diff options
Diffstat (limited to 'meta/recipes-graphics/cairo/cairo/CVE-2019-6461.patch')
-rw-r--r-- | meta/recipes-graphics/cairo/cairo/CVE-2019-6461.patch | 21 |
1 files changed, 11 insertions, 10 deletions
diff --git a/meta/recipes-graphics/cairo/cairo/CVE-2019-6461.patch b/meta/recipes-graphics/cairo/cairo/CVE-2019-6461.patch index 5232cf70c6..a2dba6cb20 100644 --- a/meta/recipes-graphics/cairo/cairo/CVE-2019-6461.patch +++ b/meta/recipes-graphics/cairo/cairo/CVE-2019-6461.patch | |||
@@ -1,19 +1,20 @@ | |||
1 | There is a potential infinite-loop in function _arc_error_normalized(). | 1 | There is an assertion in function _cairo_arc_in_direction(). |
2 | 2 | ||
3 | CVE: CVE-2019-6461 | 3 | CVE: CVE-2019-6461 |
4 | Upstream-Status: Pending | 4 | Upstream-Status: Pending |
5 | Signed-off-by: Ross Burton <ross.burton@intel.com> | 5 | Signed-off-by: Ross Burton <ross.burton@intel.com> |
6 | 6 | ||
7 | diff --git a/src/cairo-arc.c b/src/cairo-arc.c | 7 | diff --git a/src/cairo-arc.c b/src/cairo-arc.c |
8 | index 390397bae..f9249dbeb 100644 | 8 | index 390397bae..1bde774a4 100644 |
9 | --- a/src/cairo-arc.c | 9 | --- a/src/cairo-arc.c |
10 | +++ b/src/cairo-arc.c | 10 | +++ b/src/cairo-arc.c |
11 | @@ -99,7 +99,7 @@ _arc_max_angle_for_tolerance_normalized (double tolerance) | 11 | @@ -186,7 +186,8 @@ _cairo_arc_in_direction (cairo_t *cr, |
12 | do { | 12 | if (cairo_status (cr)) |
13 | angle = M_PI / i++; | 13 | return; |
14 | error = _arc_error_normalized (angle); | ||
15 | - } while (error > tolerance); | ||
16 | + } while (error > tolerance && error > __DBL_EPSILON__); | ||
17 | 14 | ||
18 | return angle; | 15 | - assert (angle_max >= angle_min); |
19 | } | 16 | + if (angle_max < angle_min) |
17 | + return; | ||
18 | |||
19 | if (angle_max - angle_min > 2 * M_PI * MAX_FULL_CIRCLES) { | ||
20 | angle_max = fmod (angle_max - angle_min, 2 * M_PI); | ||