Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status
summaryrefslogtreecommitdiff
path: root/dev-qt/qtwebengine/files
diff options
context:
space:
mode:
authorAndreas Sturmlechner <asturm@gentoo.org>2021-11-14 20:40:43 +0100
committerAndreas Sturmlechner <asturm@gentoo.org>2021-11-14 20:53:01 +0100
commit476a64a83f7929a4d83fe02e0f10c39557440eea (patch)
treed514a4d44ab9e60feff40d1f78fc4daa2b5a45b3 /dev-qt/qtwebengine/files
parentdev-python/prompt_toolkit: Remove old (diff)
downloadgentoo-476a64a83f7929a4d83fe02e0f10c39557440eea.tar.gz
gentoo-476a64a83f7929a4d83fe02e0f10c39557440eea.tar.bz2
gentoo-476a64a83f7929a4d83fe02e0f10c39557440eea.zip
dev-qt/qtwebengine: Cleanup vulnerable 5.15.2_p20210824-r1
Bug: https://bugs.gentoo.org/815397 Package-Manager: Portage-3.0.28, Repoman-3.0.3 Signed-off-by: Andreas Sturmlechner <asturm@gentoo.org>
Diffstat (limited to 'dev-qt/qtwebengine/files')
-rw-r--r--dev-qt/qtwebengine/files/qtwebengine-5.15.2_p20210406-glibc-2.33.patch141
-rw-r--r--dev-qt/qtwebengine/files/qtwebengine-5.15.2_p20210521-clang-libc++.patch10
-rw-r--r--dev-qt/qtwebengine/files/qtwebengine-5.15.2_p20210521-gcc11.patch74
-rw-r--r--dev-qt/qtwebengine/files/qtwebengine-5.15.2_p20210824-harfbuzz-3.0.0.patch32
4 files changed, 0 insertions, 257 deletions
diff --git a/dev-qt/qtwebengine/files/qtwebengine-5.15.2_p20210406-glibc-2.33.patch b/dev-qt/qtwebengine/files/qtwebengine-5.15.2_p20210406-glibc-2.33.patch
deleted file mode 100644
index cb90428e8d49..000000000000
--- a/dev-qt/qtwebengine/files/qtwebengine-5.15.2_p20210406-glibc-2.33.patch
+++ /dev/null
@@ -1,141 +0,0 @@
-diff -up b/src/3rdparty/chromium/sandbox/linux/seccomp-bpf-helpers/baseline_policy.cc b/src/3rdparty/chromium/sandbox/linux/seccomp-bpf-helpers/baseline_policy.cc
---- a/src/3rdparty/chromium/sandbox/linux/seccomp-bpf-helpers/baseline_policy.cc
-+++ b/src/3rdparty/chromium/sandbox/linux/seccomp-bpf-helpers/baseline_policy.cc
-@@ -257,6 +257,18 @@ ResultExpr EvaluateSyscallImpl(int fs_de
- return RestrictKillTarget(current_pid, sysno);
- }
-
-+#if defined(__NR_newfstatat)
-+ if (sysno == __NR_newfstatat) {
-+ return RewriteFstatatSIGSYS();
-+ }
-+#endif
-+
-+#if defined(__NR_fstatat64)
-+ if (sysno == __NR_fstatat64) {
-+ return RewriteFstatatSIGSYS();
-+ }
-+#endif
-+
- if (SyscallSets::IsFileSystem(sysno) ||
- SyscallSets::IsCurrentDirectory(sysno)) {
- return Error(fs_denied_errno);
-diff -up b/src/3rdparty/chromium/sandbox/linux/seccomp-bpf-helpers/sigsys_handlers.cc b/src/3rdparty/chromium/sandbox/linux/seccomp-bpf-helpers/sigsys_handlers.cc
---- a/src/3rdparty/chromium/sandbox/linux/seccomp-bpf-helpers/sigsys_handlers.cc
-+++ b/src/3rdparty/chromium/sandbox/linux/seccomp-bpf-helpers/sigsys_handlers.cc
-@@ -6,6 +6,8 @@
-
- #include "sandbox/linux/seccomp-bpf-helpers/sigsys_handlers.h"
-
-+#include <errno.h>
-+#include <fcntl.h>
- #include <stddef.h>
- #include <stdint.h>
- #include <string.h>
-@@ -355,6 +357,35 @@ intptr_t SIGSYSSchedHandler(const struct
- return -ENOSYS;
- }
-
-+intptr_t SIGSYSFstatatHandler(const struct arch_seccomp_data& args,
-+ void* aux) {
-+ switch (args.nr) {
-+#if defined(__NR_newfstatat)
-+ case __NR_newfstatat:
-+#endif
-+#if defined(__NR_fstatat64)
-+ case __NR_fstatat64:
-+#endif
-+#if defined(__NR_newfstatat) || defined(__NR_fstatat64)
-+ if (*reinterpret_cast<const char *>(args.args[1]) == '\0'
-+ && args.args[3] == static_cast<uint64_t>(AT_EMPTY_PATH)) {
-+ return sandbox::sys_fstat64(static_cast<int>(args.args[0]),
-+ reinterpret_cast<struct stat64 *>(args.args[2]));
-+ } else {
-+ errno = EACCES;
-+ return -1;
-+ }
-+ break;
-+#endif
-+ }
-+
-+ CrashSIGSYS_Handler(args, aux);
-+
-+ // Should never be reached.
