[30882] trunk/dports/x11/qt3

Fri Nov 9 23:04:57 PST 2007

Revision: 30882
          http://trac.macosforge.org/projects/macports/changeset/30882
Author:   takanori at macports.org
Date:     2007-11-09 23:04:57 -0800 (Fri, 09 Nov 2007)

Log Message:
-----------
Fixed an off-by-one error in the QUtf8Decoder::toUnicode(). (CVE-2007-4137)

Modified Paths:
--------------
    trunk/dports/x11/qt3/Portfile

Added Paths:
-----------
    trunk/dports/x11/qt3/files/175791_3.diff

Modified: trunk/dports/x11/qt3/Portfile
===================================================================

--- trunk/dports/x11/qt3/Portfile	2007-11-10 06:50:48 UTC (rev 30881)
+++ trunk/dports/x11/qt3/Portfile	2007-11-10 07:04:57 UTC (rev 30882)
@@ -5,7 +5,7 @@
 PortSystem 1.0
 name		qt3
 version		3.3.8
-revision	2
+revision	3
 categories	x11
 maintainers	nomaintainer
 description	Qt Tool Kit
@@ -33,6 +33,7 @@
 		qt-upstream-patches-0004.tar.bz2 md5 1f27d5222813a0a29fe53fd8669e2239
 
 patchfiles      qt3-tiger.patch dp01.patch
+set patchfiles2	175791_3.diff
 patch	{
 		foreach p ${patchfiles} { system "cd ${worksrcpath} && sed -e 's|@PREFIX@|${prefix}|g' < ${portpath}/${filesdir}/${p} | patch -p1" }
 		#system "perl -pi -e 's|cp \-P|/bin/cp \-RL|' ${worksrcpath}/qmake/Makefile.unix"
@@ -73,6 +74,9 @@
 			    patches/0077-utf8-decoder-fixes.diff } {
 			    	system "cd ${worksrcpath} && patch -p0 --fuzz=4 < ${workpath}/${p}"
 		}
+		foreach p ${patchfiles2} {
+			system "cd ${worksrcpath} && patch -p0 < ${portpath}/${filesdir}/${p}"
+		}
 }
 
 post-patch	{

Added: trunk/dports/x11/qt3/files/175791_3.diff
===================================================================
--- trunk/dports/x11/qt3/files/175791_3.diff	                        (rev 0)
+++ trunk/dports/x11/qt3/files/175791_3.diff	2007-11-10 07:04:57 UTC (rev 30882)
@@ -0,0 +1,11 @@
+--- src/codecs/qutfcodec.cpp
++++ src/codecs/qutfcodec.cpp
+@@ -165,7 +165,7 @@ public:
+     QString toUnicode(const char* chars, int len)
+     {
+ 	QString result;
+-	result.setLength( len ); // worst case
++	result.setLength( len + 1 ); // worst case
+ 	QChar *qch = (QChar *)result.unicode();
+ 	uchar ch;
+         int error = -1;

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.macosforge.org/pipermail/macports-changes/attachments/20071109/1b6d2553/attachment.html
