commit: 78070035d19deec11ddfe97230230f38b8818144 Author: Andreas Sturmlechner <asturm <AT> gentoo <DOT> org> AuthorDate: Sun May 30 11:05:04 2021 +0000 Commit: Andreas Sturmlechner <asturm <AT> gentoo <DOT> org> CommitDate: Sun May 30 11:37:37 2021 +0000 URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=78070035
kde-apps/kio-extras: thumbnail: Check shm size before writing to it Upstream commit a288a7ba4283b2102a4602aa105072f33bc25645 See also: https://invent.kde.org/network/kio-extras/-/merge_requests/92 KDE-bug: https://bugs.kde.org/show_bug.cgi?id=430862 Package-Manager: Portage-3.0.19, Repoman-3.0.3 Signed-off-by: Andreas Sturmlechner <asturm <AT> gentoo.org> ...o-extras-20.12.3-thumbnail-check-shm-size.patch | 44 ++++++++++ kde-apps/kio-extras/kio-extras-20.12.3-r1.ebuild | 95 ++++++++++++++++++++++ kde-apps/kio-extras/kio-extras-21.04.1-r1.ebuild | 95 ++++++++++++++++++++++ 3 files changed, 234 insertions(+) diff --git a/kde-apps/kio-extras/files/kio-extras-20.12.3-thumbnail-check-shm-size.patch b/kde-apps/kio-extras/files/kio-extras-20.12.3-thumbnail-check-shm-size.patch new file mode 100644 index 00000000000..ef53e0fc3f6 --- /dev/null +++ b/kde-apps/kio-extras/files/kio-extras-20.12.3-thumbnail-check-shm-size.patch @@ -0,0 +1,44 @@ +From a288a7ba4283b2102a4602aa105072f33bc25645 Mon Sep 17 00:00:00 2001 +From: Fabian Vogt <[email protected]> +Date: Tue, 4 May 2021 20:52:59 +0200 +Subject: [PATCH] thumbnail: Check shm size before writing to it + +The SHM is created by the application, which might've done a different size +calculation. Verify that the data fits instead of writing past the end and +crashing. + +CCBUG: 430862 + + +(cherry picked from commit 112b67ae7895bdc4f32d851c09a4d6baecbb6666) +--- + thumbnail/thumbnail.cpp | 9 +++++---- + 1 file changed, 5 insertions(+), 4 deletions(-) + +diff --git a/thumbnail/thumbnail.cpp b/thumbnail/thumbnail.cpp +index 6b133323..afdb088e 100644 +--- a/thumbnail/thumbnail.cpp ++++ b/thumbnail/thumbnail.cpp +@@ -288,14 +288,15 @@ void ThumbnailProtocol::get(const QUrl &url) + error(KIO::ERR_INTERNAL, i18n("Failed to attach to shared memory segment %1", shmid)); + return; + } +- if (img.width() * img.height() > m_width * m_height) { ++ if( img.format() != QImage::Format_ARGB32 ) { // KIO::PreviewJob and this code below completely ignores colortable :-/, ++ img = img.convertToFormat(QImage::Format_ARGB32); // so make sure there is none ++ } ++ struct shmid_ds shmStat; ++ if (shmctl(shmid.toInt(), IPC_STAT, &shmStat) == -1 || shmStat.shm_segsz < img.sizeInBytes()) { + error(KIO::ERR_INTERNAL, i18n("Image is too big for the shared memory segment")); + shmdt((char*)shmaddr); + return; + } +- if( img.format() != QImage::Format_ARGB32 ) { // KIO::PreviewJob and this code below completely ignores colortable :-/, +- img = img.convertToFormat(QImage::Format_ARGB32); // so make sure there is none +- } + // Keep in sync with kdelibs/kio/kio/previewjob.cpp + stream << img.width() << img.height() << quint8(img.format()); + memcpy(shmaddr, img.bits(), img.sizeInBytes()); +-- +GitLab + diff --git a/kde-apps/kio-extras/kio-extras-20.12.3-r1.ebuild b/kde-apps/kio-extras/kio-extras-20.12.3-r1.ebuild new file mode 100644 index 00000000000..1ca9d48fb3a --- /dev/null +++ b/kde-apps/kio-extras/kio-extras-20.12.3-r1.ebuild @@ -0,0 +1,95 @@ +# Copyright 1999-2021 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=7 + +ECM_HANDBOOK="forceoptional" +ECM_TEST="optional" +KFMIN=5.75.0 +QTMIN=5.15.2 +VIRTUALX_REQUIRED="test" +inherit ecm kde.org + +DESCRIPTION="KIO plugins present a filesystem-like view of arbitrary data" +HOMEPAGE="https://invent.kde.org/network/kio-extras"; + +LICENSE="GPL-2" # TODO: CHECK +SLOT="5" +KEYWORDS="~amd64 ~arm ~arm64 ~ppc64 ~x86" +IUSE="activities +man mtp nfs openexr phonon samba +sftp taglib X" + +# requires running Plasma environment +RESTRICT+=" test" + +DEPEND=" + >=dev-qt/qtdbus-${QTMIN}:5 + >=dev-qt/qtgui-${QTMIN}:5 + >=dev-qt/qtnetwork-${QTMIN}:5 + >=dev-qt/qtsvg-${QTMIN}:5 + >=dev-qt/qtwidgets-${QTMIN}:5 + >=dev-qt/qtxml-${QTMIN}:5 + >=kde-frameworks/karchive-${KFMIN}:5 + >=kde-frameworks/kbookmarks-${KFMIN}:5 + >=kde-frameworks/kcodecs-${KFMIN}:5 + >=kde-frameworks/kconfig-${KFMIN}:5 + >=kde-frameworks/kconfigwidgets-${KFMIN}:5 + >=kde-frameworks/kcoreaddons-${KFMIN}:5 + >=kde-frameworks/kdbusaddons-${KFMIN}:5 + >=kde-frameworks/kdnssd-${KFMIN}:5 + >=kde-frameworks/kguiaddons-${KFMIN}:5 + >=kde-frameworks/ki18n-${KFMIN}:5 + >=kde-frameworks/kiconthemes-${KFMIN}:5 + >=kde-frameworks/kio-${KFMIN}:5 + >=kde-frameworks/kparts-${KFMIN}:5 + >=kde-frameworks/kservice-${KFMIN}:5 + >=kde-frameworks/kxmlgui-${KFMIN}:5 + >=kde-frameworks/solid-${KFMIN}:5 + >=kde-frameworks/syntax-highlighting-${KFMIN}:5 + activities? ( + >=dev-qt/qtsql-${QTMIN}:5 + >=kde-frameworks/kactivities-${KFMIN}:5 + >=kde-frameworks/kactivities-stats-${KFMIN}:5 + ) + mtp? ( >=media-libs/libmtp-1.1.16:= ) + nfs? ( net-libs/libtirpc:= ) + openexr? ( media-libs/openexr:= ) + phonon? ( >=media-libs/phonon-4.11.0 ) + samba? ( + net-fs/samba[client] + net-libs/kdsoap:= + net-libs/kdsoap-ws-discovery-client + ) + sftp? ( net-libs/libssh:=[sftp] ) + taglib? ( >=media-libs/taglib-1.11.1 ) + X? ( + x11-libs/libX11 + x11-libs/libXcursor + ) +" +RDEPEND="${DEPEND} + >=kde-frameworks/kded-${KFMIN}:5 +" +BDEPEND="man? ( dev-util/gperf )" + +PATCHES=( "${FILESDIR}"/${P}-thumbnail-check-shm-size.patch ) # KDE-bug 430862 + +src_configure() { + local mycmakeargs=( + $(cmake_use_find_package activities KF5Activities) + $(cmake_use_find_package activities KF5ActivitiesStats) + $(cmake_use_find_package man Gperf) + $(cmake_use_find_package mtp Mtp) + $(cmake_use_find_package nfs TIRPC) + $(cmake_use_find_package openexr OpenEXR) + $(cmake_use_find_package phonon Phonon4Qt5) + $(cmake_use_find_package samba Samba) + $(cmake_use_find_package sftp libssh) + $(cmake_use_find_package taglib Taglib) + $(cmake_use_find_package X X11) + ) + use samba && mycmakeargs+=( + -DBUILD_KDSoapWSDiscoveryClient=OFF # disable bundled stuff + ) + + ecm_src_configure +} diff --git a/kde-apps/kio-extras/kio-extras-21.04.1-r1.ebuild b/kde-apps/kio-extras/kio-extras-21.04.1-r1.ebuild new file mode 100644 index 00000000000..16b5e1d74f4 --- /dev/null +++ b/kde-apps/kio-extras/kio-extras-21.04.1-r1.ebuild @@ -0,0 +1,95 @@ +# Copyright 1999-2021 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=7 + +ECM_HANDBOOK="forceoptional" +ECM_TEST="optional" +KFMIN=5.80.0 +QTMIN=5.15.2 +VIRTUALX_REQUIRED="test" +inherit ecm kde.org + +DESCRIPTION="KIO plugins present a filesystem-like view of arbitrary data" +HOMEPAGE="https://invent.kde.org/network/kio-extras"; + +LICENSE="GPL-2" # TODO: CHECK +SLOT="5" +KEYWORDS="~amd64 ~arm ~arm64 ~ppc64 ~x86" +IUSE="activities +man mtp nfs openexr phonon samba +sftp taglib X" + +# requires running Plasma environment +RESTRICT+=" test" + +DEPEND=" + >=dev-qt/qtdbus-${QTMIN}:5 + >=dev-qt/qtgui-${QTMIN}:5 + >=dev-qt/qtnetwork-${QTMIN}:5 + >=dev-qt/qtsvg-${QTMIN}:5 + >=dev-qt/qtwidgets-${QTMIN}:5 + >=dev-qt/qtxml-${QTMIN}:5 + >=kde-frameworks/karchive-${KFMIN}:5 + >=kde-frameworks/kbookmarks-${KFMIN}:5 + >=kde-frameworks/kcodecs-${KFMIN}:5 + >=kde-frameworks/kconfig-${KFMIN}:5 + >=kde-frameworks/kconfigwidgets-${KFMIN}:5 + >=kde-frameworks/kcoreaddons-${KFMIN}:5 + >=kde-frameworks/kdbusaddons-${KFMIN}:5 + >=kde-frameworks/kdnssd-${KFMIN}:5 + >=kde-frameworks/kguiaddons-${KFMIN}:5 + >=kde-frameworks/ki18n-${KFMIN}:5 + >=kde-frameworks/kio-${KFMIN}:5 + >=kde-frameworks/kparts-${KFMIN}:5 + >=kde-frameworks/kservice-${KFMIN}:5 + >=kde-frameworks/kxmlgui-${KFMIN}:5 + >=kde-frameworks/solid-${KFMIN}:5 + >=kde-frameworks/syntax-highlighting-${KFMIN}:5 + activities? ( + >=dev-qt/qtsql-${QTMIN}:5 + >=kde-frameworks/kactivities-${KFMIN}:5 + >=kde-frameworks/kactivities-stats-${KFMIN}:5 + ) + mtp? ( >=media-libs/libmtp-1.1.16:= ) + nfs? ( net-libs/libtirpc:= ) + openexr? ( media-libs/openexr:= ) + phonon? ( >=media-libs/phonon-4.11.0 ) + samba? ( + net-fs/samba[client] + net-libs/kdsoap:= + net-libs/kdsoap-ws-discovery-client + ) + sftp? ( net-libs/libssh:=[sftp] ) + taglib? ( >=media-libs/taglib-1.11.1 ) + X? ( + x11-libs/libX11 + x11-libs/libXcursor + ) +" +RDEPEND="${DEPEND} + >=kde-frameworks/kded-${KFMIN}:5 +" +BDEPEND="man? ( dev-util/gperf )" + +PATCHES=( "${FILESDIR}"/${PN}-20.12.3-thumbnail-check-shm-size.patch ) # KDE-bug 430862 + +src_configure() { + local mycmakeargs=( + $(cmake_use_find_package activities KF5Activities) + $(cmake_use_find_package activities KF5ActivitiesStats) + $(cmake_use_find_package activities Qt5Sql) + $(cmake_use_find_package man Gperf) + $(cmake_use_find_package mtp Mtp) + $(cmake_use_find_package nfs TIRPC) + $(cmake_use_find_package openexr OpenEXR) + $(cmake_use_find_package phonon Phonon4Qt5) + $(cmake_use_find_package samba Samba) + $(cmake_use_find_package sftp libssh) + $(cmake_use_find_package taglib Taglib) + $(cmake_use_find_package X X11) + ) + use samba && mycmakeargs+=( + -DBUILD_KDSoapWSDiscoveryClient=OFF # disable bundled stuff + ) + + ecm_src_configure +}