-+ RAW_CHECK(false);
-+ return -ENOSYS;
-+}
-+
- bpf_dsl::ResultExpr CrashSIGSYS() {
- return bpf_dsl::Trap(CrashSIGSYS_Handler, NULL);
- }
-@@ -387,6 +418,10 @@ bpf_dsl::ResultExpr RewriteSchedSIGSYS()
- return bpf_dsl::Trap(SIGSYSSchedHandler, NULL);
- }
-
-+bpf_dsl::ResultExpr RewriteFstatatSIGSYS() {
-+ return bpf_dsl::Trap(SIGSYSFstatatHandler, NULL);
-+}
-+
- void AllocateCrashKeys() {
- #if !defined(OS_NACL_NONSFI)
- if (seccomp_crash_key)
-diff -up b/src/3rdparty/chromium/sandbox/linux/seccomp-bpf-helpers/sigsys_handlers.h b/src/3rdparty/chromium/sandbox/linux/seccomp-bpf-helpers/sigsys_handlers.h
---- a/src/3rdparty/chromium/sandbox/linux/seccomp-bpf-helpers/sigsys_handlers.h
-+++ b/src/3rdparty/chromium/sandbox/linux/seccomp-bpf-helpers/sigsys_handlers.h
-@@ -62,6 +62,10 @@ SANDBOX_EXPORT intptr_t SIGSYSPtraceFail
- // sched_setparam(), sched_setscheduler()
- SANDBOX_EXPORT intptr_t SIGSYSSchedHandler(const arch_seccomp_data& args,
- void* aux);
-+// If the fstatat syscall is actually a disguised fstat, calls the regular fstat
-+// syscall, otherwise, crashes in the same way as CrashSIGSYS_Handler.
-+SANDBOX_EXPORT intptr_t SIGSYSFstatatHandler(const struct arch_seccomp_data& args,
-+ void* aux);
-
- // Variants of the above functions for use with bpf_dsl.
- SANDBOX_EXPORT bpf_dsl::ResultExpr CrashSIGSYS();
-@@ -72,6 +76,7 @@ SANDBOX_EXPORT bpf_dsl::ResultExpr Crash
- SANDBOX_EXPORT bpf_dsl::ResultExpr CrashSIGSYSFutex();
- SANDBOX_EXPORT bpf_dsl::ResultExpr CrashSIGSYSPtrace();
- SANDBOX_EXPORT bpf_dsl::ResultExpr RewriteSchedSIGSYS();
-+SANDBOX_EXPORT bpf_dsl::ResultExpr RewriteFstatatSIGSYS();
-
- // Allocates a crash key so that Seccomp information can be recorded.
- void AllocateCrashKeys();
-diff -up b/src/3rdparty/chromium/sandbox/linux/services/syscall_wrappers.cc b/src/3rdparty/chromium/sandbox/linux/services/syscall_wrappers.cc
---- a/src/3rdparty/chromium/sandbox/linux/services/syscall_wrappers.cc
-+++ b/src/3rdparty/chromium/sandbox/linux/services/syscall_wrappers.cc
-@@ -261,4 +261,13 @@ int sys_sigaction(int signum,
-
- #endif // defined(MEMORY_SANITIZER)
-
-+SANDBOX_EXPORT int sys_fstat64(int fd, struct stat64 *buf)
-+{
-+#if defined(__NR_fstat64)
-+ return syscall(__NR_fstat64, fd, buf);
-+#else
-+ return syscall(__NR_fstat, fd, buf);
-+#endif
-+}
-+
- } // namespace sandbox
-diff -up b/src/3rdparty/chromium/sandbox/linux/services/syscall_wrappers.h b/src/3rdparty/chromium/sandbox/linux/services/syscall_wrappers.h
---- a/src/3rdparty/chromium/sandbox/linux/services/syscall_wrappers.h
-+++ b/src/3rdparty/chromium/sandbox/linux/services/syscall_wrappers.h
-@@ -17,6 +17,7 @@ struct sock_fprog;
- struct rlimit64;
- struct cap_hdr;
- struct cap_data;
-+struct stat64;
-
- namespace sandbox {
-
-@@ -84,6 +85,9 @@ SANDBOX_EXPORT int sys_sigaction(int sig
- const struct sigaction* act,
- struct sigaction* oldact);
-
-+// Recent glibc rewrites fstat to fstatat.
