Accepting request 1118064 from home:manfred-h:branches:KDE:Qt6

- Add 0001-fix-nullptr-derefence-with-invalid-SVG.patch to fix https://bugreports.qt.io/browse/QTBUG-117944 and https://bugzilla.opensuse.org/show_bug.cgi?id=1216269 - Add 0002-make-sure-we-do-not-load-invalid-SVGs-twice.patch to fix boo#1216269 OBS-URL: https://build.opensuse.org/request/show/1118064 OBS-URL: https://build.opensuse.org/package/show/KDE:Qt6/qt6-svg?expand=0&rev=42
2023-10-16 15:34:29 +00:00 · 2023-10-16 15:34:29 +00:00 · e75a211211
commit e75a211211
parent ec877d73c3
4 changed files with 121 additions and 0 deletions
--- a/0001-fix-nullptr-derefence-with-invalid-SVG.patch
+++ b/0001-fix-nullptr-derefence-with-invalid-SVG.patch
@ -0,0 +1,29 @@
+From edc8ca7f1e45302223b4b7962a57a30918f84c8d Mon Sep 17 00:00:00 2001
+From: Paul Olav Tvete <paul.tvete@qt.io>
+Date: Tue, 10 Oct 2023 10:14:22 +0200
+Subject: [PATCH] Fix nullptr dereference with invalid SVG
+
+Fixes: QTBUG-117944
+Pick-to: 6.6 6.5 6.2
+Change-Id: I9059dc28c750fc0585f1fb982152b211c323c6cd
+Reviewed-by: Eskil Abrahamsen Blomfeldt <eskil.abrahamsen-blomfeldt@qt.io>
+---
+ src/svg/qsvghandler.cpp | 2 ++
+ 1 file changed, 2 insertions(+)
+
+diff --git a/src/svg/qsvghandler.cpp b/src/svg/qsvghandler.cpp
+index e6877acc..1cffbc37 100644
+--- a/src/svg/qsvghandler.cpp
+++ b/src/svg/qsvghandler.cpp
+@@ -3620,6 +3620,8 @@ void QSvgHandler::init()
+ 
+ static bool detectCycles(const QSvgNode *node, QList<const QSvgUse *> active = {})
+ {
+    if (Q_UNLIKELY(!node))
+        return false;
+     switch (node->type()) {
+     case QSvgNode::DOC:
+     case QSvgNode::G:
+-- 
+2.16.3
+
--- a/0002-make-sure-we-do-not-load-invalid-SVGs-twice.patch
+++ b/0002-make-sure-we-do-not-load-invalid-SVGs-twice.patch
@ -0,0 +1,79 @@
+From a090bd1f9a7bfa14f06b14570c6a5a37843931c6 Mon Sep 17 00:00:00 2001
+From: Paul Olav Tvete <paul.tvete@qt.io>
+Date: Tue, 10 Oct 2023 11:41:41 +0200
+Subject: [PATCH] Make sure we don't load invalid SVGs twice
+
+Fixes a bug where loading an invalid SVG that happens
+to be valid XML could behave differently in QML and C++,
+because readimage() in qquickpixmapcache.cpp calls
+QImageReader::size() twice.
