cairo: upgrade 1.16.0 -> 1.18.0

Message ID	1699238045-2801-1-git-send-email-qiutt@fujitsu.com
State	New
Headers	show Return-Path: <qiutt@fujitsu.com> ip: 139.138.61.253, mailfrom: qiutt@fujitsu.com) From: qiutt@fujitsu.com To: openembedded-core@lists.openembedded.org Cc: qiutt <qiutt@fujitsu.com> Subject: [PATCH] cairo: upgrade 1.16.0 -> 1.18.0 Date: Mon, 6 Nov 2023 10:34:05 +0800 Message-Id: <1699238045-2801-1-git-send-email-qiutt@fujitsu.com>
Series	cairo: upgrade 1.16.0 -> 1.18.0 \| expand cairo: upgrade 1.16.0 -> 1.18.0

Message ID

1699238045-2801-1-git-send-email-qiutt@fujitsu.com

State

New

Headers

From: qiutt@fujitsu.com
To: openembedded-core@lists.openembedded.org
Cc: qiutt <qiutt@fujitsu.com>
Subject: [PATCH] cairo: upgrade 1.16.0 -> 1.18.0
Date: Mon,  6 Nov 2023 10:34:05 +0800
Message-Id: <1699238045-2801-1-git-send-email-qiutt@fujitsu.com>

Series

cairo: upgrade 1.16.0 -> 1.18.0 | expand

Commit Message

qiutt@fujitsu.com Nov. 6, 2023, 2:34 a.m. UTC

From: qiutt <qiutt@fujitsu.com>

Changelog for 1.18.0 [1]:
  The cairo-sphinx tool has been removed
  Cairo now implements Type 3 color fonts for PDF
  The XML surface has been removed
  The Tee surface is now automatically enabled
  The Quartz surface is improved
  Cairo now hides all private symbols by default on every platform
  Fixed multiple issues

[1] https://www.cairographics.org/news/cairo-1.18.0/

Signed-off-by: qiutt <qiutt@fujitsu.com>
---
 .../cairo/cairo/CVE-2018-19876.patch          | 34 -----------
 .../cairo/cairo/CVE-2019-6461.patch           | 13 ++--
 .../cairo/cairo/CVE-2019-6462.patch           | 40 -------------
 .../cairo/cairo/CVE-2020-35492.patch          | 60 -------------------
 .../{cairo_1.16.0.bb => cairo_1.18.0.bb}      | 41 ++++---------
 5 files changed, 18 insertions(+), 170 deletions(-)
 delete mode 100644 meta/recipes-graphics/cairo/cairo/CVE-2018-19876.patch
 delete mode 100644 meta/recipes-graphics/cairo/cairo/CVE-2019-6462.patch
 delete mode 100644 meta/recipes-graphics/cairo/cairo/CVE-2020-35492.patch
 rename meta/recipes-graphics/cairo/{cairo_1.16.0.bb => cairo_1.18.0.bb} (68%)

Comments

Alexander Kanavin Nov. 6, 2023, 12:27 p.m. UTC | #1

Thanks for working on this. Some comments below.

On Mon, 6 Nov 2023 at 03:34, qiutt@fujitsu.com <qiutt@fujitsu.com> wrote:
> --- a/meta/recipes-graphics/cairo/cairo_1.16.0.bb
> +++ b/meta/recipes-graphics/cairo/cairo_1.18.0.bb
> @@ -30,47 +30,28 @@ DEPENDS = "fontconfig glib-2.0 libpng pixman zlib"
>
>  SRC_URI = "http://cairographics.org/releases/cairo-${PV}.tar.xz \
>             file://cairo-get_bitmap_surface-bsc1036789-CVE-2017-7475.diff \
> -           file://CVE-2018-19876.patch \
>             file://CVE-2019-6461.patch \
> -           file://CVE-2019-6462.patch \
> -           file://CVE-2020-35492.patch \

I think CVE-2019-6461.patch in particular can be dropped too:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6461
points to
https://gitlab.freedesktop.org/cairo/cairo/-/issues/352
which points to
https://gitlab.freedesktop.org/cairo/cairo/-/merge_requests/515
which is a part of 1.18.0.

Please include the links into the revised commit message.

