diff --git a/devel/qt6-base/Makefile b/devel/qt6-base/Makefile index a13c3131b27f..6b55a7b9f2bc 100644 --- a/devel/qt6-base/Makefile +++ b/devel/qt6-base/Makefile @@ -1,113 +1,113 @@ PORTNAME= base DISTVERSION= ${QT6_VERSION} -PORTREVISION= 1 +PORTREVISION= 2 CATEGORIES= devel PKGNAMEPREFIX= qt6- MAINTAINER= kde@FreeBSD.org COMMENT= Qt base (core, gui, widgets, network,...) BUILD_DEPENDS= xml:textproc/xmlstarlet \ ${LOCALBASE}/include/vulkan/vulkan.h:graphics/vulkan-headers \ ${LOCALBASE}/include/linux/input.h:devel/evdev-proto LIB_DEPENDS= \ libatk-1.0.so:accessibility/at-spi2-core \ libatk-bridge-2.0.so:accessibility/at-spi2-core \ libatspi.so:accessibility/at-spi2-core \ libbrotlidec.so:archivers/brotli \ libdbus-1.so:devel/dbus \ libdouble-conversion.so:devel/double-conversion \ libdrm.so:graphics/libdrm \ libevdev.so:devel/libevdev \ libfontconfig.so:x11-fonts/fontconfig \ libfreetype.so:print/freetype2 \ libgraphite2.so:graphics/graphite2 \ libharfbuzz.so:print/harfbuzz \ libicui18n.so:devel/icu \ libinput.so:x11/libinput \ libintl.so:devel/gettext-runtime \ libjpeg.so:graphics/jpeg-turbo \ libmtdev.so:devel/libmtdev \ libpcre2-16.so:devel/pcre2 \ libpng16.so:graphics/png \ libudev.so:devel/libudev-devd \ libvulkan.so:graphics/vulkan-loader \ libwayland-client.so:graphics/wayland \ libxkbcommon.so:x11/libxkbcommon \ libzstd.so:archivers/zstd USES= cmake compiler:c++17-lang gl gnome jpeg perl5 pkgconfig python \ qt-dist:6 shebangfix ssl USE_GL= egl opengl USE_GNOME= cairo gdkpixbuf2 glib20 gtk30 pango USE_LOCALE= C.UTF-8 CMAKE_ARGS= -DOPENSSL_ROOT_DIR="${OPENSSLBASE}" CMAKE_ON= QT_AVOID_CMAKE_ARCHIVING_API \ QT_FIND_ALL_PACKAGES_ALWAYS \ QT_FEATURE_openssl_linked CMAKE_OFF= QT_FEATURE_eglfs \ QT_FEATURE_gssapi # sql drivers are handled in the qt6-base-sqldriver port CMAKE_OFF+= FEATURE_sql_mysql \ FEATURE_sql_odbc \ FEATURE_sql_psql \ FEATURE_sql_sqlite SHEBANG_FILES= ${WRKSRC}/mkspecs/features/uikit/device_destinations.sh \ ${WRKSRC}/mkspecs/features/uikit/devices.py \ ${WRKSRC}/mkspecs/features/data/mac/objc_namespace.sh \ ${WRKSRC}/util/android/android_emulator_launcher.sh \ ${WRKSRC}/util/testrunner/qt-testrunner.py \ ${WRKSRC}/util/testrunner/sanitizer-testrunner.py USE_LDCONFIG= ${PREFIX}/${QT_LIBDIR_REL} # zstd from base fails to compress files during the build (error 11: unsupported argument) BINARY_ALIAS= zstd=${LOCALBASE}/bin/zstd OPTIONS_DEFINE= CUPS X11 OPTIONS_DEFAULT= CUPS X11 OPTIONS_SUB= yes CUPS_LIB_DEPENDS= libcups.so:print/cups CUPS_CMAKE_OFF= -DFEATURE_cups=OFF X11_USES= xorg X11_USE= XORG=ice,pixman,sm,x11,xau,xcb,xcomposite,xcursor,xdamage,xdmcp,xext,xfixes,xi,xinerama,xrandr,xrender X11_CMAKE_BOOL= FEATURE_xcb FEATURE_xlib X11_LIB_DEPENDS= libxcb-cursor.so:x11/xcb-util-cursor \ libxcb-icccm.so:x11/xcb-util-wm \ libxcb-image.so:x11/xcb-util-image \ libxcb-keysyms.so:x11/xcb-util-keysyms \ libxcb-render-util.so:x11/xcb-util-renderutil .include # LibreSSL does not currently support BIO_ADDR in DTLSv1_listen() .if ${SSL_DEFAULT:Mlibressl*} CMAKE_OFF+= QT_FEATURE_dtls PLIST_SUB+= DTLS="@comment " .else PLIST_SUB+= DTLS="" .endif .if ${ARCH} == "armv6" || ${ARCH} == "armv7" BUILD_DEPENDS+= as:devel/binutils CMAKE_ARGS+= -DCMAKE_ASM_FLAGS=-no-integrated-as .endif post-patch: @${REINPLACE_CMD} -e 's|%%OPENSSLLIB%%|${OPENSSLLIB}|g' \ ${WRKSRC}/src/plugins/tls/openssl/qsslsocket_openssl_symbols.cpp # TODO: do this cleaner -- somewhere cmake/qmake still creates empty directories # for the cmake files in INSTALL_PREFIX/lib/cmake post-install: ${RM} -vr ${STAGEDIR}${PREFIX}/${QT_LIBDIR_REL}/cmake # Install symlinks for user-facing tools ${REINPLACE_CMD} -e "s#^#${STAGEDIR}#" -e "s# # ${STAGEDIR}#" \ ${WRKDIR}/.build/user_facing_tool_links.txt while read t; do \ ${RLN} $$t; \ done <${WRKDIR}/.build/user_facing_tool_links.txt .include diff --git a/devel/qt6-base/files/patch-security-rollup b/devel/qt6-base/files/patch-security-rollup new file mode 100644 index 000000000000..e1b537aa5e1c --- /dev/null +++ b/devel/qt6-base/files/patch-security-rollup @@ -0,0 +1,145 @@ +From 13c16b756900fe524f6d9534e8a07aa003c05e0c Mon Sep 17 00:00:00 2001 +From: Marc Mutz +Date: Tue, 12 Dec 2023 20:51:56 +0100 +Subject: [PATCH] HPack: fix a Yoda Condition + +Putting the variable on the LHS of a relational operation makes the +expression easier to read. In this case, we find that the whole +expression is nonsensical as an overflow protection, because if +name.size() + value.size() overflows, the result will exactly _not_ +be > max() - 32, because UB will have happened. + +To be fixed in a follow-up commit. + +As a drive-by, add parentheses around the RHS. + +Pick-to: 6.5 6.2 5.15 +Change-Id: I35ce598884c37c51b74756b3bd2734b9aad63c09 +Reviewed-by: Allan Sandfeld Jensen +(cherry picked from commit 658607a34ead214fbacbc2cca44915655c318ea9) +Reviewed-by: Qt Cherry-pick Bot +(cherry picked from commit 4f7efd41740107f90960116700e3134f5e433867) +--- + src/network/access/http2/hpacktable.cpp | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/src/network/access/http2/hpacktable.cpp b/src/network/access/http2/hpacktable.cpp +index 74a09a207ff..c8c5d098c80 100644 +--- src/network/access/http2/hpacktable.cpp.orig ++++ src/network/access/http2/hpacktable.cpp +@@ -27,7 +27,7 @@ HeaderSize entry_size(QByteArrayView name, QByteArrayView value) + // 32 octets of overhead." + + const unsigned sum = unsigned(name.size() + value.size()); +- if (std::numeric_limits::max() - 32 < sum) ++ if (sum > (std::numeric_limits::max() - 32)) + return HeaderSize(); + return HeaderSize(true, quint32(sum + 32)); + } +From 811b9eef6d08d929af8708adbf2a5effb0eb62d7 Mon Sep 17 00:00:00 2001 +From: Marc Mutz +Date: Tue, 12 Dec 2023 22:08:07 +0100 +Subject: [PATCH] HPack: fix incorrect integer overflow check + +This code never worked: + +For the comparison with max() - 32 to trigger, on 32-bit platforms (or +Qt 5) signed interger overflow would have had to happen in the +addition of the two sizes. The compiler can therefore remove the +overflow check as dead code. + +On Qt 6 and 64-bit platforms, the signed integer addition would be +very unlikely to overflow, but the following truncation to uint32 +would yield the correct result only in a narrow 32-value window just +below UINT_MAX, if