qtbase5.11.1-CVE-2023-51714
This commit is contained in:
peijiankang
hua_yadong
parent
7c4d2d1da2
commit
1251bb7912
@ -13,7 +13,7 @@
|
||||
Name: qt5-qtbase
|
||||
Summary: Core component of Qt toolkit
|
||||
Version: 5.11.1
|
||||
Release: 20
|
||||
Release: 21
|
||||
License: LGPLv2 with exceptions or GPLv3 with exceptions
|
||||
Url: http://qt-project.org/
|
||||
Source0: https://download.qt.io/new_archive/qt/5.11/%{version}/submodules/qtbase-everywhere-src-%{version}.tar.xz
|
||||
@ -56,6 +56,7 @@ Patch6012: qtbase5.11.1-CVE-2023-34410.patch
|
||||
Patch6013: qtbase5.11.1-CVE-2023-38197.patch
|
||||
#https://codereview.qt-project.org/c/qt/qtbase/+/503026
|
||||
Patch6014: qtbase5.11.1-CVE-2023-43114.patch
|
||||
Patch6015: qtbase5.11.1-CVE-2023-51714.patch
|
||||
|
||||
BuildRequires: pkgconfig(libsystemd) cups-devel desktop-file-utils findutils
|
||||
BuildRequires: libjpeg-devel libmng-devel libtiff-devel pkgconfig(alsa)
|
||||
@ -423,6 +424,9 @@ fi
|
||||
|
||||
|
||||
%changelog
|
||||
* Wed Jan 31 2024 douyan <douyan@kylinos.cn> - 5.11.1-21
|
||||
- add qtbase5.11.1-CVE-2023-51714.patch
|
||||
|
||||
* Sat Nov 25 2023 hua_yadong <huayadong@kylinos.cn> - 5.11.1-20
|
||||
- Fix qtbase5.11.1-CVE-2023-43114.patch
|
||||
|
||||
|
||||
38
qtbase5.11.1-CVE-2023-51714.patch
Normal file
38
qtbase5.11.1-CVE-2023-51714.patch
Normal file
@ -0,0 +1,38 @@
|
||||
From 7743b020c54b4ac7152be1305ad61c6a8fdc604d Mon Sep 17 00:00:00 2001
|
||||
From: peijiankang <peijiankang@kylinos.cn>
|
||||
Date: Wed, 31 Jan 2024 13:43:57 +0800
|
||||
Subject: [PATCH] qtbase5.11.1-CVE-2023-51714
|
||||
|
||||
---
|
||||
src/network/access/http2/hpacktable.cpp | 8 +++++---
|
||||
1 file changed, 5 insertions(+), 3 deletions(-)
|
||||
|
||||
diff --git a/src/network/access/http2/hpacktable.cpp b/src/network/access/http2/hpacktable.cpp
|
||||
index a90ee72d..4f452ad0 100644
|
||||
--- a/src/network/access/http2/hpacktable.cpp
|
||||
+++ b/src/network/access/http2/hpacktable.cpp
|
||||
@@ -40,6 +40,7 @@
|
||||
#include "hpacktable_p.h"
|
||||
|
||||
#include <QtCore/qdebug.h>
|
||||
+#include <QtCore/private/qnumeric_p.h>
|
||||
|
||||
#include <algorithm>
|
||||
#include <cstring>
|
||||
@@ -60,9 +61,10 @@ HeaderSize entry_size(const QByteArray &name, const QByteArray &value)
|
||||
// to reference the name and the value of the entry and two 64-bit integers
|
||||
// for counting the number of references to the name and value would have
|
||||
// 32 octets of overhead."
|
||||
-
|
||||
- const unsigned sum = unsigned(name.size()) + value.size();
|
||||
- if (std::numeric_limits<unsigned>::max() - 32 < sum)
|
||||
+ size_t sum;
|
||||
+ if (add_overflow(size_t(name.size()), size_t(value.size()), &sum))
|
||||
+ return HeaderSize();
|
||||
+ if (sum > (std::numeric_limits<unsigned>::max() - 32))
|
||||
return HeaderSize();
|
||||
return HeaderSize(true, quint32(sum + 32));
|
||||
}
|
||||
--
|
||||
2.41.0
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user