> -SRC_URI[md5sum] = "f19e0353828269c22bd72e271243a552"
> -SRC_URI[sha256sum] = "5e7b29b3f113ef870d1e3ecf8adf21f923396401604bda16d44be45e66052331"
> +SRC_URI[md5sum] = "3f0685fbadc530606f965b9645bb51d9"
> +SRC_URI[sha256sum] = "243a0736b978a33dee29f9cca7521733b78a65b5418206fef7bd1c3d4cf10b64"

md5sum can be dropped, as it hasn't been used by fetcher for a long time.

> -inherit autotools pkgconfig upstream-version-is-even gtk-doc multilib_script
> +inherit meson pkgconfig

All of the removed inherits need to be explained, or kept.
Particularly, upstream-version-is-even rule still applies, and gtk-doc
support should be kept as well:
https://gitlab.freedesktop.org/cairo/cairo/-/blob/master/meson_options.txt

> +EXTRA_OEMESON = "-Dglib=enabled -Dpng=enabled -Dfontconfig=enabled -Dzlib=enabled"

How were these picked? Should they be PACKAGECONFIG options, enabled by default?

>  MULTILIB_SCRIPTS = "${PN}-perf-utils:${bindir}/cairo-trace"

This implies that 'inherit multilib_script' should be kept too.

> -PACKAGECONFIG[directfb] = "--enable-directfb=yes,,directfb"
> -PACKAGECONFIG[valgrind] = "--enable-valgrind=yes,--disable-valgrind,valgrind"
> -PACKAGECONFIG[egl] = "--enable-egl=yes,--disable-egl,virtual/egl"
> -PACKAGECONFIG[glesv2] = "--enable-glesv2,--disable-glesv2,virtual/libgles2"
> -PACKAGECONFIG[opengl] = "--enable-gl,--disable-gl,virtual/libgl"
> -# trace is under GPLv3
> -PACKAGECONFIG[trace] = "--enable-trace,--disable-trace"

Please mention that these options are all gone:
https://gitlab.freedesktop.org/cairo/cairo/-/blob/master/meson_options.txt

Alex

Ross Burton Nov. 6, 2023, 12:49 p.m. UTC | #2

Comparing this to my WIP patch of the snapshot in September:

https://git.yoctoproject.org/poky-contrib/commit/?h=ross/cairo&id=9216e710b322581e2ebec5f763fa345cb16e0409

The BUGTRACKER field needs updating.

> +SRC_URI[md5sum] = "3f0685fbadc530606f965b9645bb51d9"

Drop.

> X11DEPENDS = "virtual/libx11 libsm libxrender libxext"

This list of dependencies is smaller now, so I inlined it.

> +PACKAGECONFIG ??= " \
> + ${@bb.utils.contains('DISTRO_FEATURES', 'x11', 'x11 xcb', '', d)} \
> +"
> +
> PACKAGECONFIG:class-native = "${@bb.utils.contains('DISTRO_FEATURES', 'x11', 'x11 xcb', '', d)}"
> PACKAGECONFIG:class-nativesdk = "${@bb.utils.contains('DISTRO_FEATURES', 'x11', 'x11 xcb', '', d)}”

Same line three times, no need for the overrides.

> +PACKAGECONFIG[x11] = "-Dxlib=enabled,-Dxlib=disabled,${X11DEPENDS}"
> +PACKAGECONFIG[xcb] = "-Dxcb=enabled,-Dxcb=disabled,libxcb"

Inline the dependencies, and rename x11 to xlib, as that’s what the option is called.

The do_install:append can be trimmed, see my WIP.

> -FILES:${PN} = "${libdir}/libcairo.so.*"
> +FILES:${PN} = "${libdir}/libcairo.so.* ${libdir}/cairo/libcairo-fdr.so*"
> FILES:${PN}-gobject = "${libdir}/libcairo-gobject.so.*"
> FILES:${PN}-script-interpreter = "${libdir}/libcairo-script-interpreter.so.*"
> FILES:${PN}-perf-utils = "${bindir}/cairo-trace* ${libdir}/cairo/*.la ${libdir}/cairo/libcairo-trace.so”

cairo-fdr should be in perf-utils, not the core library.

