1 files changed, 0 insertions, 62 deletions

diff --git a/dev-qt/qtgui/files/qtgui-5.4.1-CVE-2015-1858-1859.patch b/dev-qt/qtgui/files/qtgui-5.4.1-CVE-2015-1858-1859.patch
deleted file mode 100644
index c0ea6c2..0000000
--- a/dev-qt/qtgui/files/qtgui-5.4.1-CVE-2015-1858-1859.patch
+++ /dev/null
@@ -1,62 +0,0 @@
-From 51ec7ebfe5f45d1c0a03d992e97053cac66e25fe Mon Sep 17 00:00:00 2001
-From: Eirik Aavitsland <eirik.aavitsland@theqtcompany.com>
-Date: Wed, 11 Mar 2015 13:34:01 +0100
-Subject: Fixes crash in bmp and ico image decoding
-
-Fuzzing test revealed that for certain malformed bmp and ico files,
-the handler would segfault.
-
-Change-Id: I19d45145f31e7f808f7f6a1a1610270ea4159cbe
-Reviewed-by: Lars Knoll <lars.knoll@digia.com>
----
- src/gui/image/qbmphandler.cpp                | 13 +++++++------
- src/plugins/imageformats/ico/qicohandler.cpp |  2 +-
- 2 files changed, 8 insertions(+), 7 deletions(-)
-
-diff --git a/src/gui/image/qbmphandler.cpp b/src/gui/image/qbmphandler.cpp
-index df66499..8acc593 100644
---- a/src/gui/image/qbmphandler.cpp
-+++ b/src/gui/image/qbmphandler.cpp
-@@ -484,12 +484,6 @@ static bool read_dib_body(QDataStream &s, const BMP_INFOHDR &bi, int offset, int
-                             p = data + (h-y-1)*bpl;
-                             break;
-                         case 2:                        // delta (jump)
--                            // Protection
--                            if ((uint)x >= (uint)w)
--                                x = w-1;
--                            if ((uint)y >= (uint)h)
--                                y = h-1;
--
-                             {
-                                 quint8 tmp;
-                                 d->getChar((char *)&tmp);
-@@ -497,6 +491,13 @@ static bool read_dib_body(QDataStream &s, const BMP_INFOHDR &bi, int offset, int
-                                 d->getChar((char *)&tmp);
-                                 y += tmp;
-                             }
-+
-+                            // Protection
-+                            if ((uint)x >= (uint)w)
-+                                x = w-1;
-+                            if ((uint)y >= (uint)h)
-+                                y = h-1;
-+
-                             p = data + (h-y-1)*bpl + x;
-                             break;
-                         default:                // absolute mode
-diff --git a/src/plugins/imageformats/ico/qicohandler.cpp b/src/plugins/imageformats/ico/qicohandler.cpp
-index 00de0c8..ec1654e 100644
---- a/src/plugins/imageformats/ico/qicohandler.cpp
-+++ b/src/plugins/imageformats/ico/qicohandler.cpp
-@@ -567,7 +567,7 @@ QImage ICOReader::iconAt(int index)
-                 QImage::Format format = QImage::Format_ARGB32;
-                 if (icoAttrib.nbits == 24)
-                     format = QImage::Format_RGB32;
--                else if (icoAttrib.ncolors == 2)
-+                else if (icoAttrib.ncolors == 2 && icoAttrib.depth == 1)
-                     format = QImage::Format_Mono;
-                 else if (icoAttrib.ncolors > 0)
-                     format = QImage::Format_Indexed8;
--- 
-cgit v0.11.0
-