diff mbox series

cairo: fix CVE patches assigned wrong CVE number

Message ID 20221214-cairo-cve-typo-v1-1-8ecb1bf8f9df@theobroma-systems.com
State Accepted, archived
Commit f12c2a5ac94cb29f473f3c7e335463c7fb6d8a6e
Headers show
Series cairo: fix CVE patches assigned wrong CVE number | expand

Commit Message

Quentin Schulz Dec. 14, 2022, 10:42 a.m. UTC 
From: Quentin Schulz <quentin.schulz@theobroma-systems.com>

CVE-2019-6461 and CVE-2019-6462 are fixed, but the reporting is
incorrect as the patch for CVE-2019-6461 is actually for CVE-2019-6462
and vice-versa.

This swaps both files and edit the CVE field to report the correct
identifier.

Cc: Quentin Schulz <foss+yocto@0leil.net>
Signed-off-by: Quentin Schulz <quentin.schulz@theobroma-systems.com>
---
 .../cairo/cairo/CVE-2019-6461.patch                 | 21 +++++++++++----------
 .../cairo/cairo/CVE-2019-6462.patch                 | 21 ++++++++++-----------
 2 files changed, 21 insertions(+), 21 deletions(-)


---
base-commit: a89bea9fed0005bc7d820a1fc6a9d6dd7c246c22
change-id: 20221214-cairo-cve-typo-fd0d89835d77

Best regards,
-- 
Quentin Schulz <quentin.schulz@theobroma-systems.com>

Comments

Alexandre Belloni Dec. 19, 2022, 9:29 p.m. UTC | #1 
Hello Quentin,

I couldn't apply this patch but it still seems relevant. Can you rebase?

On 14/12/2022 11:42:16+0100, Quentin Schulz wrote:
> From: Quentin Schulz <quentin.schulz@theobroma-systems.com>
> 
> CVE-2019-6461 and CVE-2019-6462 are fixed, but the reporting is
> incorrect as the patch for CVE-2019-6461 is actually for CVE-2019-6462
> and vice-versa.
> 
> This swaps both files and edit the CVE field to report the correct
> identifier.
> 
> Cc: Quentin Schulz <foss+yocto@0leil.net>
> Signed-off-by: Quentin Schulz <quentin.schulz@theobroma-systems.com>
> ---
>  .../cairo/cairo/CVE-2019-6461.patch                 | 21 +++++++++++----------
>  .../cairo/cairo/CVE-2019-6462.patch                 | 21 ++++++++++-----------
>  2 files changed, 21 insertions(+), 21 deletions(-)
> 
> diff --git a/meta/recipes-graphics/cairo/cairo/CVE-2019-6461.patch b/meta/recipes-graphics/cairo/cairo/CVE-2019-6461.patch
> index 5232cf70c6..a2dba6cb20 100644
> --- a/meta/recipes-graphics/cairo/cairo/CVE-2019-6461.patch
> +++ b/meta/recipes-graphics/cairo/cairo/CVE-2019-6461.patch
> @@ -1,19 +1,20 @@
> -There is a potential infinite-loop in function _arc_error_normalized().
> +There is an assertion in function _cairo_arc_in_direction().
>  
>  CVE: CVE-2019-6461
>  Upstream-Status: Pending
>  Signed-off-by: Ross Burton <ross.burton@intel.com>
>  
>  diff --git a/src/cairo-arc.c b/src/cairo-arc.c
> -index 390397bae..f9249dbeb 100644
> +index 390397bae..1bde774a4 100644
>  --- a/src/cairo-arc.c
>  +++ b/src/cairo-arc.c
> -@@ -99,7 +99,7 @@ _arc_max_angle_for_tolerance_normalized (double tolerance)
> -     do {
> - 	angle = M_PI / i++;
> - 	error = _arc_error_normalized (angle);
> --    } while (error > tolerance);
> -+    } while (error > tolerance && error > __DBL_EPSILON__);
> +@@ -186,7 +186,8 @@ _cairo_arc_in_direction (cairo_t	  *cr,
> +     if (cairo_status (cr))
> +         return;
>   
> -     return angle;
> - }
> +-    assert (angle_max >= angle_min);
> ++    if (angle_max < angle_min)
> ++       return;
> + 
> +     if (angle_max - angle_min > 2 * M_PI * MAX_FULL_CIRCLES) {
> + 	angle_max = fmod (angle_max - angle_min, 2 * M_PI);
> diff --git a/meta/recipes-graphics/cairo/cairo/CVE-2019-6462.patch b/meta/recipes-graphics/cairo/cairo/CVE-2019-6462.patch
> index 4e4598c5b5..e3a8d5a219 100644
> --- a/meta/recipes-graphics/cairo/cairo/CVE-2019-6462.patch
> +++ b/meta/recipes-graphics/cairo/cairo/CVE-2019-6462.patch
> @@ -1,20 +1,19 @@
> -There is an assertion in function _cairo_arc_in_direction().
> +There is a potential infinite-loop in function _arc_error_normalized().
>  
>  CVE: CVE-2019-6462
>  Upstream-Status: Pending
>  Signed-off-by: Ross Burton <ross.burton@intel.com>
>  
>  diff --git a/src/cairo-arc.c b/src/cairo-arc.c
> -index 390397bae..1bde774a4 100644
> +index 390397bae..f9249dbeb 100644
>  --- a/src/cairo-arc.c
>  +++ b/src/cairo-arc.c
> -@@ -186,7 +186,8 @@ _cairo_arc_in_direction (cairo_t	  *cr,
> -     if (cairo_status (cr))
> -         return;
> +@@ -99,7 +99,7 @@ _arc_max_angle_for_tolerance_normalized (double tolerance)
> +     do {
> + 	angle = M_PI / i++;
> + 	error = _arc_error_normalized (angle);
> +-    } while (error > tolerance);
> ++    } while (error > tolerance && error > __DBL_EPSILON__);
>   
> --    assert (angle_max >= angle_min);
> -+    if (angle_max < angle_min)
> -+       return;
> - 
> -     if (angle_max - angle_min > 2 * M_PI * MAX_FULL_CIRCLES) {
> - 	angle_max = fmod (angle_max - angle_min, 2 * M_PI);
> +     return angle;
> + }
> 
> ---
> base-commit: a89bea9fed0005bc7d820a1fc6a9d6dd7c246c22
> change-id: 20221214-cairo-cve-typo-fd0d89835d77
> 
> Best regards,
> -- 
> Quentin Schulz <quentin.schulz@theobroma-systems.com>