Ross

diff --git a/meta/recipes-graphics/cairo/cairo/CVE-2018-19876.patch b/meta/recipes-graphics/cairo/cairo/CVE-2018-19876.patch
deleted file mode 100644
index 4252a5663b..0000000000
--- a/meta/recipes-graphics/cairo/cairo/CVE-2018-19876.patch
+++ /dev/null
@@ -1,34 +0,0 @@ 
-CVE: CVE-2018-19876
-Upstream-Status: Backport
-Signed-off-by: Ross Burton <ross.burton@intel.com>
-
-From 90e85c2493fdfa3551f202ff10282463f1e36645 Mon Sep 17 00:00:00 2001
-From: Carlos Garcia Campos <cgarcia@igalia.com>
-Date: Mon, 19 Nov 2018 12:33:07 +0100
-Subject: [PATCH] ft: Use FT_Done_MM_Var instead of free when available in
- cairo_ft_apply_variations
-
-Fixes a crash when using freetype >= 2.9
----
- src/cairo-ft-font.c | 4 ++++
- 1 file changed, 4 insertions(+)
-
-diff --git a/src/cairo-ft-font.c b/src/cairo-ft-font.c
-index 325dd61b4..981973f78 100644
---- a/src/cairo-ft-font.c
-+++ b/src/cairo-ft-font.c
-@@ -2393,7 +2393,11 @@ skip:
- done:
-         free (coords);
-         free (current_coords);
-+#if HAVE_FT_DONE_MM_VAR
-+        FT_Done_MM_Var (face->glyph->library, ft_mm_var);
-+#else
-         free (ft_mm_var);
-+#endif
-     }
- }
- 
--- 
-2.11.0
-
diff --git a/meta/recipes-graphics/cairo/cairo/CVE-2019-6461.patch b/meta/recipes-graphics/cairo/cairo/CVE-2019-6461.patch
index a2dba6cb20..fab514332c 100644
--- a/meta/recipes-graphics/cairo/cairo/CVE-2019-6461.patch
+++ b/meta/recipes-graphics/cairo/cairo/CVE-2019-6461.patch
@@ -1,15 +1,16 @@ 
 There is an assertion in function _cairo_arc_in_direction().
+backport for 1.18.0 version.
+Signed-off-by: Qiu Tingting <qiutt@fujitsu.com>
 
 CVE: CVE-2019-6461
 Upstream-Status: Pending
 Signed-off-by: Ross Burton <ross.burton@intel.com>
 
-diff --git a/src/cairo-arc.c b/src/cairo-arc.c
-index 390397bae..1bde774a4 100644
---- a/src/cairo-arc.c
-+++ b/src/cairo-arc.c
-@@ -186,7 +186,8 @@ _cairo_arc_in_direction (cairo_t	  *cr,
-     if (cairo_status (cr))
+diff -rNu c/src/cairo-arc.c d/src/cairo-arc.c
+--- c/src/cairo-arc.c	2023-10-25 08:30:04.502179244 +0800
++++ d/src/cairo-arc.c	2023-10-25 08:30:25.122179639 +0800
+@@ -191,7 +191,8 @@
+     if (! ISFINITE (angle_max) || ! ISFINITE (angle_min))
          return;
  