+
+Task-number: QTBUG-117944
+Pick-to: 6.6 6.5
+Change-Id: Ibef7f54627c76414c66f81804f5f46f2db3594ba
+Reviewed-by: Eirik Aavitsland <eirik.aavitsland@qt.io>
+Reviewed-by: Qt CI Bot <qt_ci_bot@qt-project.org>
+---
+ src/plugins/imageformats/svg/qsvgiohandler.cpp | 16 +++++++++-------
+ 1 file changed, 9 insertions(+), 7 deletions(-)
+
+diff --git a/src/plugins/imageformats/svg/qsvgiohandler.cpp b/src/plugins/imageformats/svg/qsvgiohandler.cpp
+index b04ee6b2..570c9829 100644
+--- a/src/plugins/imageformats/svg/qsvgiohandler.cpp
+++ b/src/plugins/imageformats/svg/qsvgiohandler.cpp
+@@ -19,7 +19,7 @@ class QSvgIOHandlerPrivate
+ {
+ public:
+     QSvgIOHandlerPrivate(QSvgIOHandler *qq)
+-        : q(qq), loaded(false), readDone(false), backColor(Qt::transparent)
+        : q(qq), loadAttempted(false), loadStatus(false), readDone(false), backColor(Qt::transparent)
+     {}
+ 
+     bool load(QIODevice *device);
+@@ -31,7 +31,8 @@ public:
+     QRect            clipRect;
+     QSize            scaledSize;
+     QRect            scaledClipRect;
+-    bool             loaded;
+    bool             loadAttempted;
+    bool             loadStatus;
+     bool             readDone;
+     QColor           backColor;
+ };
+@@ -39,8 +40,9 @@ public:
+ 
+ bool QSvgIOHandlerPrivate::load(QIODevice *device)
+ {
+-    if (loaded)
+-        return true;
+    if (loadAttempted)
+        return loadStatus;
+    loadAttempted = true;
+     if (q->format().isEmpty())
+         q->canRead();
+ 
+@@ -63,10 +65,10 @@ bool QSvgIOHandlerPrivate::load(QIODevice *device)
+ 
+     if (res) {
+         defaultSize = r.defaultSize();
+-        loaded = true;
+        loadStatus = true;
+     }
+ 
+-    return loaded;
+    return loadStatus;
+ }
+ 
+ 
+@@ -105,7 +107,7 @@ bool QSvgIOHandler::canRead() const
+ {
+     if (!device())
+         return false;
+-    if (d->loaded && !d->readDone)
+    if (d->loadStatus && !d->readDone)
+         return true;        // Will happen if we have been asked for the size
+ 
+     bool isCompressed = false;
+-- 
+2.16.3
+
--- a/qt6-svg.changes
+++ b/qt6-svg.changes
@ -1,3 +1,12 @@
+-------------------------------------------------------------------
+Mon Oct 16 14:40:42 UTC 2023 - Manfred Hollstein <manfred.h@gmx.net>
+
+- Add 0001-fix-nullptr-derefence-with-invalid-SVG.patch to fix
+  https://bugreports.qt.io/browse/QTBUG-117944 and
+  https://bugzilla.opensuse.org/show_bug.cgi?id=1216269
+- Add 0002-make-sure-we-do-not-load-invalid-SVGs-twice.patch to fix
+  boo#1216269
+
 -------------------------------------------------------------------
 Tue Oct 10 09:40:01 UTC 2023 - Christophe Marin <christophe@krop.fr>

--- a/qt6-svg.spec
+++ b/qt6-svg.spec
@ -33,6 +33,10 @@ Summary:        Classes for rendering and displaying SVG drawings
 License:        LGPL-3.0-only OR (GPL-2.0-only OR GPL-3.0-or-later)
 URL:            https://www.qt.io
 Source:         https://download.qt.io/official_releases/qt/%{short_version}/%{real_version}%{tar_suffix}/submodules/%{tar_name}-%{real_version}%{tar_suffix}.tar.xz
+# PATCH-FIX-UPSTREAM 0001-fix-nullptr-derefence-with-invalid-SVG.patch QTBUG-117944 boo#1216269 commit edc8ca7f1e45302223b4b7962a57a30918f84c8d
+Patch01:        0001-fix-nullptr-derefence-with-invalid-SVG.patch
+# PATCH-FIX-UPSTREAM 0002-make-sure-we-do-not-load-invalid-SVGs-twice.patch boo#1216269 commit a090bd1f9a7bfa14f06b14570c6a5a37843931c6
+Patch02:        0002-make-sure-we-do-not-load-invalid-SVGs-twice.patch
 Source99:       qt6-svg-rpmlintrc
 BuildRequires:  pkgconfig
 BuildRequires:  qt6-core-private-devel