diff options
author | Andreas Rammhold <andreas@rammhold.de> | 2019-03-14 13:56:22 +0100 |
---|---|---|
committer | GitHub <noreply@github.com> | 2019-03-14 13:56:22 +0100 |
commit | a050cb9dc95720113605e82369e85504907b36fa (patch) | |
tree | 94535e244215fed09158da368c2db5f924a856bf /pkgs | |
parent | 871cd756c8a398b1949c527588ae6f0f1a682ccb (diff) | |
parent | b22d92fb6d2191fafe6ac807da3589a1b8db69e3 (diff) | |
download | nixpkgs-a050cb9dc95720113605e82369e85504907b36fa.tar nixpkgs-a050cb9dc95720113605e82369e85504907b36fa.tar.gz nixpkgs-a050cb9dc95720113605e82369e85504907b36fa.tar.bz2 nixpkgs-a050cb9dc95720113605e82369e85504907b36fa.tar.lz nixpkgs-a050cb9dc95720113605e82369e85504907b36fa.tar.xz nixpkgs-a050cb9dc95720113605e82369e85504907b36fa.tar.zst nixpkgs-a050cb9dc95720113605e82369e85504907b36fa.zip |
Merge pull request #57526 from xantoz/qtwebengine-fix-CVE-2019-5785
qt512: patch qtwebengine against CVE-2019-5786
Diffstat (limited to 'pkgs')
-rw-r--r-- | pkgs/development/libraries/qt-5/5.12/default.nix | 5 | ||||
-rw-r--r-- | pkgs/development/libraries/qt-5/5.12/qtwebengine-CVE-2019-5786.patch | 26 |
2 files changed, 30 insertions, 1 deletions
diff --git a/pkgs/development/libraries/qt-5/5.12/default.nix b/pkgs/development/libraries/qt-5/5.12/default.nix index c7773baad0c..bc6432b5ca5 100644 --- a/pkgs/development/libraries/qt-5/5.12/default.nix +++ b/pkgs/development/libraries/qt-5/5.12/default.nix @@ -60,7 +60,10 @@ let qtdeclarative = [ ./qtdeclarative.patch ]; qtscript = [ ./qtscript.patch ]; qtserialport = [ ./qtserialport.patch ]; - qtwebengine = [ ./qtwebengine-no-build-skip.patch ]; + qtwebengine = [ + ./qtwebengine-no-build-skip.patch + ./qtwebengine-CVE-2019-5786.patch + ]; qtwebkit = [ ./qtwebkit.patch ] ++ optionals stdenv.isDarwin [ ./qtwebkit-darwin-no-readline.patch diff --git a/pkgs/development/libraries/qt-5/5.12/qtwebengine-CVE-2019-5786.patch b/pkgs/development/libraries/qt-5/5.12/qtwebengine-CVE-2019-5786.patch new file mode 100644 index 00000000000..ec9a432ea70 --- /dev/null +++ b/pkgs/development/libraries/qt-5/5.12/qtwebengine-CVE-2019-5786.patch @@ -0,0 +1,26 @@ +--- a/src/3rdparty/chromium/third_party/blink/renderer/core/fileapi/file_reader_loader.cc ++++ b/src/3rdparty/chromium/third_party/blink/renderer/core/fileapi/file_reader_loader.cc +@@ -135,14 +135,16 @@ + if (!raw_data_ || error_code_) + return nullptr; + +- DOMArrayBuffer* result = DOMArrayBuffer::Create(raw_data_->ToArrayBuffer()); +- if (finished_loading_) { +- array_buffer_result_ = result; +- AdjustReportedMemoryUsageToV8( +- -1 * static_cast<int64_t>(raw_data_->ByteLength())); +- raw_data_.reset(); ++ if (!finished_loading_) { ++ return DOMArrayBuffer::Create( ++ ArrayBuffer::Create(raw_data_->Data(), raw_data_->ByteLength())); + } +- return result; ++ array_buffer_result_ = DOMArrayBuffer::Create(raw_data_->ToArrayBuffer()); ++ AdjustReportedMemoryUsageToV8(-1 * ++ static_cast<int64_t>(raw_data_->ByteLength())); ++ ++ raw_data_.reset(); ++ return array_buffer_result_; + } + + String FileReaderLoader::StringResult() { |