meta/recipes-graphics/cairo/cairo/CVE-2019-6461.patch


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19

There is a potential infinite-loop in function _arc_error_normalized().

CVE: CVE-2019-6461
Upstream-Status: Pending
Signed-off-by: Ross Burton <ross.burton@intel.com>

diff --git a/src/cairo-arc.c b/src/cairo-arc.c
index 390397bae..f9249dbeb 100644
--- a/src/cairo-arc.c
+++ b/src/cairo-arc.c
@@ -99,7 +99,7 @@ _arc_max_angle_for_tolerance_normalized (double tolerance)
     do {
 	angle = M_PI / i++;
 	error = _arc_error_normalized (angle);
-    } while (error > tolerance);
+    } while (error > tolerance && error > __DBL_EPSILON__);
 
     return angle;
 }