diff options
author | Andreas Sturmlechner <asturm@gentoo.org> | 2023-02-08 23:00:02 +0100 |
---|---|---|
committer | Andreas Sturmlechner <asturm@gentoo.org> | 2023-02-08 23:03:06 +0100 |
commit | 21ff6b5a26c64269d3c9cb1753ed35c74fe5ed7f (patch) | |
tree | 38c6c7bb71e43d04d76fb396250d9a28529b8718 | |
parent | dev-ruby/facter: add 4.3.0 (diff) | |
download | gentoo-21ff6b5a26c64269d3c9cb1753ed35c74fe5ed7f.tar.gz gentoo-21ff6b5a26c64269d3c9cb1753ed35c74fe5ed7f.tar.bz2 gentoo-21ff6b5a26c64269d3c9cb1753ed35c74fe5ed7f.zip |
dev-qt/qtsql: Fix CVE-2023-24607
Signed-off-by: Andreas Sturmlechner <asturm@gentoo.org>
-rw-r--r-- | dev-qt/qtsql/Manifest | 1 | ||||
-rw-r--r-- | dev-qt/qtsql/files/qtsql-5.15.8-CVE-2023-24607.patch | 341 | ||||
-rw-r--r-- | dev-qt/qtsql/qtsql-5.15.8-r1.ebuild | 58 |
3 files changed, 400 insertions, 0 deletions
diff --git a/dev-qt/qtsql/Manifest b/dev-qt/qtsql/Manifest index 74c8ba8ae7d8..72012ac9ff90 100644 --- a/dev-qt/qtsql/Manifest +++ b/dev-qt/qtsql/Manifest @@ -1,3 +1,4 @@ DIST qtbase-5.15-gentoo-patchset-3.tar.xz 3856 BLAKE2B 0752426f9bc2dfa1ab2bc246b29f5d00305df05175a7801d7d5eddacfa46fcb605d9a317547edc01d3ef339f6effc2fcee7549cb7aecced37f0098166c70dbe2 SHA512 2515bea53232e76ca3e40bdaf1dd52fdf452052a2f40002ee91360d1fcceea3c5c2f5a8d2a3bfc0f9c2bacd61460a632c5b351accd73fd37b64985593219148e DIST qtbase-5.15.8-gentoo-kde-1.tar.xz 780764 BLAKE2B 6abb00127113595cbb0a0caf58eb6323423ca41cbde6262a63762aded12861b6c051c9548c9ce2d11ab073e8930c11b609c05579eba34d56201fb7187c78ee23 SHA512 8b59ba61e7364c78d5bf728b4d8c9bd0f8e1ed973f1a84cd40330b06195b246e052ec087067336ff5d4e80a12168a25e0bd47fd88d837c00f106d8cdeba0c016 +DIST qtbase-5.15.8-gentoo-kde-5.tar.xz 793372 BLAKE2B f486a0275fdf4da28a88ba40b7e6f227267fa05e8f466f734f720e792de1796501d5f1fb4427a84ca2d709bfa07abd695ad59210f7fd11227b1bf465484736b8 SHA512 f51d7ee2d121acda1141b9816197afc57ac0176a12acc08a93c2a793694afb734f8f1ad280a5bf95170cf912e32edb4a6612befeb4198fec78a7e50bbb6a61cd DIST qtbase-everywhere-opensource-src-5.15.8.tar.xz 50259432 BLAKE2B cb1b790a384a5cad9a95fdc448e275d48a68c6ee2addf08b40f9963cc5762fd7ab15852dea8392dc76da39f1565c1e23ddb5875c280f0177e802082f4b4f7f2b SHA512 29e8877bafdbc908072209f1b27a5040b022e2b71f17f4ab4cecd570adeae21597f9af7f1d38758760f3cb30376eeb15c5f066bf02c6e9a9e3a4d07f967046ce diff --git a/dev-qt/qtsql/files/qtsql-5.15.8-CVE-2023-24607.patch b/dev-qt/qtsql/files/qtsql-5.15.8-CVE-2023-24607.patch new file mode 100644 index 000000000000..3cdb9116465b --- /dev/null +++ b/dev-qt/qtsql/files/qtsql-5.15.8-CVE-2023-24607.patch @@ -0,0 +1,341 @@ +From ec1c9c116a16f2cd15587dc861e5d178010b3f99 Mon Sep 17 00:00:00 2001 +From: Albert Astals Cid <aacid@kde.org> +Date: Wed, 8 Feb 2023 18:16:58 +0100 +Subject: [PATCH] Apply CVE-2023-24607-qtbase-5.15.diff + +Change-Id: Ic77ce0e279a8ed6d7aac3bf4f0d1a56ad9dde40c +--- + src/plugins/sqldrivers/odbc/qsql_odbc.cpp | 206 +++++++++++++--------- + 1 file changed, 118 