 -    assert (angle_max >= angle_min);
diff --git a/meta/recipes-graphics/cairo/cairo/CVE-2019-6462.patch b/meta/recipes-graphics/cairo/cairo/CVE-2019-6462.patch
deleted file mode 100644
index 7c3209291b..0000000000
--- a/meta/recipes-graphics/cairo/cairo/CVE-2019-6462.patch
+++ /dev/null
@@ -1,40 +0,0 @@ 
-CVE: CVE-2019-6462
-Upstream-Status: Backport
-Signed-off-by: Quentin Schulz <quentin.schulz@theobroma-systems.com>
-
-From ab2c5ee21e5f3d3ee4b3f67cfcd5811a4f99c3a0 Mon Sep 17 00:00:00 2001
-From: Heiko Lewin <hlewin@gmx.de>
-Date: Sun, 1 Aug 2021 11:16:03 +0000
-Subject: [PATCH] _arc_max_angle_for_tolerance_normalized: fix infinite loop
-
----
- src/cairo-arc.c | 4 +++-
- 1 file changed, 3 insertions(+), 1 deletion(-)
-
-diff --git a/src/cairo-arc.c b/src/cairo-arc.c
-index 390397bae..1c891d1a0 100644
---- a/src/cairo-arc.c
-+++ b/src/cairo-arc.c
-@@ -90,16 +90,18 @@ _arc_max_angle_for_tolerance_normalized (double tolerance)
- 	{ M_PI / 11.0,  9.81410988043554039085e-09 },
-     };
-     int table_size = ARRAY_LENGTH (table);
-+    const int max_segments = 1000; /* this value is chosen arbitrarily. this gives an error of about 1.74909e-20 */
- 
-     for (i = 0; i < table_size; i++)
- 	if (table[i].error < tolerance)
- 	    return table[i].angle;
- 
-     ++i;
-+
-     do {
- 	angle = M_PI / i++;
- 	error = _arc_error_normalized (angle);
--    } while (error > tolerance);
-+    } while (error > tolerance && i < max_segments);
- 
-     return angle;
- }
--- 
-2.38.1
-
diff --git a/meta/recipes-graphics/cairo/cairo/CVE-2020-35492.patch b/meta/recipes-graphics/cairo/cairo/CVE-2020-35492.patch
deleted file mode 100644
index fb6ce5cfdf..0000000000
--- a/meta/recipes-graphics/cairo/cairo/CVE-2020-35492.patch
+++ /dev/null
@@ -1,60 +0,0 @@ 
-Fix stack buffer overflow.
-
-CVE: CVE-2020-35492
-Upstream-Status: Backport
-Signed-off-by: Ross Burton <ross.burton@arm.com>
-
-From 03a820b173ed1fdef6ff14b4468f5dbc02ff59be Mon Sep 17 00:00:00 2001
-From: Heiko Lewin <heiko.lewin@worldiety.de>
-Date: Tue, 15 Dec 2020 16:48:19 +0100
-Subject: [PATCH] Fix mask usage in image-compositor
-
----
- src/cairo-image-compositor.c                |   8 ++--
- test/Makefile.sources                       |   1 +
- test/bug-image-compositor.c                 |  39 ++++++++++++++++++++
- test/reference/bug-image-compositor.ref.png | Bin 0 -> 185 bytes
- 4 files changed, 44 insertions(+), 4 deletions(-)
- create mode 100644 test/bug-image-compositor.c
- create mode 100644 test/reference/bug-image-compositor.ref.png
-
-diff --git a/src/cairo-image-compositor.c b/src/cairo-image-compositor.c
-index 79ad69f68..4f8aaed99 100644
---- a/src/cairo-image-compositor.c
-+++ b/src/cairo-image-compositor.c
-@@ -2601,14 +2601,14 @@ _inplace_src_spans (void *abstract_renderer, int y, int h,
- 		    unsigned num_spans)
- {
-     cairo_image_span_renderer_t *r = abstract_renderer;
--    uint8_t *m;
-+    uint8_t *m, *base = (uint8_t*)pixman_image_get_data(r->mask);
-     int x0;
- 
-     if (num_spans == 0)
- 	return CAIRO_STATUS_SUCCESS;
- 
-     x0 = spans[0].x;
--    m = r->_buf;
-+    m = base;
-     do {
- 	int len = spans[1].x - spans[0].x;
- 	if (len >= r->u.composite.run_length && spans[0].coverage == 0xff) {
-@@ -2655,7 +2655,7 @@ _inplace_src_spans (void *abstract_renderer, int y, int h,
- 				      spans[0].x, y,
- 				      spans[1].x - spans[0].x, h);
- 
--	    m = r->_buf;
-+	    m = base;
- 	    x0 = spans[1].x;
- 	} else if (spans[0].coverage == 0x0) {
- 	    if (spans[0].x != x0) {
-@@ -2684,7 +2684,7 @@ _inplace_src_spans (void *abstract_renderer, int y, int h,
- #endif
- 	    }
- 
--	    m = r->_buf;
-+	    m = base;
- 	    x0 = spans[1].x;
- 	} else {
- 	    *m++ = spans[0].coverage;
--- 
diff --git a/meta/recipes-graphics/cairo/cairo_1.16.0.bb b/meta/recipes-graphics/cairo/cairo_1.18.0.bb
similarity index 68%
rename from meta/recipes-graphics/cairo/cairo_1.16.0.bb
rename to meta/recipes-graphics/cairo/cairo_1.18.0.bb
index ffb813d290..a1efc82d45 100644
--- a/meta/recipes-graphics/cairo/cairo_1.16.0.bb
+++ b/meta/recipes-graphics/cairo/cairo_1.18.0.bb
@@ -30,47 +30,28 @@  DEPENDS = "fontconfig glib-2.0 libpng pixman zlib"
 
 SRC_URI = "http://cairographics.org/releases/cairo-${PV}.tar.xz \
            file://cairo-get_bitmap_surface-bsc1036789-CVE-2017-7475.diff \
-           file://CVE-2018-19876.patch \
            file://CVE-2019-6461.patch \
-           file://CVE-2019-6462.patch \
-           file://CVE-2020-35492.patch \
           "
 
