
+
+--- a/src/svg/qsvghandler.cpp
++++ b/src/svg/qsvghandler.cpp
+@@ -2668,7 +2668,7 @@ static bool parseFontFaceNode(QSvgStyleProperty *parent,
+
+     qreal unitsPerEm = toDouble(unitsPerEmStr);
+     if (!unitsPerEm)
+-        unitsPerEm = 1000;
++        unitsPerEm = QSvgFont::DEFAULT_UNITS_PER_EM;
+
+     if (!name.isEmpty())
+         font->setFamilyName(name);
The Qt5 Svg library
This page took 0.084467 seconds and 4 git commands to generate.