> 
> -=-=-=-=-=-=-=-=-=-=-=-
> Links: You receive all messages sent to this group.
> View/Reply Online (#174552): https://lists.openembedded.org/g/openembedded-core/message/174552
> Mute This Topic: https://lists.openembedded.org/mt/95663780/3617179
> Group Owner: openembedded-core+owner@lists.openembedded.org
> Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [alexandre.belloni@bootlin.com]
> -=-=-=-=-=-=-=-=-=-=-=-
>
diff mbox series

Patch

diff --git a/meta/recipes-graphics/cairo/cairo/CVE-2019-6461.patch b/meta/recipes-graphics/cairo/cairo/CVE-2019-6461.patch
index 5232cf70c6..a2dba6cb20 100644
--- a/meta/recipes-graphics/cairo/cairo/CVE-2019-6461.patch
+++ b/meta/recipes-graphics/cairo/cairo/CVE-2019-6461.patch
@@ -1,19 +1,20 @@ 
-There is a potential infinite-loop in function _arc_error_normalized().
+There is an assertion in function _cairo_arc_in_direction().
 
 CVE: CVE-2019-6461
 Upstream-Status: Pending
 Signed-off-by: Ross Burton <ross.burton@intel.com>
 
 diff --git a/src/cairo-arc.c b/src/cairo-arc.c
-index 390397bae..f9249dbeb 100644
+index 390397bae..1bde774a4 100644
 --- a/src/cairo-arc.c
 +++ b/src/cairo-arc.c
-@@ -99,7 +99,7 @@ _arc_max_angle_for_tolerance_normalized (double tolerance)
-     do {
- 	angle = M_PI / i++;
- 	error = _arc_error_normalized (angle);
--    } while (error > tolerance);
-+    } while (error > tolerance && error > __DBL_EPSILON__);
+@@ -186,7 +186,8 @@ _cairo_arc_in_direction (cairo_t	  *cr,
+     if (cairo_status (cr))
+         return;
  
-     return angle;
- }
+-    assert (angle_max >= angle_min);
++    if (angle_max < angle_min)
++       return;
+ 
+     if (angle_max - angle_min > 2 * M_PI * MAX_FULL_CIRCLES) {
+ 	angle_max = fmod (angle_max - angle_min, 2 * M_PI);
diff --git a/meta/recipes-graphics/cairo/cairo/CVE-2019-6462.patch b/meta/recipes-graphics/cairo/cairo/CVE-2019-6462.patch
index 4e4598c5b5..e3a8d5a219 100644
--- a/meta/recipes-graphics/cairo/cairo/CVE-2019-6462.patch
+++ b/meta/recipes-graphics/cairo/cairo/CVE-2019-6462.patch
@@ -1,20 +1,19 @@ 
-There is an assertion in function _cairo_arc_in_direction().
+There is a potential infinite-loop in function _arc_error_normalized().
 
 CVE: CVE-2019-6462
 Upstream-Status: Pending
 Signed-off-by: Ross Burton <ross.burton@intel.com>
 
 diff --git a/src/cairo-arc.c b/src/cairo-arc.c
-index 390397bae..1bde774a4 100644
+index 390397bae..f9249dbeb 100644
 --- a/src/cairo-arc.c
 +++ b/src/cairo-arc.c
-@@ -186,7 +186,8 @@ _cairo_arc_in_direction (cairo_t	  *cr,
-     if (cairo_status (cr))
-         return;
+@@ -99,7 +99,7 @@ _arc_max_angle_for_tolerance_normalized (double tolerance)
+     do {
+ 	angle = M_PI / i++;
+ 	error = _arc_error_normalized (angle);
+-    } while (error > tolerance);
++    } while (error > tolerance && error > __DBL_EPSILON__);
  
--    assert (angle_max >= angle_min);
-+    if (angle_max < angle_min)
-+       return;
- 
-     if (angle_max - angle_min > 2 * M_PI * MAX_FULL_CIRCLES) {
- 	angle_max = fmod (angle_max - angle_min, 2 * M_PI);
+     return angle;
+ }