insertions(+), 88 deletions(-) + +diff --git a/src/plugins/sqldrivers/odbc/qsql_odbc.cpp b/src/plugins/sqldrivers/odbc/qsql_odbc.cpp +index 5f51de3843..6cac60d03d 100644 +--- a/src/plugins/sqldrivers/odbc/qsql_odbc.cpp ++++ b/src/plugins/sqldrivers/odbc/qsql_odbc.cpp +@@ -92,23 +92,39 @@ inline static QString fromSQLTCHAR(const QVarLengthArray<SQLTCHAR>& input, int s + return result; + } + ++template <size_t SizeOfChar = sizeof(SQLTCHAR)> ++void toSQLTCHARImpl(QVarLengthArray<SQLTCHAR> &result, const QString &input); // primary template undefined ++ ++template <typename Container> ++void do_append(QVarLengthArray<SQLTCHAR> &result, const Container &c) ++{ ++ result.append(reinterpret_cast<const SQLTCHAR *>(c.data()), c.size()); ++} ++ ++template <> ++void toSQLTCHARImpl<1>(QVarLengthArray<SQLTCHAR> &result, const QString &input) ++{ ++ const auto u8 = input.toUtf8(); ++ do_append(result, u8); ++} ++ ++template <> ++void toSQLTCHARImpl<2>(QVarLengthArray<SQLTCHAR> &result, const QString &input) ++{ ++ do_append(result, input); ++} ++ ++template <> ++void toSQLTCHARImpl<4>(QVarLengthArray<SQLTCHAR> &result, const QString &input) ++{ ++ const auto u32 = input.toUcs4(); ++ do_append(result, u32); ++} ++ + inline static QVarLengthArray<SQLTCHAR> toSQLTCHAR(const QString &input) + { + QVarLengthArray<SQLTCHAR> result; +- result.resize(input.size()); +- switch(sizeof(SQLTCHAR)) { +- case 1: +- memcpy(result.data(), input.toUtf8().data(), input.size()); +- break; +- case 2: +- memcpy(result.data(), input.unicode(), input.size() * 2); +- break; +- case 4: +- memcpy(result.data(), input.toUcs4().data(), input.size() * 4); +- break; +- default: +- qCritical("sizeof(SQLTCHAR) is %d. Don't know how to handle this.", int(sizeof(SQLTCHAR))); +- } ++ toSQLTCHARImpl(result, input); + result.append(0); // make sure it's null terminated, doesn't matter if it already is, it does if it isn't. + return result; + } +@@ -763,6 +779,14 @@ QChar QODBCDriverPrivate::quoteChar() + return quote; + } + ++static SQLRETURN qt_string_SQLSetConnectAttr(SQLHDBC handle, SQLINTEGER attr, const QString &val) ++{ ++ auto encoded = toSQLTCHAR(val); ++ return SQLSetConnectAttr(handle, attr, ++ encoded.data(), ++ SQLINTEGER(encoded.size() * sizeof(SQLTCHAR))); // size in bytes ++} ++ + + bool QODBCDriverPrivate::setConnectionOptions(const QString& connOpts) + { +@@ -798,10 +822,7 @@ bool QODBCDriverPrivate::setConnectionOptions(const QString& connOpts) + v = val.toUInt(); + r = SQLSetConnectAttr(hDbc, SQL_ATTR_LOGIN_TIMEOUT, (SQLPOINTER) size_t(v), 0); + } else if (opt.toUpper() == QLatin1String("SQL_ATTR_CURRENT_CATALOG")) { +- val.utf16(); // 0 terminate +- r = SQLSetConnectAttr(hDbc, SQL_ATTR_CURRENT_CATALOG, +- toSQLTCHAR(val).data(), +- val.length()*sizeof(SQLTCHAR)); ++ r = qt_string_SQLSetConnectAttr(hDbc, SQL_ATTR_CURRENT_CATALOG, val); + } else if (opt.toUpper() == QLatin1String("SQL_ATTR_METADATA_ID")) { + if (val.toUpper() == QLatin1String("SQL_TRUE")) { + v = SQL_TRUE; +@@ -816,10 +837,7 @@ bool QODBCDriverPrivate::setConnectionOptions(const QString& connOpts) + v = val.toUInt(); + r = SQLSetConnectAttr(hDbc, SQL_ATTR_PACKET_SIZE, (SQLPOINTER) size_t(v), 0); + } else if (opt.toUpper() == QLatin1String("SQL_ATTR_TRACEFILE")) { +- val.utf16(); // 0 terminate +- r = SQLSetConnectAttr(hDbc, SQL_ATTR_TRACEFILE, +- toSQLTCHAR(val).data(), +- val.length()*sizeof(SQLTCHAR)); ++ r = qt_string_SQLSetConnectAttr(hDbc, SQL_ATTR_TRACEFILE, val); + } else if (opt.toUpper() == QLatin1String("SQL_ATTR_TRACE")) { + if (val.toUpper() == QLatin1String("SQL_OPT_TRACE_OFF")) { + v = SQL_OPT_TRACE_OFF; +@@ -1022,9 +1040,12 @@ bool QODBCResult::reset (const QString& query) + return false; + } + +- r = SQLExecDirect(d->hStmt, +- toSQLTCHAR(query).data(), +- (SQLINTEGER) query.length()); ++ { ++ auto encoded = toSQLTCHAR(query); ++ r = SQLExecDirect(d->hStmt, ++ encoded.data(), ++ SQLINTEGER(encoded.size())); ++ } + if (r != SQL_SUCCESS && r != SQL_SUCCESS_WITH_INFO && r!= SQL_NO_DATA) { + setLastError(qMakeError(QCoreApplication::translate("QODBCResult", + "Unable to execute statement"), QSqlError::StatementError, d)); +@@ -1371,9 +1392,12 @@ bool QODBCResult::prepare(const QString& query) + return false; + } + +- r = SQLPrepare(d->hStmt, +- toSQLTCHAR(query).data(), +- (SQLINTEGER) query.length()); ++ { ++ auto encoded = toSQLTCHAR(query); ++ r = SQLPrepare(d->hStmt, ++ encoded.data(), ++ SQLINTEGER(encoded.size())); ++ } + + if (r != SQL_SUCCESS) { + setLastError(qMakeError(QCoreApplication::translate("QODBCResult", +@@ -1401,7 +1425,7 @@ bool QODBCResult::exec() + SQLCloseCursor(d->hStmt); + + QVector<QVariant>& values = boundValues(); +- QVector<QByteArray> tmpStorage(values.count(), QByteArray()); // holds temporary buffers ++ QVector<QByteArray> tmpStorage(values.count(), QByteArray()); // targets for SQLBindParameter() + QVarLengthArray<SQLLEN, 32> indicators(values.count()); + memset(indicators.data(), 0, indicators.size() * sizeof(SQLLEN)); + +@@ -1580,35 +1604,36 @@ bool QODBCResult::exec() + case QVariant::String: + if (d->unicode) { + QByteArray &ba = tmpStorage[i]; +- QString str = val.toString(); ++ { ++ const auto encoded = toSQLTCHAR(val.toString()); ++ ba = QByteArray(reinterpret_cast<const char *>(encoded.data()), ++ encoded.size() * sizeof(SQLTCHAR)); ++ } ++ + if (*ind != SQL_NULL_DATA) +- *ind = str.length() * sizeof(SQLTCHAR); +- int strSize = str.length() * sizeof(SQLTCHAR); ++ *ind = ba.size(); + + if (bindValueType(i) & QSql::Out) { +- const QVarLengthArray<SQLTCHAR> a(toSQLTCHAR(str)); +- ba = QByteArray((const char *)a.constData(), a.size() * sizeof(SQLTCHAR)); + r = SQLBindParameter(d->hStmt, + i + 1, + qParamType[bindValueType(i) & QSql::InOut], + SQL_C_TCHAR, +- strSize > 254 ? SQL_WLONGVARCHAR : SQL_WVARCHAR, ++ ba.size() > 254 ? SQL_WLONGVARCHAR : SQL_WVARCHAR, + 0, // god knows... don't