diff options
Diffstat (limited to 'meta/recipes-graphics/harfbuzz/harfbuzz/CVE-2023-25193-pre1.patch')
-rw-r--r-- | meta/recipes-graphics/harfbuzz/harfbuzz/CVE-2023-25193-pre1.patch | 135 |
1 files changed, 135 insertions, 0 deletions
diff --git a/meta/recipes-graphics/harfbuzz/harfbuzz/CVE-2023-25193-pre1.patch b/meta/recipes-graphics/harfbuzz/harfbuzz/CVE-2023-25193-pre1.patch new file mode 100644 index 0000000000..4994e0ef68 --- /dev/null +++ b/meta/recipes-graphics/harfbuzz/harfbuzz/CVE-2023-25193-pre1.patch | |||
@@ -0,0 +1,135 @@ | |||
1 | From b29fbd16fa82b82bdf0dcb2f13a63f7dc23cf324 Mon Sep 17 00:00:00 2001 | ||
2 | From: Behdad Esfahbod <behdad@behdad.org> | ||
3 | Date: Mon, 6 Feb 2023 13:08:52 -0700 | ||
4 | Subject: [PATCH] [gsubgpos] Refactor skippy_iter.match() | ||
5 | |||
6 | Upstream-Status: Backport from [https://github.com/harfbuzz/harfbuzz/commit/b29fbd16fa82b82bdf0dcb2f13a63f7dc23cf324] | ||
7 | Comment1: To backport the fix for CVE-2023-25193, add defination for MATCH, NOT_MATCH and SKIP. | ||
8 | Signed-off-by: Siddharth Doshi <sdoshi@mvista.com> | ||
9 | --- | ||
10 | src/hb-ot-layout-gsubgpos.hh | 94 +++++++++++++++++++++--------------- | ||
11 | 1 file changed, 54 insertions(+), 40 deletions(-) | ||
12 | |||
13 | diff --git a/src/hb-ot-layout-gsubgpos.hh b/src/hb-ot-layout-gsubgpos.hh | ||
14 | index a6ca456..5a7e564 100644 | ||
15 | --- a/src/hb-ot-layout-gsubgpos.hh | ||
16 | +++ b/src/hb-ot-layout-gsubgpos.hh | ||
17 | @@ -369,33 +369,52 @@ struct hb_ot_apply_context_t : | ||
18 | may_skip (const hb_glyph_info_t &info) const | ||
19 | { return matcher.may_skip (c, info); } | ||
20 | |||
21 | + enum match_t { | ||
22 | + MATCH, | ||
23 | + NOT_MATCH, | ||
24 | + SKIP | ||
25 | + }; | ||
26 | + | ||
27 | + match_t match (hb_glyph_info_t &info) | ||
28 | + { | ||
29 | + matcher_t::may_skip_t skip = matcher.may_skip (c, info); | ||
30 | + if (unlikely (skip == matcher_t::SKIP_YES)) | ||
31 | + return SKIP; | ||
32 | + | ||
33 | + matcher_t::may_match_t match = matcher.may_match (info, match_glyph_data); | ||
34 | + if (match == matcher_t::MATCH_YES || | ||
35 | + (match == matcher_t::MATCH_MAYBE && | ||
36 | + skip == matcher_t::SKIP_NO)) | ||
37 | + return MATCH; | ||
38 | + | ||
39 | + if (skip == matcher_t::SKIP_NO) | ||
40 | + return NOT_MATCH; | ||
41 | + | ||
42 | + return SKIP; | ||
43 | + } | ||
44 | + | ||
45 | bool next (unsigned *unsafe_to = nullptr) | ||
46 | { | ||
47 | assert (num_items > 0); | ||
48 | while (idx + num_items < end) | ||
49 | { | ||
50 | idx++; | ||
51 | - const hb_glyph_info_t &info = c->buffer->info[idx]; | ||
52 | - | ||
53 | - matcher_t::may_skip_t skip = matcher.may_skip (c, info); | ||
54 | - if (unlikely (skip == matcher_t::SKIP_YES)) | ||
55 | - continue; | ||
56 | - | ||
57 | - matcher_t::may_match_t match = matcher.may_match (info, match_glyph_data); | ||
58 | - if (match == matcher_t::MATCH_YES || | ||
59 | - (match == matcher_t::MATCH_MAYBE && | ||
60 | - skip == matcher_t::SKIP_NO)) | ||
61 | - { | ||
62 | - num_items--; | ||
63 | - if (match_glyph_data) match_glyph_data++; | ||
64 | - return true; | ||
65 | - } | ||
66 | - | ||
67 | - if (skip == matcher_t::SKIP_NO) | ||
68 | + switch (match (c->buffer->info[idx])) | ||
69 | { | ||
70 | - if (unsafe_to) | ||
71 | - *unsafe_to = idx + 1; | ||
72 | - return false; | ||
73 | + case MATCH: | ||
74 | + { | ||
75 | + num_items--; | ||
76 | + if (match_glyph_data) match_glyph_data++; | ||
77 | + return true; | ||
78 | + } | ||
79 | + case NOT_MATCH: | ||
80 | + { | ||
81 | + if (unsafe_to) | ||
82 | + *unsafe_to = idx + 1; | ||
83 | + return false; | ||
84 | + } | ||
85 | + case SKIP: | ||
86 | + continue; | ||
87 | } | ||
88 | } | ||
89 | if (unsafe_to) | ||
90 | @@ -408,27 +427,22 @@ struct hb_ot_apply_context_t : | ||
91 | while (idx > num_items - 1) | ||
92 | { | ||
93 | idx--; | ||
94 | - const hb_glyph_info_t &info = c->buffer->out_info[idx]; | ||
95 | - | ||
96 | - matcher_t::may_skip_t skip = matcher.may_skip (c, info); | ||
97 | - if (unlikely (skip == matcher_t::SKIP_YES)) | ||
98 | - continue; | ||
99 | - | ||
100 | - matcher_t::may_match_t match = matcher.may_match (info, match_glyph_data); | ||
101 | - if (match == matcher_t::MATCH_YES || | ||
102 | - (match == matcher_t::MATCH_MAYBE && | ||
103 | - skip == matcher_t::SKIP_NO)) | ||
104 | + switch (match (c->buffer->out_info[idx])) | ||
105 | { | ||
106 | - num_items--; | ||
107 | - if (match_glyph_data) match_glyph_data++; | ||
108 | - return true; | ||
109 | - } | ||
110 | - | ||
111 | - if (skip == matcher_t::SKIP_NO) | ||
112 | - { | ||
113 | - if (unsafe_from) | ||
114 | - *unsafe_from = hb_max (1u, idx) - 1u; | ||
115 | - return false; | ||
116 | + case MATCH: | ||
117 | + { | ||
118 | + num_items--; | ||
119 | + if (match_glyph_data) match_glyph_data++; | ||
120 | + return true; | ||
121 | + } | ||
122 | + case NOT_MATCH: | ||
123 | + { | ||
124 | + if (unsafe_from) | ||
125 | + *unsafe_from = hb_max (1u, idx) - 1u; | ||
126 | + return false; | ||
127 | + } | ||
128 | + case SKIP: | ||
129 | + continue; | ||
130 | } | ||
131 | } | ||
132 | if (unsafe_from) | ||
133 | -- | ||
134 | 2.25.1 | ||
135 | |||