From 9a4ca6b08d6031ebb67adcdd650aa59acd4fb5fb Mon Sep 17 00:00:00 2001 From: Ross Burton Date: Wed, 10 Jan 2024 21:01:53 +0000 Subject: cairo: upgrade to 1.18.0 The changelog is large[1] but: Added: - Type 3 colour and COLRv2 fonts - Tee surfice automatically enabled - Meson build system Removed: - The cairo-sphinx tool - The XML, GL, GLES, Qt5, BeOS, OS/2, DirectFB, DRM, Cogl, and OpenVL backends - Autotools build system These CVE patches have been merged upstream: CVE-2018-19876.patch: https://gitlab.freedesktop.org/cairo/cairo/-/commit/90e85c2493fdfa3551f202ff10282463f1e36645 CVE-2019-6461.patch: https://gitlab.freedesktop.org/cairo/cairo/-/commit/09643ee1abdd5daacebfcb564448f29be9a79bac CVE-2019-6462.patch: https://gitlab.freedesktop.org/cairo/cairo/-/commit/bbeaf08190d3006a80b80a77724801cd477a37b8 CVE-2020-35492.patch: https://gitlab.freedesktop.org/cairo/cairo/-/commit/c986a7310bb06582b7d8a566d5f007ba4e5e75bf Some niche options have been removed in the migration to Meson, so the recipe can be cleaned up. Put libcairo-fdr ("flight data recorder") in the perf-utils package instead of deleting it. There is an executable test for IPC behaviour that needs to be set via a cross file if qemu-user isn't available, thanks to Alex Kanavin for this portion. [1] https://www.cairographics.org/news/cairo-1.18.0/ Signed-off-by: Ross Burton Signed-off-by: Richard Purdie --- .../cairo/cairo/CVE-2018-19876.patch | 34 ------- .../cairo/cairo/CVE-2019-6461.patch | 20 ---- .../cairo/cairo/CVE-2019-6462.patch | 40 -------- .../cairo/cairo/CVE-2020-35492.patch | 60 ------------ ...et_bitmap_surface-bsc1036789-CVE-2017-7475.diff | 2 +- meta/recipes-graphics/cairo/cairo_1.16.0.bb | 106 --------------------- meta/recipes-graphics/cairo/cairo_1.18.0.bb | 85 +++++++++++++++++ 7 files changed, 86 insertions(+), 261 deletions(-) delete mode 100644 meta/recipes-graphics/cairo/cairo/CVE-2018-19876.patch delete mode 100644 meta/recipes-graphics/cairo/cairo/CVE-2019-6461.patch delete mode 100644 meta/recipes-graphics/cairo/cairo/CVE-2019-6462.patch delete mode 100644 meta/recipes-graphics/cairo/cairo/CVE-2020-35492.patch delete mode 100644 meta/recipes-graphics/cairo/cairo_1.16.0.bb create mode 100644 meta/recipes-graphics/cairo/cairo_1.18.0.bb (limited to 'meta/recipes-graphics') diff --git a/meta/recipes-graphics/cairo/cairo/CVE-2018-19876.patch b/meta/recipes-graphics/cairo/cairo/CVE-2018-19876.patch deleted file mode 100644 index 4252a5663b..0000000000 --- a/meta/recipes-graphics/cairo/cairo/CVE-2018-19876.patch +++ /dev/null @@ -1,34 +0,0 @@ -CVE: CVE-2018-19876 -Upstream-Status: Backport -Signed-off-by: Ross Burton - -From 90e85c2493fdfa3551f202ff10282463f1e36645 Mon Sep 17 00:00:00 2001 -From: Carlos Garcia Campos -Date: Mon, 19 Nov 2018 12:33:07 +0100 -Subject: [PATCH] ft: Use FT_Done_MM_Var instead of free when available in - cairo_ft_apply_variations - -Fixes a crash when using freetype >= 2.9 ---- - src/cairo-ft-font.c | 4 ++++ - 1 file changed, 4 insertions(+) - -diff --git a/src/cairo-ft-font.c b/src/cairo-ft-font.c -index 325dd61b4..981973f78 100644 ---- a/src/cairo-ft-font.c -+++ b/src/cairo-ft-font.c -@@ -2393,7 +2393,11 @@ skip: - done: - free (coords); - free (current_coords); -+#if HAVE_FT_DONE_MM_VAR -+ FT_Done_MM_Var (face->glyph->library, ft_mm_var); -+#else - free (ft_mm_var); -+#endif - } - } - --- -2.11.0 - diff --git a/meta/recipes-graphics/cairo/cairo/CVE-2019-6461.patch b/meta/recipes-graphics/cairo/cairo/CVE-2019-6461.patch deleted file mode 100644 index a2dba6cb20..0000000000 --- a/meta/recipes-graphics/cairo/cairo/CVE-2019-6461.patch +++ /dev/null @@ -1,20 +0,0 @@ -There is an assertion in function _cairo_arc_in_direction(). - -CVE: CVE-2019-6461 -Upstream-Status: Pending -Signed-off-by: Ross Burton - -diff --git a/src/cairo-arc.c b/src/cairo-arc.c -index 390397bae..1bde774a4 100644 ---- a/src/cairo-arc.c -+++ b/src/cairo-arc.c -@@ -186,7 +186,8 @@ _cairo_arc_in_direction (cairo_t *cr, - if (cairo_status (cr)) - return; - -- assert (angle_max >= angle_min); -+ if (angle_max < angle_min) -+ return; - - if (angle_max - angle_min > 2 * M_PI * MAX_FULL_CIRCLES) { - angle_max = fmod (angle_max - angle_min, 2 * M_PI); diff --git a/meta/recipes-graphics/cairo/cairo/CVE-2019-6462.patch b/meta/recipes-graphics/cairo/cairo/CVE-2019-6462.patch deleted file mode 100644 index 7c3209291b..0000000000 --- a/meta/recipes-graphics/cairo/cairo/CVE-2019-6462.patch +++ /dev/null @@ -1,40 +0,0 @@ -CVE: CVE-2019-6462 -Upstream-Status: Backport -Signed-off-by: Quentin Schulz - -From ab2c5ee21e5f3d3ee4b3f67cfcd5811a4f99c3a0 Mon Sep 17 00:00:00 2001 -From: Heiko Lewin -Date: Sun, 1 Aug 2021 11:16:03 +0000 -Subject: [PATCH] _arc_max_angle_for_tolerance_normalized: fix infinite loop - ---- - src/cairo-arc.c | 4 +++- - 1 file changed, 3 insertions(+), 1 deletion(-) - -diff --git a/src/cairo-arc.c b/src/cairo-arc.c -index 390397bae..1c891d1a0 100644 ---- a/src/cairo-arc.c -+++ b/src/cairo-arc.c -@@ -90,16 +90,18 @@ _arc_max_angle_for_tolerance_normalized (double tolerance) - { M_PI / 11.0, 9.81410988043554039085e-09 }, - }; - int table_size = ARRAY_LENGTH (table); -+ const int max_segments = 1000; /* this value is chosen arbitrarily. this gives an error of about 1.74909e-20 */ - - for (i = 0; i < table_size; i++) - if (table[i].error < tolerance) - return table[i].angle; - - ++i; -+ - do { - angle = M_PI / i++; - error = _arc_error_normalized (angle); -- } while (error > tolerance); -+ } while (error > tolerance && i < max_segments); - - return angle; - } --- -2.38.1 - diff --git a/meta/recipes-graphics/cairo/cairo/CVE-2020-35492.patch b/meta/recipes-graphics/cairo/cairo/CVE-2020-35492.patch deleted file mode 100644 index fb6ce5cfdf..0000000000 --- a/meta/recipes-graphics/cairo/cairo/CVE-2020-35492.patch +++ /dev/null @@ -1,60 +0,0 @@ -Fix stack buffer overflow. - -CVE: CVE-2020-35492 -Upstream-Status: Backport -Signed-off-by: Ross Burton - -From 03a820b173ed1fdef6ff14b4468f5dbc02ff59be Mon Sep 17 00:00:00 2001 -From: Heiko Lewin -Date: Tue, 15 Dec 2020 16:48:19 +0100 -Subject: [PATCH] Fix mask usage in image-compositor - ---- - src/cairo-image-compositor.c | 8 ++-- - test/Makefile.sources | 1 + - test/bug-image-compositor.c | 39 ++++++++++++++++++++ - test/reference/bug-image-compositor.ref.png | Bin 