even that. + +Fix by using the proper tool, qAddOverflow. + +Pick-to: 6.5 6.2 5.15 +Change-Id: I7599f2e75ff7f488077b0c60b81022591005661c +Reviewed-by: Allan Sandfeld Jensen +(cherry picked from commit ee5da1f2eaf8932aeca02ffea6e4c618585e29e3) +Reviewed-by: Qt Cherry-pick Bot +(cherry picked from commit debeb8878da2dc706ead04b6072ecbe7e5313860) +Reviewed-by: Thiago Macieira +Reviewed-by: Marc Mutz +--- + src/network/access/http2/hpacktable.cpp | 4 +++- + 1 file changed, 3 insertions(+), 1 deletion(-) + +diff --git a/src/network/access/http2/hpacktable.cpp b/src/network/access/http2/hpacktable.cpp +index c8c5d098c80..2c728b37e3b 100644 +--- src/network/access/http2/hpacktable.cpp.orig ++++ src/network/access/http2/hpacktable.cpp +@@ -26,7 +26,9 @@ HeaderSize entry_size(QByteArrayView name, QByteArrayView value) + // for counting the number of references to the name and value would have + // 32 octets of overhead." + +- const unsigned sum = unsigned(name.size() + value.size()); ++ size_t sum; ++ if (qAddOverflow(size_t(name.size()), size_t(value.size()), &sum)) ++ return HeaderSize(); + if (sum > (std::numeric_limits::max() - 32)) + return HeaderSize(); + return HeaderSize(true, quint32(sum + 32)); +From 2e50fbc30a61d69cc2caf6fbd8aca29aa6b8db86 Mon Sep 17 00:00:00 2001 +From: Marc Mutz +Date: Tue, 19 Dec 2023 14:22:37 +0100 +Subject: [PATCH] Http2: fix potential overflow in assemble_hpack_block() +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +The function is given a vector of Http2::Frame's and flattens it into +a vector. While each Frame can contain a maximum of 16GiB of +data (24-bit size field), one "only" needs 257 of them to overflow the +quint32 variable's range. + +So make sure any overflow does not go undetected. + +Keep the limited uint32_t range for now, as we don't know whether all +consumers of the result can deal with more than 4GiB of data. + +Since all these frames must be in memory, this cannot overflow in +practice on 32-bit machines. + +Pick-to: 6.5 6.2 5.15 +Change-Id: Iafaa7d1c870cba9100e75065db11d95934f86213 +Reviewed-by: MÃ¥rten Nordheim +(cherry picked from commit 1e6bb61af3ae29755f93b92f157df026f934ae61) +Reviewed-by: Qt Cherry-pick Bot +(cherry picked from commit af8a9874c32c6b1af8998be9487170b6269dbe1f) +--- + src/network/access/qhttp2protocolhandler.cpp | 8 ++++++-- + 1 file changed, 6 insertions(+), 2 deletions(-) + +diff --git a/src/network/access/qhttp2protocolhandler.cpp b/src/network/access/qhttp2protocolhandler.cpp +index 88963f89687..707ef8de54e 100644 +--- src/network/access/qhttp2protocolhandler.cpp.orig ++++ src/network/access/qhttp2protocolhandler.cpp +@@ -10,10 +10,12 @@ + #include + + #include ++ + #include + #include + #include + #include ++#include + #include + + #include +@@ -90,8 +92,10 @@ std::vector assemble_hpack_block(const std::vector &frames) + std::vector hpackBlock; + + quint32 total = 0; +- for (const auto &frame : frames) +- total += frame.hpackBlockSize(); ++ for (const auto &frame : frames) { ++ if (qAddOverflow(total, frame.hpackBlockSize(), &total)) ++ return hpackBlock; ++ } + + if (!total) + return hpackBlock;