-+SANDBOX_EXPORT int sys_fstat64(int fd, struct stat64 *buf);
-+
- } // namespace sandbox
-
- #endif // SANDBOX_LINUX_SERVICES_SYSCALL_WRAPPERS_H_
diff --git a/dev-qt/qtwebengine/files/qtwebengine-5.15.2_p20210521-clang-libc++.patch b/dev-qt/qtwebengine/files/qtwebengine-5.15.2_p20210521-clang-libc++.patch
deleted file mode 100644
index fdcc787971ca..000000000000
--- a/dev-qt/qtwebengine/files/qtwebengine-5.15.2_p20210521-clang-libc++.patch
+++ /dev/null
@@ -1,10 +0,0 @@
---- a/src/buildtools/gn.pro
-+++ b/src/buildtools/gn.pro
-@@ -25,6 +25,7 @@
- msvc:!clang_cl: gn_gen_args += --use-lto
-
- gn_configure = $$system_quote($$gn_bootstrap) $$gn_gen_args
-+ gn_configure += --no-static-libstdc++
- macos {
- gn_configure += --isysroot \"$$QMAKE_MAC_SDK_PATH\"
- }
diff --git a/dev-qt/qtwebengine/files/qtwebengine-5.15.2_p20210521-gcc11.patch b/dev-qt/qtwebengine/files/qtwebengine-5.15.2_p20210521-gcc11.patch
deleted file mode 100644
index 0014ec135441..000000000000
--- a/dev-qt/qtwebengine/files/qtwebengine-5.15.2_p20210521-gcc11.patch
+++ /dev/null
@@ -1,74 +0,0 @@
-diff --git a/src/3rdparty/chromium/third_party/angle/src/libANGLE/HandleAllocator.cpp b/src/3rdparty/chromium/third_party/angle/src/libANGLE/HandleAllocator.cpp
-index 013f1dfb2..3ce63c192 100644
---- a/src/3rdparty/chromium/third_party/angle/src/libANGLE/HandleAllocator.cpp
-+++ b/src/3rdparty/chromium/third_party/angle/src/libANGLE/HandleAllocator.cpp
-@@ -9,6 +9,7 @@
-
- #include "libANGLE/HandleAllocator.h"
-
-+#include <limits>
- #include <algorithm>
- #include <functional>
-
-diff --git a/src/3rdparty/chromium/ui/accessibility/platform/ax_platform_atk_hyperlink.cc b/src/3rdparty/chromium/ui/accessibility/platform/ax_platform_atk_hyperlink.cc
-index be91def6b..73f202356 100644
---- a/src/3rdparty/chromium/ui/accessibility/platform/ax_platform_atk_hyperlink.cc
-+++ b/src/3rdparty/chromium/ui/accessibility/platform/ax_platform_atk_hyperlink.cc
-@@ -245,7 +245,7 @@ static void AXPlatformAtkHyperlinkInit(AXPlatformAtkHyperlink* self, gpointer) {
- }
-
- GType ax_platform_atk_hyperlink_get_type() {
-- static volatile gsize type_volatile = 0;
-+ static gsize type_volatile = 0;
-
- AXPlatformNodeAuraLinux::EnsureGTypeInit();
-
-diff --git a/src/3rdparty/chromium/ui/accessibility/platform/ax_platform_node_auralinux.cc b/src/3rdparty/chromium/ui/accessibility/platform/ax_platform_node_auralinux.cc
-index 04125c6fd..6c64e5d8e 100644
---- a/src/3rdparty/chromium/ui/accessibility/platform/ax_platform_node_auralinux.cc
-+++ b/src/3rdparty/chromium/ui/accessibility/platform/ax_platform_node_auralinux.cc
-@@ -2274,7 +2274,7 @@ void ClassInit(gpointer class_pointer, gpointer /* class_data */) {
- GType GetType() {
- AXPlatformNodeAuraLinux::EnsureGTypeInit();
-
-- static volatile gsize type_volatile = 0;
-+ static gsize type_volatile = 0;
- if (g_once_init_enter(&type_volatile)) {
- static const GTypeInfo type_info = {
- sizeof(AXPlatformNodeAuraLinuxClass), // class_size
-diff --git a/src/3rdparty/chromium/ui/gtk/gtk_key_bindings_handler.cc b/src/3rdparty/chromium/ui/gtk/gtk_key_bindings_handler.cc
-index c663a2074..38a342484 100644
---- a/src/3rdparty/chromium/ui/gtk/gtk_key_bindings_handler.cc
-+++ b/src/3rdparty/chromium/ui/gtk/gtk_key_bindings_handler.cc
-@@ -141,7 +141,7 @@ void GtkKeyBindingsHandler::HandlerClassInit(HandlerClass* klass) {
- }
-
- GType GtkKeyBindingsHandler::HandlerGetType() {
-- static volatile gsize type_id_volatile = 0;
-+ static gsize type_id_volatile = 0;
- if (g_once_init_enter(&type_id_volatile)) {
- GType type_id = g_type_register_static_simple(
- GTK_TYPE_TEXT_VIEW, g_intern_static_string("GtkKeyBindingsHandler"),
---- a/src/3rdparty/chromium/components/bookmarks/browser/bookmark_expanded_state_tracker.cc
-+++ b/src/3rdparty/chromium/components/bookmarks/browser/bookmark_expanded_state_tracker.cc
-@@ -2,6 +2,7 @@
- // Use of this source code is governed by a BSD-style license that can be
- // found in the LICENSE file.