0 -> 185 bytes - 4 files changed, 44 insertions(+), 4 deletions(-) - create mode 100644 test/bug-image-compositor.c - create mode 100644 test/reference/bug-image-compositor.ref.png - -diff --git a/src/cairo-image-compositor.c b/src/cairo-image-compositor.c -index 79ad69f68..4f8aaed99 100644 ---- a/src/cairo-image-compositor.c -+++ b/src/cairo-image-compositor.c -@@ -2601,14 +2601,14 @@ _inplace_src_spans (void *abstract_renderer, int y, int h, - unsigned num_spans) - { - cairo_image_span_renderer_t *r = abstract_renderer; -- uint8_t *m; -+ uint8_t *m, *base = (uint8_t*)pixman_image_get_data(r->mask); - int x0; - - if (num_spans == 0) - return CAIRO_STATUS_SUCCESS; - - x0 = spans[0].x; -- m = r->_buf; -+ m = base; - do { - int len = spans[1].x - spans[0].x; - if (len >= r->u.composite.run_length && spans[0].coverage == 0xff) { -@@ -2655,7 +2655,7 @@ _inplace_src_spans (void *abstract_renderer, int y, int h, - spans[0].x, y, - spans[1].x - spans[0].x, h); - -- m = r->_buf; -+ m = base; - x0 = spans[1].x; - } else if (spans[0].coverage == 0x0) { - if (spans[0].x != x0) { -@@ -2684,7 +2684,7 @@ _inplace_src_spans (void *abstract_renderer, int y, int h, - #endif - } - -- m = r->_buf; -+ m = base; - x0 = spans[1].x; - } else { - *m++ = spans[0].coverage; --- diff --git a/meta/recipes-graphics/cairo/cairo/cairo-get_bitmap_surface-bsc1036789-CVE-2017-7475.diff b/meta/recipes-graphics/cairo/cairo/cairo-get_bitmap_surface-bsc1036789-CVE-2017-7475.diff index 7aaad2eedd..6c761bf2a7 100644 --- a/meta/recipes-graphics/cairo/cairo/cairo-get_bitmap_surface-bsc1036789-CVE-2017-7475.diff +++ b/meta/recipes-graphics/cairo/cairo/cairo-get_bitmap_surface-bsc1036789-CVE-2017-7475.diff @@ -3,7 +3,7 @@ Cairo: Fix Denial-of-Service Attack due to Logical Problem in Program https://bugs.freedesktop.org/show_bug.cgi?id=100763 CVE: CVE-2017-7475 -Upstream-Status: Submitted +Upstream-Status: Submitted [https://gitlab.freedesktop.org/cairo/cairo/-/issues/80] Signed-off-by: Fan Xin diff --git a/meta/recipes-graphics/cairo/cairo_1.16.0.bb b/meta/recipes-graphics/cairo/cairo_1.16.0.bb deleted file mode 100644 index ffb813d290..0000000000 --- a/meta/recipes-graphics/cairo/cairo_1.16.0.bb +++ /dev/null @@ -1,106 +0,0 @@ -SUMMARY = "The Cairo 2D vector graphics library" -DESCRIPTION = "Cairo is a multi-platform library providing anti-aliased \ -vector-based rendering for multiple target backends. Paths consist \ -of line segments and cubic splines and can be rendered at any width \ -with various join and cap styles. All colors may be specified with \ -optional translucence (opacity/alpha) and combined using the \ -extended Porter/Duff compositing algebra as found in the X Render \ -Extension." -HOMEPAGE = "http://cairographics.org" -BUGTRACKER = "http://bugs.freedesktop.org" -SECTION = "libs" - -LICENSE = "(MPL-1.1 | LGPL-2.1-only) & GPL-3.0-or-later" -LICENSE:${PN} = "MPL-1.1 | LGPL-2.1-only" -LICENSE:${PN}-dev = "MPL-1.1 | LGPL-2.1-only" -LICENSE:${PN}-doc = "MPL-1.1 | LGPL-2.1-only" -LICENSE:${PN}-gobject = "MPL-1.1 | LGPL-2.1-only" -LICENSE:${PN}-script-interpreter = "MPL-1.1 | LGPL-2.1-only" -LICENSE:${PN}-perf-utils = "GPL-3.0-or-later" -# Adapt the licenses for cairo-dbg and cairo-src depending on whether -# cairo-trace is being built. -LICENSE:${PN}-dbg = "(MPL-1.1 | LGPL-2.1-only)${@bb.utils.contains('PACKAGECONFIG', 'trace', ' & GPL-3.0-or-later', '', d)}" -LICENSE:${PN}-src = "(MPL-1.1 | LGPL-2.1-only)${@bb.utils.contains('PACKAGECONFIG', 'trace', ' & GPL-3.0-or-later', '', d)}" - -LIC_FILES_CHKSUM = "file://COPYING;md5=e73e999e0c72b5ac9012424fa157ad77 \ - ${@bb.utils.contains('PACKAGECONFIG', 'trace', 'file://util/cairo-trace/COPYING-GPL-3;md5=d32239bcb673463ab874e80d47fae504', '', d)}" - - -DEPENDS = "fontconfig glib-2.0 libpng pixman zlib" - -SRC_URI = "http://cairographics.org/releases/cairo-${PV}.tar.xz \ - file://cairo-get_bitmap_surface-bsc1036789-CVE-2017-7475.diff \ - file://CVE-2018-19876.patch \ - file://CVE-2019-6461.patch \ - file://CVE-2019-6462.patch \ - file://CVE-2020-35492.patch \ - " - -SRC_URI[md5sum] = "f19e0353828269c22bd72e271243a552" -SRC_URI[sha256sum] = "5e7b29b3f113ef870d1e3ecf8adf21f923396401604bda16d44be45e66052331" - -inherit autotools pkgconfig upstream-version-is-even gtk-doc multilib_script - -MULTILIB_SCRIPTS = "${PN}-perf-utils:${bindir}/cairo-trace" - -X11DEPENDS = "virtual/libx11 libsm libxrender libxext" - -PACKAGECONFIG ??= "${@bb.utils.filter('DISTRO_FEATURES', 'directfb', d)} \ - ${@bb.utils.contains('DISTRO_FEATURES', 'x11', 'x11 xcb', '', d)} \ - ${@bb.utils.contains('DISTRO_FEATURES', 'x11 opengl', 'opengl', '', d)} \ - trace" -PACKAGECONFIG:class-native = "${@bb.utils.contains('DISTRO_FEATURES', 'x11', 'x11 xcb', '', d)}" -PACKAGECONFIG:class-nativesdk = "${@bb.utils.contains('DISTRO_FEATURES', 'x11', 'x11 xcb', '', d)}" - -PACKAGECONFIG[x11] = "--with-x=yes -enable-xlib,--with-x=no --disable-xlib,${X11DEPENDS}" -PACKAGECONFIG[xcb] = "--enable-xcb,--disable-xcb,libxcb" -PACKAGECONFIG[directfb] = "--enable-directfb=yes,,directfb" -PACKAGECONFIG[valgrind] = "--enable-valgrind=yes,--disable-valgrind,valgrind" -PACKAGECONFIG[egl] = "--enable-egl=yes,--disable-egl,virtual/egl" -PACKAGECONFIG[glesv2] = "--enable-glesv2,--disable-glesv2,virtual/libgles2" -PACKAGECONFIG[opengl] = "--enable-gl,--disable-gl,virtual/libgl" -# trace is under GPLv3 -PACKAGECONFIG[trace] = "--enable-trace,--disable-trace" - -EXTRA_OECONF += " \ - ${@bb.utils.contains('TARGET_FPU', 'soft', '--disable-some-floating-point', '', d)} \ - --enable-tee \ -" - -# We don't depend on binutils so we need to disable this -export ac_cv_lib_bfd_bfd_openr="no" -# Ensure we don't depend on LZO -export ac_cv_lib_lzo2_lzo2a_decompress="no" - -do_install:append () { - rm -rf ${D}${bindir}/cairo-sphinx - rm -rf ${D}${libdir}/cairo/cairo-fdr* - rm -rf ${D}${libdir}/cairo/cairo-sphinx* - rm -rf ${D}${libdir}/cairo/.debug/cairo-fdr* - rm -rf ${D}${libdir}/cairo/.debug/cairo-sphinx* - [ ! -d ${D}${bindir} ] || - rmdir -p --ignore-fail-on-non-empty ${D}${bindir} - [ ! -d ${D}${libdir}/cairo ] || - rmdir -p --ignore-fail-on-non-empty ${D}${libdir}/cairo -} - -PACKAGES =+ "cairo-gobject cairo-script-interpreter cairo-perf-utils" - -SUMMARY:cairo-gobject = "The Cairo library GObject wrapper library" -DESCRIPTION:cairo-gobject = "A GObject wrapper library for the Cairo API." - -SUMMARY:cairo-script-interpreter = "The Cairo library script interpreter" -DESCRIPTION:cairo-script-interpreter = "The Cairo script interpreter implements \ -CairoScript. CairoScript is used by tracing utilities to enable the ability \ -to replay rendering." - -DESCRIPTION:cairo-perf-utils = "The Cairo library performance utilities" - -FILES:${PN} = "${libdir}/libcairo.so.