Fixup commit for prevous CVE-2022-33068 fix. Fixes: | In file included from ../harfbuzz-4.0.1/src/hb-ot-face.cc:39: 4429| ../harfbuzz-4.0.1/src/hb-ot-color-sbix-table.hh:301:11: error: use of bitwise '|' with boolean operands [-Werror,-Wbitwise-instead-of-logical] 4430| if (png.IHDR.height >= 65536 | png.IHDR.width >= 65536) 4431| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ 4432| || 4433| ../harfbuzz-4.0.1/src/hb-ot-color-sbix-table.hh:301:11: note: cast one or both operands to int to silence this warning 4434| 1 error generated.
Signed-off-by: Pavel Zhukov <[email protected]> --- .../harfbuzz/0001-Fix-conditional.patch | 25 +++++++++++++++++++ .../harfbuzz/harfbuzz_4.0.1.bb | 3 ++- 2 files changed, 27 insertions(+), 1 deletion(-) create mode 100644 meta/recipes-graphics/harfbuzz/harfbuzz/0001-Fix-conditional.patch diff --git a/meta/recipes-graphics/harfbuzz/harfbuzz/0001-Fix-conditional.patch b/meta/recipes-graphics/harfbuzz/harfbuzz/0001-Fix-conditional.patch new file mode 100644 index 0000000000..0f9b86973b --- /dev/null +++ b/meta/recipes-graphics/harfbuzz/harfbuzz/0001-Fix-conditional.patch @@ -0,0 +1,25 @@ +From e421613e8f825508afa9a0b54d33085557c37441 Mon Sep 17 00:00:00 2001 +From: Behdad Esfahbod <[email protected]> +Date: Wed, 1 Jun 2022 09:07:57 -0600 +Subject: [PATCH] [sbix] Fix conditional + +Signed-off: Pavel Zhukov <[email protected]> +Upstream-Status: Backport [e421613e8f825508afa9a0b54d33085557c37441] + +--- + src/hb-ot-color-sbix-table.hh | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/src/hb-ot-color-sbix-table.hh b/src/hb-ot-color-sbix-table.hh +index 6efae43cda..d0e2235fb2 100644 +--- a/src/hb-ot-color-sbix-table.hh ++++ b/src/hb-ot-color-sbix-table.hh +@@ -298,7 +298,7 @@ struct sbix + + const PNGHeader &png = *blob->as<PNGHeader>(); + +- if (png.IHDR.height >= 65536 | png.IHDR.width >= 65536) ++ if (png.IHDR.height >= 65536 || png.IHDR.width >= 65536) + { + hb_blob_destroy (blob); + return false; diff --git a/meta/recipes-graphics/harfbuzz/harfbuzz_4.0.1.bb b/meta/recipes-graphics/harfbuzz/harfbuzz_4.0.1.bb index 81518a53ea..e18727bcfc 100644 --- a/meta/recipes-graphics/harfbuzz/harfbuzz_4.0.1.bb +++ b/meta/recipes-graphics/harfbuzz/harfbuzz_4.0.1.bb @@ -12,7 +12,8 @@ UPSTREAM_CHECK_URI = "https://github.com/${BPN}/${BPN}/releases"; UPSTREAM_CHECK_REGEX = "harfbuzz-(?P<pver>\d+(\.\d+)+).tar" SRC_URI = "https://github.com/${BPN}/${BPN}/releases/download/${PV}/${BPN}-${PV}.tar.xz\ - file://CVE-2022-33068.patch" + file://CVE-2022-33068.patch + file://0001-Fix-conditional.patch" SRC_URI[sha256sum] = "98f68777272db6cd7a3d5152bac75083cd52a26176d87bc04c8b3929d33bce49" inherit meson pkgconfig lib_package gtk-doc gobject-introspection -- 2.35.1
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#168163): https://lists.openembedded.org/g/openembedded-core/message/168163 Mute This Topic: https://lists.openembedded.org/mt/92445801/21656 Group Owner: [email protected] Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [[email protected]] -=-=-=-=-=-=-=-=-=-=-=-