-SRC_URI[md5sum] = "f19e0353828269c22bd72e271243a552"
-SRC_URI[sha256sum] = "5e7b29b3f113ef870d1e3ecf8adf21f923396401604bda16d44be45e66052331"
+SRC_URI[md5sum] = "3f0685fbadc530606f965b9645bb51d9"
+SRC_URI[sha256sum] = "243a0736b978a33dee29f9cca7521733b78a65b5418206fef7bd1c3d4cf10b64"
 
-inherit autotools pkgconfig upstream-version-is-even gtk-doc multilib_script
+inherit meson pkgconfig
+EXTRA_OEMESON = "-Dglib=enabled -Dpng=enabled -Dfontconfig=enabled -Dzlib=enabled"
 
 MULTILIB_SCRIPTS = "${PN}-perf-utils:${bindir}/cairo-trace"
 
 X11DEPENDS = "virtual/libx11 libsm libxrender libxext"
 
-PACKAGECONFIG ??= "${@bb.utils.filter('DISTRO_FEATURES', 'directfb', d)} \
-                   ${@bb.utils.contains('DISTRO_FEATURES', 'x11', 'x11 xcb', '', d)} \
-                   ${@bb.utils.contains('DISTRO_FEATURES', 'x11 opengl', 'opengl', '', d)} \
-                   trace"
+PACKAGECONFIG ??= " \
+	${@bb.utils.contains('DISTRO_FEATURES', 'x11', 'x11 xcb', '', d)} \
+"
+
 PACKAGECONFIG:class-native = "${@bb.utils.contains('DISTRO_FEATURES', 'x11', 'x11 xcb', '', d)}"
 PACKAGECONFIG:class-nativesdk = "${@bb.utils.contains('DISTRO_FEATURES', 'x11', 'x11 xcb', '', d)}"
 
-PACKAGECONFIG[x11] = "--with-x=yes -enable-xlib,--with-x=no --disable-xlib,${X11DEPENDS}"
-PACKAGECONFIG[xcb] = "--enable-xcb,--disable-xcb,libxcb"
-PACKAGECONFIG[directfb] = "--enable-directfb=yes,,directfb"
-PACKAGECONFIG[valgrind] = "--enable-valgrind=yes,--disable-valgrind,valgrind"
-PACKAGECONFIG[egl] = "--enable-egl=yes,--disable-egl,virtual/egl"
-PACKAGECONFIG[glesv2] = "--enable-glesv2,--disable-glesv2,virtual/libgles2"
-PACKAGECONFIG[opengl] = "--enable-gl,--disable-gl,virtual/libgl"
-# trace is under GPLv3
-PACKAGECONFIG[trace] = "--enable-trace,--disable-trace"
-
-EXTRA_OECONF += " \
-    ${@bb.utils.contains('TARGET_FPU', 'soft', '--disable-some-floating-point', '', d)} \
-    --enable-tee \
-"
-
-# We don't depend on binutils so we need to disable this
-export ac_cv_lib_bfd_bfd_openr="no"
-# Ensure we don't depend on LZO
-export ac_cv_lib_lzo2_lzo2a_decompress="no"
+PACKAGECONFIG[x11] = "-Dxlib=enabled,-Dxlib=disabled,${X11DEPENDS}"
+PACKAGECONFIG[xcb] = "-Dxcb=enabled,-Dxcb=disabled,libxcb"
 
 do_install:append () {
 	rm -rf ${D}${bindir}/cairo-sphinx
@@ -96,7 +77,7 @@  to replay rendering."
 
 DESCRIPTION:cairo-perf-utils = "The Cairo library performance utilities"
 
-FILES:${PN} = "${libdir}/libcairo.so.*"
+FILES:${PN} = "${libdir}/libcairo.so.* ${libdir}/cairo/libcairo-fdr.so*"
 FILES:${PN}-gobject = "${libdir}/libcairo-gobject.so.*"
 FILES:${PN}-script-interpreter = "${libdir}/libcairo-script-interpreter.so.*"
 FILES:${PN}-perf-utils = "${bindir}/cairo-trace* ${libdir}/cairo/*.la ${libdir}/cairo/libcairo-trace.so"

cairo: upgrade 1.16.0 -> 1.18.0

Commit Message

Comments

Patch