*" -FILES:${PN}-gobject = "${libdir}/libcairo-gobject.so.*" -FILES:${PN}-script-interpreter = "${libdir}/libcairo-script-interpreter.so.*" -FILES:${PN}-perf-utils = "${bindir}/cairo-trace* ${libdir}/cairo/*.la ${libdir}/cairo/libcairo-trace.so" - -BBCLASSEXTEND = "native nativesdk" - -UPSTREAM_CHECK_REGEX = "cairo-(?P\d+(\.\d+)+).tar.xz" diff --git a/meta/recipes-graphics/cairo/cairo_1.18.0.bb b/meta/recipes-graphics/cairo/cairo_1.18.0.bb new file mode 100644 index 0000000000..fe72537b77 --- /dev/null +++ b/meta/recipes-graphics/cairo/cairo_1.18.0.bb @@ -0,0 +1,85 @@ +SUMMARY = "The Cairo 2D vector graphics library" +DESCRIPTION = "Cairo is a multi-platform library providing anti-aliased \ +vector-based rendering for multiple target backends. Paths consist \ +of line segments and cubic splines and can be rendered at any width \ +with various join and cap styles. All colors may be specified with \ +optional translucence (opacity/alpha) and combined using the \ +extended Porter/Duff compositing algebra as found in the X Render \ +Extension." +HOMEPAGE = "http://cairographics.org" +BUGTRACKER = "https://gitlab.freedesktop.org/cairo/cairo/-/issues" +SECTION = "libs" + +LICENSE = "(MPL-1.1 | LGPL-2.1-only) & GPL-3.0-or-later" +LICENSE:${PN} = "MPL-1.1 | LGPL-2.1-only" +LICENSE:${PN}-dev = "MPL-1.1 | LGPL-2.1-only" +LICENSE:${PN}-doc = "MPL-1.1 | LGPL-2.1-only" +LICENSE:${PN}-gobject = "MPL-1.1 | LGPL-2.1-only" +LICENSE:${PN}-script-interpreter = "MPL-1.1 | LGPL-2.1-only" +LICENSE:${PN}-perf-utils = "GPL-3.0-or-later" +# Adapt the licenses for cairo-dbg and cairo-src depending on whether +# cairo-trace is being built. +LICENSE:${PN}-dbg = "(MPL-1.1 | LGPL-2.1-only)${@bb.utils.contains('PACKAGECONFIG', 'trace', ' & GPL-3.0-or-later', '', d)}" +LICENSE:${PN}-src = "(MPL-1.1 | LGPL-2.1-only)${@bb.utils.contains('PACKAGECONFIG', 'trace', ' & GPL-3.0-or-later', '', d)}" + +LIC_FILES_CHKSUM = "file://COPYING;md5=e73e999e0c72b5ac9012424fa157ad77 \ + ${@bb.utils.contains('PACKAGECONFIG', 'trace', 'file://util/cairo-trace/COPYING-GPL-3;md5=d32239bcb673463ab874e80d47fae504', '', d)}" + + +DEPENDS = "fontconfig freetype glib-2.0 libpng pixman zlib" + +SRC_URI = "http://cairographics.org/releases/cairo-${PV}.tar.xz \ + file://cairo-get_bitmap_surface-bsc1036789-CVE-2017-7475.diff \ + " + +SRC_URI[sha256sum] = "243a0736b978a33dee29f9cca7521733b78a65b5418206fef7bd1c3d4cf10b64" + +inherit meson pkgconfig upstream-version-is-even gtk-doc multilib_script + +# if qemu usermode isn't available, this value needs to be set statically +# (otherwise it's determinted by running a small target executable with qemu) +do_write_config:append:class-target() { + cat >${WORKDIR}/cairo.cross <