Репозитории ALT
| S: | 4.8.7-alt25 |
| 5.1: | 4.6.3-alt1.M51.1 |
| 4.1: | 4.4.3-alt1.M41.1 |
| 4.0: | 4.3.4-alt5.M40.1 |
| 3.0: | 4.0.1-alt1 |
| +updates: | 4.0.1-alt2 |
| +backports: | 4.2.3-alt7.1.M30 |
Группа :: Система/Библиотеки
Пакет: qt4
навигация по пакетам
Главная Изменения Спек Патчи Sources Загрузить Gear Bugs and FR Repocop
Патч: qt-x11-opensource-src-4.5.3-cve-2010-0046-css-format-mem-corruption.patch
Скачать
Скачать
diff -up qt-x11-opensource-src-4.5.3/src/3rdparty/webkit/WebCore/css/CSSParser.cpp.cve-2010-0046-css-format-mem-corruption qt-x11-opensource-src-4.5.3/src/3rdparty/webkit/WebCore/css/CSSParser.cpp
--- qt-x11-opensource-src-4.5.3/src/3rdparty/webkit/WebCore/css/CSSParser.cpp.cve-2010-0046-css-format-mem-corruption 2009-09-29 13:01:35.000000000 +0200
+++ qt-x11-opensource-src-4.5.3/src/3rdparty/webkit/WebCore/css/CSSParser.cpp 2010-02-04 15:00:24.778776273 +0100
@@ -3085,6 +3085,12 @@ bool CSSParser::parseFontWeight(bool imp
return false;
}
+static bool isValidFormatFunction(CSSParserValue* val)
+{+ CSSParserValueList* args = val->function->args;
+ return equalIgnoringCase(val->function->name, "format(") && (args->current()->unit == CSSPrimitiveValue::CSS_STRING || args->current()->unit == CSSPrimitiveValue::CSS_IDENT);+}
+
bool CSSParser::parseFontFaceSrc()
{RefPtr<CSSValueList> values(CSSValueList::createCommaSeparated());
@@ -3111,7 +3117,7 @@ bool CSSParser::parseFontFaceSrc()
CSSParserValue* a = args->current();
uriValue.clear();
parsedValue = CSSFontFaceSrcValue::createLocal(a->string);
- } else if (equalIgnoringCase(val->function->name, "format(") && allowFormat && uriValue) {+ } else if (allowFormat && uriValue && isValidFormatFunction(val)) {expectComma = true;
allowFormat = false;
uriValue->setFormat(args->current()->string);