Index: Mk/Uses/qmake.mk =================================================================== --- Mk/Uses/qmake.mk (revision 395487) +++ Mk/Uses/qmake.mk (working copy) @@ -71,6 +71,7 @@ QMAKE_CFLAGS="${CFLAGS}" \ QMAKE_CXXFLAGS="${CXXFLAGS}" \ QMAKE_LFLAGS="${LDFLAGS}" \ + QMAKE_LIBS="${LIBS}" \ QMAKE_CFLAGS_DEBUG="" \ QMAKE_CFLAGS_RELEASE="" \ QMAKE_CXXFLAGS_DEBUG="" \ Index: Mk/bsd.qt.mk =================================================================== --- Mk/bsd.qt.mk (revision 395487) +++ Mk/bsd.qt.mk (working copy) @@ -26,7 +26,7 @@ # Qt versions currently supported by the framework. _QT_SUPPORTED?= 4 5 -QT4_VERSION?= 4.8.6 +QT4_VERSION?= 4.8.7 QT5_VERSION?= 5.4.1 QT_PREFIX?= ${LOCALBASE} Index: databases/qt4-odbc-plugin/Makefile =================================================================== --- databases/qt4-odbc-plugin/Makefile (revision 395487) +++ databases/qt4-odbc-plugin/Makefile (working copy) @@ -3,7 +3,6 @@ PORTNAME= qt4-${DB}-plugin DISTVERSION= ${QT4_VERSION} -PORTREVISION= 1 CATEGORIES= databases MAINTAINER= kde@FreeBSD.org Index: databases/qt4-sql/Makefile =================================================================== --- databases/qt4-sql/Makefile (revision 395487) +++ databases/qt4-sql/Makefile (working copy) @@ -3,7 +3,6 @@ PORTNAME= sql DISTVERSION= ${QT4_VERSION} -PORTREVISION= 1 CATEGORIES= databases PKGNAMEPREFIX= qt4- Index: databases/qt4-sqlite-plugin/Makefile =================================================================== --- databases/qt4-sqlite-plugin/Makefile (revision 395487) +++ databases/qt4-sqlite-plugin/Makefile (working copy) @@ -3,7 +3,6 @@ PORTNAME= qt4-${DB}-plugin DISTVERSION= ${QT4_VERSION} -PORTREVISION= 1 CATEGORIES= databases MAINTAINER= kde@FreeBSD.org Index: databases/qt4-sqlite3-plugin/Makefile =================================================================== --- databases/qt4-sqlite3-plugin/Makefile (revision 395487) +++ databases/qt4-sqlite3-plugin/Makefile (working copy) @@ -3,7 +3,6 @@ PORTNAME= qt4-${DB}-plugin DISTVERSION= ${QT4_VERSION} -PORTREVISION= 1 CATEGORIES= databases MAINTAINER= kde@FreeBSD.org Index: devel/dbus-qt4/Makefile =================================================================== --- devel/dbus-qt4/Makefile (revision 395487) +++ devel/dbus-qt4/Makefile (working copy) @@ -3,7 +3,6 @@ PORTNAME= dbus DISTVERSION= ${QT4_VERSION} -PORTREVISION= 1 CATEGORIES= devel PKGNAMEPREFIX= qt4- Index: devel/qmake4/pkg-plist =================================================================== --- devel/qmake4/pkg-plist (revision 395487) +++ devel/qmake4/pkg-plist (working copy) @@ -487,6 +487,8 @@ %%QT_MKSPECDIR%%/win32-msvc2012/qplatformdefs.h %%QT_MKSPECDIR%%/win32-msvc2013/qmake.conf %%QT_MKSPECDIR%%/win32-msvc2013/qplatformdefs.h +%%QT_MKSPECDIR%%/win32-msvc2015/qmake.conf +%%QT_MKSPECDIR%%/win32-msvc2015/qplatformdefs.h %%QT_MKSPECDIR%%/wince50standard-armv4i-msvc2005/default_post.prf %%QT_MKSPECDIR%%/wince50standard-armv4i-msvc2005/qmake.conf %%QT_MKSPECDIR%%/wince50standard-armv4i-msvc2005/qplatformdefs.h Index: devel/qt4/Makefile =================================================================== --- devel/qt4/Makefile (revision 395487) +++ devel/qt4/Makefile (working copy) @@ -3,7 +3,6 @@ PORTNAME= qt4 