-
-+#include <cstddef>
- #include "components/bookmarks/browser/bookmark_expanded_state_tracker.h"
-
- #include <stdint.h>
-diff --git a/src/3rdparty/chromium/components/bookmarks/browser/base_bookmark_model_observer.cc b/src/3rdparty/chromium/components/bookmarks/browser/base_bookmark_model_observer.cc
-index 657a3c96b..ad641a082 100644
---- a/src/3rdparty/chromium/components/bookmarks/browser/base_bookmark_model_observer.cc
-+++ b/src/3rdparty/chromium/components/bookmarks/browser/base_bookmark_model_observer.cc
-@@ -2,6 +2,8 @@
- // Use of this source code is governed by a BSD-style license that can be
- // found in the LICENSE file.
-
-+#include <cstddef>
-+
- #include "components/bookmarks/browser/base_bookmark_model_observer.h"
-
- namespace bookmarks {
diff --git a/dev-qt/qtwebengine/files/qtwebengine-5.15.2_p20210824-harfbuzz-3.0.0.patch b/dev-qt/qtwebengine/files/qtwebengine-5.15.2_p20210824-harfbuzz-3.0.0.patch
deleted file mode 100644
index 61e56d5ae4f5..000000000000
--- a/dev-qt/qtwebengine/files/qtwebengine-5.15.2_p20210824-harfbuzz-3.0.0.patch
+++ /dev/null
@@ -1,32 +0,0 @@
-https://src.fedoraproject.org/rpms/qt5-qtwebengine/raw/rawhide/f/qtwebengine-harfbuzz.patch
---- a/src/3rdparty/chromium/components/paint_preview/common/subset_font.cc
-+++ b/src/3rdparty/chromium/components/paint_preview/common/subset_font.cc
-@@ -71,9 +71,9 @@ sk_sp<SkData> SubsetFont(SkTypeface* typeface, const GlyphUsage& usage) {
- hb_set_t* glyphs =
- hb_subset_input_glyph_set(input.get()); // Owned by |input|.
- usage.ForEach(base::BindRepeating(&AddGlyphs, base::Unretained(glyphs)));
-- hb_subset_input_set_retain_gids(input.get(), true);
-+ hb_subset_input_set_flags(input.get(), HB_SUBSET_FLAGS_RETAIN_GIDS);
-
-- HbScoped<hb_face_t> subset_face(hb_subset(face.get(), input.get()));
-+ HbScoped<hb_face_t> subset_face(hb_subset_or_fail(face.get(), input.get()));
- HbScoped<hb_blob_t> subset_blob(hb_face_reference_blob(subset_face.get()));
- if (!subset_blob)
- return nullptr;
---- a/src/3rdparty/chromium/third_party/skia/src/pdf/SkPDFSubsetFont.cpp
-+++ b/src/3rdparty/chromium/third_party/skia/src/pdf/SkPDFSubsetFont.cpp
-@@ -71,11 +71,10 @@ static sk_sp<SkData> subset_harfbuzz(sk_sp<SkData> fontData,
- hb_set_t* glyphs = hb_subset_input_glyph_set(input.get());
- glyphUsage.getSetValues([&glyphs](unsigned gid) { hb_set_add(glyphs, gid);});
-
-- hb_subset_input_set_retain_gids(input.get(), true);
- // TODO: When possible, check if a font is 'tricky' with FT_IS_TRICKY.
- // If it isn't known if a font is 'tricky', retain the hints.
-- hb_subset_input_set_drop_hints(input.get(), false);
-- HBFace subset(hb_subset(face.get(), input.get()));
-+ hb_subset_input_set_flags(input.get(), HB_SUBSET_FLAGS_RETAIN_GIDS | HB_SUBSET_FLAGS_NO_HINTING);
-+ HBFace subset(hb_subset_or_fail(face.get(), input.get()));
- HBBlob result(hb_face_reference_blob(subset.get()));
- return to_data(std::move(result));
- }
-