diff options
Diffstat (limited to 'meta/recipes-graphics/cairo/cairo/CVE-2019-6461.patch')
-rw-r--r-- | meta/recipes-graphics/cairo/cairo/CVE-2019-6461.patch | 21 |
1 files changed, 11 insertions, 10 deletions
diff --git a/meta/recipes-graphics/cairo/cairo/CVE-2019-6461.patch b/meta/recipes-graphics/cairo/cairo/CVE-2019-6461.patch index 5232cf70c6..a2dba6cb20 100644 --- a/meta/recipes-graphics/cairo/cairo/CVE-2019-6461.patch +++ b/meta/recipes-graphics/cairo/cairo/CVE-2019-6461.patch @@ -1,19 +1,20 @@ -There is a potential infinite-loop in function _arc_error_normalized(). +There is an assertion in function _cairo_arc_in_direction(). CVE: CVE-2019-6461 Upstream-Status: Pending Signed-off-by: Ross Burton <ross.burton@intel.com> diff --git a/src/cairo-arc.c b/src/cairo-arc.c -index 390397bae..f9249dbeb 100644 +index 390397bae..1bde774a4 100644 --- a/src/cairo-arc.c +++ b/src/cairo-arc.c -@@ -99,7 +99,7 @@ _arc_max_angle_for_tolerance_normalized (double tolerance) - do { - angle = M_PI / i++; - error = _arc_error_normalized (angle); -- } while (error > tolerance); -+ } while (error > tolerance && error > __DBL_EPSILON__); +@@ -186,7 +186,8 @@ _cairo_arc_in_direction (cairo_t *cr, + if (cairo_status (cr)) + return; - return angle; - } +- assert (angle_max >= angle_min); ++ if (angle_max < angle_min) ++ return; + + if (angle_max - angle_min > 2 * M_PI * MAX_FULL_CIRCLES) { + angle_max = fmod (angle_max - angle_min, 2 * M_PI); |