DISTVERSION= ${QT4_VERSION} -PORTREVISION= 2 CATEGORIES= devel MAINTAINER= kde@FreeBSD.org Index: devel/qt4/distinfo =================================================================== --- devel/qt4/distinfo (revision 395487) +++ devel/qt4/distinfo (working copy) @@ -1,2 +1,2 @@ -SHA256 (KDE/qt-everywhere-opensource-src-4.8.6.tar.gz) = 8b14dd91b52862e09b8e6a963507b74bc2580787d171feda197badfa7034032c -SIZE (KDE/qt-everywhere-opensource-src-4.8.6.tar.gz) = 241623667 +SHA256 (KDE/qt-everywhere-opensource-src-4.8.7.tar.gz) = e2882295097e47fe089f8ac741a95fef47e0a73a3f3cdf21b56990638f626ea0 +SIZE (KDE/qt-everywhere-opensource-src-4.8.7.tar.gz) = 241075567 Index: devel/qt4/files/extrapatch-configure =================================================================== --- devel/qt4/files/extrapatch-configure (revision 395487) +++ devel/qt4/files/extrapatch-configure (working copy) @@ -53,12 +53,3 @@ fi # X11/MINGW/SYMBIAN OpenGL -@@ -7729,7 +7717,7 @@ case "$XPLATFORM" in - *-g++*) - # Check gcc's version - case "$(${QMAKE_CONF_COMPILER} -dumpversion)" in -- 4*|3.4*) -+ 5*|4*|3.4*) - ;; - 3.3*) - canBuildWebKit="no" Index: devel/qt4-assistant/Makefile =================================================================== --- devel/qt4-assistant/Makefile (revision 395487) +++ devel/qt4-assistant/Makefile (working copy) @@ -3,7 +3,6 @@ PORTNAME= assistant DISTVERSION= ${QT4_VERSION} -PORTREVISION= 1 CATEGORIES= devel PKGNAMEPREFIX= qt4- Index: devel/qt4-corelib/Makefile =================================================================== --- devel/qt4-corelib/Makefile (revision 395487) +++ devel/qt4-corelib/Makefile (working copy) @@ -3,7 +3,6 @@ PORTNAME= corelib DISTVERSION= ${QT4_VERSION} -PORTREVISION= 5 CATEGORIES= devel PKGNAMEPREFIX= qt4- Index: devel/qt4-designer/Makefile =================================================================== --- devel/qt4-designer/Makefile (revision 395487) +++ devel/qt4-designer/Makefile (working copy) @@ -3,7 +3,6 @@ PORTNAME= designer DISTVERSION= ${QT4_VERSION} -PORTREVISION= 1 CATEGORIES= devel PKGNAMEPREFIX= qt4- Index: devel/qt4-help/Makefile =================================================================== --- devel/qt4-help/Makefile (revision 395487) +++ devel/qt4-help/Makefile (working copy) @@ -3,7 +3,6 @@ PORTNAME= help DISTVERSION= ${QT4_VERSION} -PORTREVISION= 1 CATEGORIES= devel PKGNAMEPREFIX= qt4- Index: devel/qt4-linguist/Makefile =================================================================== --- devel/qt4-linguist/Makefile (revision 395487) +++ devel/qt4-linguist/Makefile (working copy) @@ -3,7 +3,6 @@ PORTNAME= linguist DISTVERSION= ${QT4_VERSION} -PORTREVISION= 2 CATEGORIES= devel PKGNAMEPREFIX= qt4- Index: devel/qt4-qmlviewer/Makefile =================================================================== --- devel/qt4-qmlviewer/Makefile (revision 395487) +++ devel/qt4-qmlviewer/Makefile (working copy) @@ -3,7 +3,6 @@ PORTNAME= qmlviewer DISTVERSION= ${QT4_VERSION} -PORTREVISION= 1 CATEGORIES= devel PKGNAMEPREFIX= qt4- Index: devel/qt4-qt3support/Makefile =================================================================== --- devel/qt4-qt3support/Makefile (revision 395487) +++ devel/qt4-qt3support/Makefile (working copy) @@ -3,7 +3,6 @@ PORTNAME= qt3support