[gentoo-commits] proj/qt:master commit in: dev-qt/qtwebengine/, dev-qt/qtwebengine/files/

["Jimi Huotari" <chiitoo@gentoo.org>]

commit:     32d376215b9ba05ff3d8abe9b76a36b08b1a6f7b
Author:     Jimi Huotari <chiitoo <AT> gentoo <DOT> org>
AuthorDate: Wed Mar  6 20:48:36 2019 +0000
Commit:     Jimi Huotari <chiitoo <AT> gentoo <DOT> org>
CommitDate: Wed Mar  6 20:50:45 2019 +0000
URL:        https://gitweb.gentoo.org/proj/qt.git/commit/?id=32d37621

dev-qt/qtwebengine: fix CVE-2019-5786

Bug: https://bugs.gentoo.org/679530
Package-Manager: Portage-2.3.62, Repoman-2.3.12
Signed-off-by: Jimi Huotari <chiitoo <AT> gentoo.org>

 .../files/qtwebengine-5.12.1-CVE-2019-5786.patch   | 29 ++++++++++++++++++++++
 dev-qt/qtwebengine/qtwebengine-5.12.9999.ebuild    |  1 +
 dev-qt/qtwebengine/qtwebengine-5.13.9999.ebuild    |  2 ++
 dev-qt/qtwebengine/qtwebengine-5.9999.ebuild       |  5 +++-
 4 files changed, 36 insertions(+), 1 deletion(-)

diff --git a/dev-qt/qtwebengine/files/qtwebengine-5.12.1-CVE-2019-5786.patch b/dev-qt/qtwebengine/files/qtwebengine-5.12.1-CVE-2019-5786.patch
new file mode 100644
index 00000000..5dbc6172
--- /dev/null
+++ b/dev-qt/qtwebengine/files/qtwebengine-5.12.1-CVE-2019-5786.patch
@@ -0,0 +1,29 @@
+# Bug: https://bugs.gentoo.org/679530
+# Chromium Gerrit: https://chromium-review.googlesource.com/c/chromium/src/+/1495209
+
+--- a/src/3rdparty/chromium/third_party/blink/renderer/core/fileapi/file_reader_loader.cc
++++ b/src/3rdparty/chromium/third_party/blink/renderer/core/fileapi/file_reader_loader.cc
+@@ -143,14 +143,16 @@
+   if (!raw_data_ || error_code_ != FileErrorCode::kOK)
+     return nullptr;
+ 
+-  DOMArrayBuffer* result = DOMArrayBuffer::Create(raw_data_->ToArrayBuffer());
+-  if (finished_loading_) {
+-    array_buffer_result_ = result;
+-    AdjustReportedMemoryUsageToV8(
+-        -1 * static_cast<int64_t>(raw_data_->ByteLength()));
+-    raw_data_.reset();
++  if (!finished_loading_) {
++    return DOMArrayBuffer::Create(
++        ArrayBuffer::Create(raw_data_->Data(), raw_data_->ByteLength()));
+   }
+-  return result;
++
++  array_buffer_result_ = DOMArrayBuffer::Create(raw_data_->ToArrayBuffer());
++  AdjustReportedMemoryUsageToV8(-1 *
++                                static_cast<int64_t>(raw_data_->ByteLength()));
++  raw_data_.reset();
++  return array_buffer_result_;
+ }
+ 
+ String FileReaderLoader::StringResult() {

diff --git a/dev-qt/qtwebengine/qtwebengine-5.12.9999.ebuild b/dev-qt/qtwebengine/qtwebengine-5.12.9999.ebuild
index 48fcb535..50e3c61c 100644
--- a/dev-qt/qtwebengine/qtwebengine-5.12.9999.ebuild
+++ b/dev-qt/qtwebengine/qtwebengine-5.12.9999.ebuild
@@ -81,6 +81,7 @@ DEPEND="${RDEPEND}
 
 PATCHES+=(
 	"${FILESDIR}/${PN}-5.12.0-nouveau-disable-gpu.patch" # bug 609752
+	"${FILESDIR}/${PN}-5.12.1-CVE-2019-5786.patch" # bug 679530
 )
 
 src_prepare() {

diff --git a/dev-qt/qtwebengine/qtwebengine-5.13.9999.ebuild b/dev-qt/qtwebengine/qtwebengine-5.13.9999.ebuild
index cff56886..2b24b481 100644
--- a/dev-qt/qtwebengine/qtwebengine-5.13.9999.ebuild
+++ b/dev-qt/qtwebengine/qtwebengine-5.13.9999.ebuild
@@ -79,6 +79,8 @@ DEPEND="${RDEPEND}
 	pax_kernel? ( sys-apps/elfix )
 "
 
+PATCHES+=( "${FILESDIR}/${PN}-5.12.1-CVE-2019-5786.patch" ) # bug 679530
+
 src_prepare() {
 	use pax_kernel && PATCHES+=( "${FILESDIR}/${PN}-5.11.2-paxmark-mksnapshot.patch" )
 

diff --git a/dev-qt/qtwebengine/qtwebengine-5.9999.ebuild b/dev-qt/qtwebengine/qtwebengine-5.9999.ebuild
index ff148cf7..fbf405c6 100644
--- a/dev-qt/qtwebengine/qtwebengine-5.9999.ebuild
+++ b/dev-qt/qtwebengine/qtwebengine-5.9999.ebuild
@@ -79,7 +79,10 @@ DEPEND="${RDEPEND}
 	pax_kernel? ( sys-apps/elfix )
 "
 
-PATCHES=( "${FILESDIR}/${PN}-5.13.0-fixup-system-icu.patch" )
+PATCHES=(
+	"${FILESDIR}/${PN}-5.13.0-fixup-system-icu.patch"
+	"${FILESDIR}/${PN}-5.12.1-CVE-2019-5786.patch" # bug 679530
+)
 
 src_prepare() {
 	use pax_kernel && PATCHES+=( "${FILESDIR}/${PN}-5.11.2-paxmark-mksnapshot.patch" )