DISTVERSION= ${QT4_VERSION} -PORTREVISION= 1 CATEGORIES= devel x11-toolkits PKGNAMEPREFIX= qt4- Index: devel/qt4-qvfb/Makefile =================================================================== --- devel/qt4-qvfb/Makefile (revision 395487) +++ devel/qt4-qvfb/Makefile (working copy) @@ -3,7 +3,6 @@ PORTNAME= qvfb DISTVERSION= ${QT4_VERSION} -PORTREVISION= 1 CATEGORIES= devel PKGNAMEPREFIX= qt4- Index: devel/qt4-script/Makefile =================================================================== --- devel/qt4-script/Makefile (revision 395487) +++ devel/qt4-script/Makefile (working copy) @@ -3,7 +3,6 @@ PORTNAME= script DISTVERSION= ${QT4_VERSION} -PORTREVISION= 1 CATEGORIES= devel PKGNAMEPREFIX= qt4- Index: devel/qt4-script/files/patch-src__3rdparty__javascriptcore__JavaScriptCore__wtf__Threading.h =================================================================== --- devel/qt4-script/files/patch-src__3rdparty__javascriptcore__JavaScriptCore__wtf__Threading.h (revision 395487) +++ devel/qt4-script/files/patch-src__3rdparty__javascriptcore__JavaScriptCore__wtf__Threading.h (working copy) @@ -1,34 +0,0 @@ ---- src/3rdparty/javascriptcore/JavaScriptCore/wtf/Threading.h.orig 2014-04-10 20:37:12.000000000 +0200 -+++ src/3rdparty/javascriptcore/JavaScriptCore/wtf/Threading.h 2014-04-24 15:06:18.000000000 +0200 -@@ -71,18 +71,10 @@ - - #if OS(WINDOWS) && !OS(WINCE) - #include --#elif OS(DARWIN) --#include - #elif OS(ANDROID) - #include - #elif OS(QNX) - #include --#elif COMPILER(GCC) && !OS(SYMBIAN) --#if (__GNUC__ > 4) || ((__GNUC__ == 4) && (__GNUC_MINOR__ >= 2)) --#include --#else --#include --#endif - #endif - - #if USE(PTHREADS) -@@ -230,12 +222,6 @@ - inline int atomicDecrement(int volatile* addend) { return InterlockedDecrement(reinterpret_cast(addend)); } - #endif - --#elif OS(DARWIN) --#define WTF_USE_LOCKFREE_THREADSAFESHARED 1 -- --inline int atomicIncrement(int volatile* addend) { return OSAtomicIncrement32Barrier(const_cast(addend)); } --inline int atomicDecrement(int volatile* addend) { return OSAtomicDecrement32Barrier(const_cast(addend)); } -- - #elif OS(ANDROID) - - inline int atomicIncrement(int volatile* addend) { return android_atomic_inc(addend); } Index: devel/qt4-scripttools/Makefile =================================================================== --- devel/qt4-scripttools/Makefile (revision 395487) +++ devel/qt4-scripttools/Makefile (working copy) @@ -2,7 +2,6 @@ PORTNAME= scripttools DISTVERSION= ${QT4_VERSION} -PORTREVISION= 1 CATEGORIES= devel PKGNAMEPREFIX= qt4- Index: devel/qt4-testlib/Makefile =================================================================== --- devel/qt4-testlib/Makefile (revision 395487) +++ devel/qt4-testlib/Makefile (working copy) @@ -3,7 +3,6 @@ PORTNAME= testlib DISTVERSION= ${QT4_VERSION} -PORTREVISION= 1 CATEGORIES= devel PKGNAMEPREFIX= qt4- Index: graphics/qt4-imageformats/Makefile =================================================================== --- graphics/qt4-imageformats/Makefile (revision 395487) +++ graphics/qt4-imageformats/Makefile (working copy) @@ -3,7 +3,6 @@ PORTNAME= imageformats DISTVERSION= ${QT4_VERSION} -PORTREVISION= 3 CATEGORIES= graphics PKGNAMEPREFIX= qt4- Index: graphics/qt4-imageformats/files/patch-CVE-2014-0190 =================================================================== --- graphics/qt4-imageformats/files/patch-CVE-2014-0190 (revision 395487) +++ graphics/qt4-imageformats/files/patch-CVE-2014-0190 (working copy) @@ -1,38 +0,0 @@ -commit f1b76c126c476c155af8c404b97c42cd1a709333 -Author: Lars Knoll -Date: Thu Apr 24 15:33:27 2014 +0200 - - Don't crash on broken GIF images - - Broken GIF images could set invalid width and height - values inside the image, leading to Qt creating a null - QImage for it. In that case we need to abort decoding - the image and return an error. - - Initial patch by Rich Moore. - - Backport of Id82a4036f478bd6e49c402d6598f57e7e5bb5e1e from Qt 5 - - Task-number: QTBUG-38367 - Change-Id: I0680740018aaa8356d267b7af3f01fac3697312a - Security-advisory: CVE-2014-0190 - Reviewed-by: Richard J. Moore - -diff --git a/src/gui/image/qgifhandler.cpp b/src/gui/image/qgifhandler.cpp -index 3324f04..5199dd3 100644 ---- src/gui/image/qgifhandler.cpp -+++ src/gui/image/qgifhandler.cpp -@@ -359,6 +359,13 @@ int QGIFFormat::decode(QImage *image, const uchar *buffer, int length, - memset(bits, 0, image->byteCount()); - } - -+ // Check if the previous attempt to create the image failed. If it -+ // did then the image is broken and we should give up. -+ if (image->isNull()) { -+ state = Error; -+ return -1; -+ } -+ - disposePrevious(image); - disposed = false; - Index: graphics/qt4-imageformats/files/patch-CVE-2015-1858 =================================================================== --- graphics/qt4-imageformats/files/patch-CVE-2015-1858 (revision 395487) +++ graphics/qt4-imageformats/files/patch-CVE-2015-1858 (working copy) @@ -1,24 +0,0 @@ -commit a1cf194c54be57d6ab55dfd26b9562a60532208e -Author: Eirik Aavitsland -Date: Wed Mar 11 09:00:41 2015 +0100 - - Fixes crash in gif image decoder - - Fuzzing test revealed that for certain malformed gif files, - qgifhandler would segfault. - - Change-Id: I5bb6f60e1c61849e0d8c735edc3869945e5331c1 - (cherry picked from qtbase/ea2c5417fcd374302f5019e67f72af5facbd29f6) - Reviewed-by: Richard J. Moore - ---- src/gui/image/qgifhandler.cpp -+++ src/gui/image/qgifhandler.cpp -@@ -944,6 +944,8 @@ void QGIFFormat::fillRect(QImage *image, int col, int row, int w, int h, QRgb co - - void QGIFFormat::nextY(unsigned char *bits, int bpl) - { -+ if (out_of_bounds) -+ return; - int my; - switch (interlace) { - case 0: // Non-interlaced Index: graphics/qt4-imageformats/files/patch-CVE-2015-1859 =================================================================== --- graphics/qt4-imageformats/files/patch-CVE-2015-1859 (revision 395487) +++ graphics/qt4-imageformats/files/patch-CVE-2015-1859 (working copy) @@ -1,53 +0,0 @@ -commit 3e55cd6dc467303a3c35312e9fcb255c2c048b32 -Author: Eirik Aavitsland -Date: Wed Mar 11 13:34:01 2015 +0100 - - Fixes crash in bmp and ico image decoding - - Fuzzing test revealed that for certain malformed bmp and ico files, - the handler would segfault. - - Change-Id: I19d45145f31e7f808f7f6a1a1610270ea4159cbe - (cherry picked from qtbase/2adbbae5432aa9d8cc41c6fcf55c2e310d2d4078) - Reviewed-by: Richard J. Moore - ---- src/gui/image/qbmphandler.cpp -+++ src/gui/image/qbmphandler.cpp -@@ -478,12 +478,6 @@ static bool read_dib_body(QDataStream &s, const BMP_INFOHDR &bi, int offset, int - p = data + (h-y-1)*bpl; - break; - case 2: // delta (jump) -- // Protection -- if ((uint)x >= (uint)w) -- x = w-1; -- if ((uint)y >= (uint)h) -- y = h-1; -- - { - quint8 tmp; - d->getChar((char *)&tmp); -@@ -491,6 +485,13 @@ static bool read_dib_body(QDataStream &s, const BMP_INFOHDR &bi, int offset, int - d->getChar((char *)&tmp); - y += tmp; - } -+ -+ // Protection -+ if ((uint)x >= (uint)w) -+ x = w-1; -+ if ((uint)y >= (uint)h) -+ y = h-1; -+ - p = data + (h-y-1)*bpl + x; - break; - default: // absolute mode ---- src/plugins/imageformats/ico/qicohandler.cpp -+++ src/plugins/imageformats/ico/qicohandler.cpp -@@ -571,7 +571,7 @@ QImage ICOReader::iconAt(int index) - QImage::Format format = QImage::Format_ARGB32; - if (icoAttrib.nbits == 24) - format = QImage::Format_RGB32; -- else if (icoAttrib.ncolors == 2) -+ else if (icoAttrib.ncolors == 2 && icoAttrib.depth == 1) - format = QImage::Format_Mono; - else if (icoAttrib.ncolors > 0) - format = QImage::Format_Indexed8; Index: graphics/qt4-opengl/Makefile =================================================================== --- graphics/qt4-opengl/Makefile (revision 395487) +++ graphics/qt4-opengl/Makefile (working copy) @@ -3,7 +3,6 @@ PORTNAME= opengl DISTVERSION= ${QT4_VERSION} -PORTREVISION= 2 CATEGORIES= graphics PKGNAMEPREFIX= qt4- Index: graphics/qt4-opengl/pkg-plist =================================================================== --- graphics/qt4-opengl/pkg-plist (revision 395487) +++ graphics/qt4-opengl/pkg-plist (working copy) @@ -7,6 +7,7 @@ %%QT_INCDIR%%/Qt/qglpixelbuffer.h %%QT_INCDIR%%/Qt/qglscreen_qws.h %%QT_INCDIR%%/Qt/qglshaderprogram.h +%%QT_INCDIR%%/QtOpenGL/QGL %%QT_INCDIR%%/QtOpenGL/QGLBuffer %%QT_INCDIR%%/QtOpenGL/QGLColormap %%QT_INCDIR%%/QtOpenGL/QGLContext Index: graphics/qt4-svg/Makefile =================================================================== --- graphics/qt4-svg/Makefile (revision 395487) +++ graphics/qt4-svg/Makefile (working copy) @@ -3,7 +3,6 @@ PORTNAME= svg DISTVERSION= ${QT4_VERSION} -PORTREVISION= 1 CATEGORIES= graphics PKGNAMEPREFIX= qt4- Index: misc/qt4-l10n/Makefile =================================================================== --- misc/qt4-l10n/Makefile (revision 395487) +++ misc/qt4-l10n/Makefile (working copy) @@ -2,7 +2,6 @@ PORTNAME= l10n DISTVERSION= ${QT4_VERSION} -PORTREVISION= 1 CATEGORIES= misc PKGNAMEPREFIX= qt4- Index: misc/qt4-l10n/pkg-plist =================================================================== --- misc/qt4-l10n/pkg-plist (revision 395487) +++ misc/qt4-l10n/pkg-plist (working copy) @@ -28,6 +28,7 @@ %%QT_L10NDIR%%/linguist_de.qm %%QT_L10NDIR%%/linguist_eu.qm %%QT_L10NDIR%%/linguist_fr.qm +%%QT_L10NDIR%%/linguist_he.qm %%QT_L10NDIR%%/linguist_hu.qm %%QT_L10NDIR%%/linguist_ja.qm %%QT_L10NDIR%%/linguist_ko.qm Index: misc/qt4-qtconfig/Makefile =================================================================== --- misc/qt4-qtconfig/Makefile (revision 395487) +++ misc/qt4-qtconfig/Makefile (working copy) @@ -3,7 +3,6 @@ PORTNAME= qtconfig DISTVERSION= ${QT4_VERSION} -PORTREVISION= 1 CATEGORIES= misc PKGNAMEPREFIX= qt4- Index: misc/qt4-qtdemo/Makefile =================================================================== --- misc/qt4-qtdemo/Makefile (revision 395487) +++ misc/qt4-qtdemo/Makefile (working copy) @@ -3,7 +3,6 @@ PORTNAME= qtdemo DISTVERSION= ${QT4_VERSION} -PORTREVISION= 2 CATEGORIES= misc PKGNAMEPREFIX= qt4- Index: multimedia/qt4-multimedia/Makefile =================================================================== --- multimedia/qt4-multimedia/Makefile (revision 395487) +++ multimedia/qt4-multimedia/Makefile (working copy) @@ -2,7 +2,6 @@ PORTNAME= multimedia DISTVERSION= ${QT4_VERSION} -PORTREVISION= 1 CATEGORIES= multimedia PKGNAMEPREFIX= qt4- Index: net/qt4-network/Makefile =================================================================== --- net/qt4-network/Makefile (revision 395487) +++ net/qt4-network/Makefile (working copy) @@ -3,7 +3,6 @@ PORTNAME= network DISTVERSION= ${QT4_VERSION} -PORTREVISION= 1 CATEGORIES= net ipv6 PKGNAMEPREFIX= qt4- Index: textproc/clucene-qt4/Makefile =================================================================== --- textproc/clucene-qt4/Makefile (revision 395487) +++ textproc/clucene-qt4/Makefile (working copy) @@ -3,7 +3,6 @@ PORTNAME= clucene DISTVERSION= ${QT4_VERSION} -PORTREVISION= 1 CATEGORIES= textproc PKGNAMEPREFIX= qt4- Index: textproc/qt4-xml/Makefile =================================================================== --- textproc/qt4-xml/Makefile (revision 395487) +++ textproc/qt4-xml/Makefile (working copy) @@ -3,7 +3,6 @@ PORTNAME= xml DISTVERSION= ${QT4_VERSION} -PORTREVISION= 1 CATEGORIES= textproc PKGNAMEPREFIX= qt4- Index: textproc/qt4-xmlpatterns/Makefile =================================================================== --- textproc/qt4-xmlpatterns/Makefile (revision 395487) +++ textproc/qt4-xmlpatterns/Makefile (working copy) @@ -3,7 +3,6 @@ PORTNAME= xmlpatterns DISTVERSION= ${QT4_VERSION} -PORTREVISION= 1 CATEGORIES= textproc PKGNAMEPREFIX= qt4- Index: www/webkit-qt4/Makefile =================================================================== --- www/webkit-qt4/Makefile (revision 395487) +++ www/webkit-qt4/Makefile (working copy) @@ -3,7 +3,6 @@ PORTNAME= webkit DISTVERSION= ${QT4_VERSION} -PORTREVISION= 2 CATEGORIES= www PKGNAMEPREFIX= qt4- Index: x11/qt4-graphicssystems-opengl/Makefile =================================================================== --- x11/qt4-graphicssystems-opengl/Makefile (revision 395487) +++ x11/qt4-graphicssystems-opengl/Makefile (working copy) @@ -2,7 +2,6 @@ PORTNAME= graphicssystems DISTVERSION= ${QT4_VERSION} -PORTREVISION= 1 CATEGORIES= x11 PKGNAMEPREFIX= qt4- PKGNAMESUFFIX= -opengl Index: x11-toolkits/qt4-declarative/Makefile =================================================================== --- x11-toolkits/qt4-declarative/Makefile (revision 395487) +++ x11-toolkits/qt4-declarative/Makefile (working copy) @@ -2,7 +2,6 @@ PORTNAME= declarative DISTVERSION= ${QT4_VERSION} -PORTREVISION= 2 CATEGORIES= x11-toolkits PKGNAMEPREFIX= qt4- Index: x11-toolkits/qt4-gui/Makefile =================================================================== --- x11-toolkits/qt4-gui/Makefile (revision 395487) +++ x11-toolkits/qt4-gui/Makefile (working copy) @@ -3,7 +3,6 @@ PORTNAME= gui DISTVERSION= ${QT4_VERSION} -PORTREVISION= 5 CATEGORIES= x11-toolkits PKGNAMEPREFIX= qt4- Index: x11-toolkits/qt4-gui/files/patch-CVE-2015-0295 =================================================================== --- x11-toolkits/qt4-gui/files/patch-CVE-2015-0295 (revision 395487) +++ x11-toolkits/qt4-gui/files/patch-CVE-2015-0295 (working copy) @@ -1,34 +0,0 @@ -commit e50aa2252cdd5cb53eef7d8c4503c7edff634f68 -Author: Richard J. Moore -Date: Tue Feb 24 19:02:35 2015 +0000 - - Fix a division by zero when processing malformed BMP files. - - This fixes a division by 0 when processing a maliciously crafted BMP - file. No impact beyond DoS. - - Backport of 661f6bfd032dacc62841037732816a583640e187 - - Task-number: QTBUG-44547 - Change-Id: I43f06e752b11cb50669101460902a82b885ae618 - Reviewed-by: Thiago Macieira - ---- src/gui/image/qbmphandler.cpp -+++ src/gui/image/qbmphandler.cpp -@@ -319,10 +319,16 @@ static bool read_dib_body(QDataStream &s, const BMP_INFOHDR &bi, int offset, int - } - } else if (comp == BMP_BITFIELDS && (nbits == 16 || nbits == 32)) { - red_shift = calc_shift(red_mask); -+ if (((red_mask >> red_shift) + 1) == 0) -+ return false; - red_scale = 256 / ((red_mask >> red_shift) + 1); - green_shift = calc_shift(green_mask); -+ if (((green_mask >> green_shift) + 1) == 0) -+ return false; - green_scale = 256 / ((green_mask >> green_shift) + 1); - blue_shift = calc_shift(blue_mask); -+ if (((blue_mask >> blue_shift) + 1) == 0) -+ return false; - blue_scale = 256 / ((blue_mask >> blue_shift) + 1); - } else if (comp == BMP_RGB && (nbits == 24 || nbits == 32)) { - blue_mask = 0x000000ff; Index: x11-toolkits/qt4-gui/files/patch-CVE-2015-1859 =================================================================== --- x11-toolkits/qt4-gui/files/patch-CVE-2015-1859 (revision 395487) +++ x11-toolkits/qt4-gui/files/patch-CVE-2015-1859 (working copy) @@ -1,53 +0,0 @@ -commit 3e55cd6dc467303a3c35312e9fcb255c2c048b32 -Author: Eirik Aavitsland -Date: Wed Mar 11 13:34:01 2015 +0100 - - Fixes crash in bmp and ico image decoding - - Fuzzing test revealed that for certain malformed bmp and ico files, - the handler would segfault. - - Change-Id: I19d45145f31e7f808f7f6a1a1610270ea4159cbe - (cherry picked from qtbase/2adbbae5432aa9d8cc41c6fcf55c2e310d2d4078) - Reviewed-by: Richard J. Moore - ---- src/gui/image/qbmphandler.cpp -+++ src/gui/image/qbmphandler.cpp -@@ -478,12 +478,6 @@ static bool read_dib_body(QDataStream &s, const BMP_INFOHDR &bi, int offset, int - p = data + (h-y-1)*bpl; - break; - case 2: // delta (jump) -- // Protection -- if ((uint)x >= (uint)w) -- x = w-1; -- if ((uint)y >= (uint)h) -- y = h-1; -- - { - quint8 tmp; - d->getChar((char *)&tmp); -@@ -491,6 +485,13 @@ static bool read_dib_body(QDataStream &s, const BMP_INFOHDR &bi, int offset, int - d->getChar((char *)&tmp); - y += tmp; - } -+ -+ // Protection -+ if ((uint)x >= (uint)w) -+ x = w-1; -+ if ((uint)y >= (uint)h) -+ y = h-1; -+ - p = data + (h-y-1)*bpl + x; - break; - default: // absolute mode ---- src/plugins/imageformats/ico/qicohandler.cpp -+++ src/plugins/imageformats/ico/qicohandler.cpp -@@ -571,7 +571,7 @@ QImage ICOReader::iconAt(int index) - QImage::Format format = QImage::Format_ARGB32; - if (icoAttrib.nbits == 24) - format = QImage::Format_RGB32; -- else if (icoAttrib.ncolors == 2) -+ else if (icoAttrib.ncolors == 2 && icoAttrib.depth == 1) - format = QImage::Format_Mono; - else if (icoAttrib.ncolors > 0) - format = QImage::Format_Indexed8;