change this! + 0, +- ba.data(), ++ const_cast<char *>(ba.constData()), // don't detach + ba.size(), + ind); + break; + } +- ba = QByteArray ((const char *)toSQLTCHAR(str).constData(), str.size()*sizeof(SQLTCHAR)); + r = SQLBindParameter(d->hStmt, + i + 1, + qParamType[bindValueType(i) & QSql::InOut], + SQL_C_TCHAR, +- strSize > 254 ? SQL_WLONGVARCHAR : SQL_WVARCHAR, +- strSize, ++ ba.size() > 254 ? SQL_WLONGVARCHAR : SQL_WVARCHAR, ++ ba.size(), + 0, +- const_cast<char *>(ba.constData()), ++ const_cast<char *>(ba.constData()), // don't detach + ba.size(), + ind); + break; +@@ -1716,10 +1741,11 @@ bool QODBCResult::exec() + case QVariant::String: + if (d->unicode) { + if (bindValueType(i) & QSql::Out) { +- const QByteArray &first = tmpStorage.at(i); +- QVarLengthArray<SQLTCHAR> array; +- array.append((const SQLTCHAR *)first.constData(), first.size()); +- values[i] = fromSQLTCHAR(array, first.size()/sizeof(SQLTCHAR)); ++ const QByteArray &bytes = tmpStorage.at(i); ++ const auto strSize = bytes.size() / int(sizeof(SQLTCHAR)); ++ QVarLengthArray<SQLTCHAR> string(strSize); ++ memcpy(string.data(), bytes.data(), strSize * sizeof(SQLTCHAR)); ++ values[i] = fromSQLTCHAR(string); + } + break; + } +@@ -1966,14 +1992,16 @@ bool QODBCDriver::open(const QString & db, + SQLSMALLINT cb; + QVarLengthArray<SQLTCHAR> connOut(1024); + memset(connOut.data(), 0, connOut.size() * sizeof(SQLTCHAR)); +- r = SQLDriverConnect(d->hDbc, +- NULL, +- toSQLTCHAR(connQStr).data(), +- (SQLSMALLINT)connQStr.length(), +- connOut.data(), +- 1024, +- &cb, +- /*SQL_DRIVER_NOPROMPT*/0); ++ { ++ auto encoded = toSQLTCHAR(connQStr); ++ r = SQLDriverConnect(d->hDbc, ++ nullptr, ++ encoded.data(), SQLSMALLINT(encoded.size()), ++ connOut.data(), ++ 1024, ++ &cb, ++ /*SQL_DRIVER_NOPROMPT*/0); ++ } + + if (r != SQL_SUCCESS && r != SQL_SUCCESS_WITH_INFO) { + setLastError(qMakeError(tr("Unable to connect"), QSqlError::ConnectionError, d)); +@@ -2352,17 +2380,15 @@ QStringList QODBCDriver::tables(QSql::TableType type) const + if (tableType.isEmpty()) + return tl; + +- QString joinedTableTypeString = tableType.join(QLatin1Char(',')); ++ { ++ auto joinedTableTypeString = toSQLTCHAR(tableType.join(u',')); + +- r = SQLTables(hStmt, +- NULL, +- 0, +- NULL, +- 0, +- NULL, +- 0, +- toSQLTCHAR(joinedTableTypeString).data(), +- joinedTableTypeString.length() /* characters, not bytes */); ++ r = SQLTables(hStmt, ++ nullptr, 0, ++ nullptr, 0, ++ nullptr, 0, ++ joinedTableTypeString.data(), joinedTableTypeString.size()); ++ } + + if (r != SQL_SUCCESS) + qSqlWarning(QLatin1String("QODBCDriver::tables Unable to execute table list"), d); +@@ -2436,28 +2462,30 @@ QSqlIndex QODBCDriver::primaryIndex(const QString& tablename) const + SQL_ATTR_CURSOR_TYPE, + (SQLPOINTER)SQL_CURSOR_FORWARD_ONLY, + SQL_IS_UINTEGER); +- r = SQLPrimaryKeys(hStmt, +- catalog.length() == 0 ? NULL : toSQLTCHAR(catalog).data(), +- catalog.length(), +- schema.length() == 0 ? NULL : toSQLTCHAR(schema).data(), +- schema.length(), +- toSQLTCHAR(table).data(), +- table.length() /* in characters, not in bytes */); ++ { ++ auto c = toSQLTCHAR(catalog); ++ auto s = toSQLTCHAR(schema); ++ auto t = toSQLTCHAR(table); ++ r = SQLPrimaryKeys(hStmt, ++ catalog.isEmpty() ? nullptr : c.data(), c.size(), ++ schema.isEmpty() ? nullptr : s.data(), s.size(), ++ t.data(), t.size()); ++ } + + // if the SQLPrimaryKeys() call does not succeed (e.g the driver + // does not support it) - try an alternative method to get hold of + // the primary index (e.g MS Access and FoxPro) + if (r != SQL_SUCCESS) { +- r = SQLSpecialColumns(hStmt, +- SQL_BEST_ROWID, +- catalog.length() == 0 ? NULL : toSQLTCHAR(catalog).data(), +- catalog.length(), +- schema.length() == 0 ? NULL : toSQLTCHAR(schema).data(), +- schema.length(), +- toSQLTCHAR(table).data(), +- table.length(), +- SQL_SCOPE_CURROW, +- SQL_NULLABLE); ++ auto c = toSQLTCHAR(catalog); ++ auto s = toSQLTCHAR(schema); ++ auto t = toSQLTCHAR(table); ++ r = SQLSpecialColumns(hStmt, ++ SQL_BEST_ROWID, ++ catalog.isEmpty() ? nullptr : c.data(), c.size(), ++ schema.isEmpty() ? nullptr : s.data(), s.size(), ++ t.data(), t.size(), ++ SQL_SCOPE_CURROW, ++ SQL_NULLABLE); + + if (r != SQL_SUCCESS) { + qSqlWarning(QLatin1String("QODBCDriver::primaryIndex: Unable to execute primary key list"), d); +@@ -2538,15 +2566,17 @@ QSqlRecord QODBCDriver::record(const QString& tablename) const + SQL_ATTR_CURSOR_TYPE, + (SQLPOINTER)SQL_CURSOR_FORWARD_ONLY, + SQL_IS_UINTEGER); +- r = SQLColumns(hStmt, +- catalog.length() == 0 ? NULL : toSQLTCHAR(catalog).data(), +- catalog.length(), +- schema.length() == 0 ? NULL : toSQLTCHAR(schema).data(), +- schema.length(), +- toSQLTCHAR(table).data(), +- table.length(), +- NULL, +- 0); ++ { ++ auto c = toSQLTCHAR(catalog); ++ auto s = toSQLTCHAR(schema); ++ auto t = toSQLTCHAR(table); ++ r = SQLColumns(hStmt, ++ catalog.isEmpty() ? nullptr : c.data(), c.size(), ++ schema.isEmpty() ? nullptr : s.data(), s.size(), ++ t.data(), t.size(), ++ nullptr, ++ 0); ++ } + if (r != SQL_SUCCESS) + qSqlWarning(QLatin1String("QODBCDriver::record: Unable to execute column list"), d); + +-- +GitLab + diff --git a/dev-qt/qtsql/qtsql-5.15.8-r1.ebuild b/dev-qt/qtsql/qtsql-5.15.8-r1.ebuild new file mode 100644 index 000000000000..28c772953201 --- /dev/null +++ b/dev-qt/qtsql/qtsql-5.15.8-r1.ebuild @@ -0,0 +1,58 @@ +# Copyright 1999-2023 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=8 + +if [[ ${PV} != *9999* ]]; then + QT5_KDEPATCHSET_REV=5 + KEYWORDS="~amd64 ~arm ~arm64 ~hppa ~loong ~ppc ~ppc64 ~riscv ~sparc ~x86" +fi + +QT5_MODULE="qtbase" +inherit qt5-build + +DESCRIPTION="SQL abstraction library for the Qt5 framework" + +SLOT=5/${QT5_PV} # bug 639140 +IUSE="freetds mysql oci8 odbc postgres +sqlite" +REQUIRED_USE=" + || ( freetds mysql oci8 odbc postgres sqlite ) +" + +DEPEND=" + =dev-qt/qtcore-${QT5_PV}*:5= + freetds? ( dev-db/freetds ) + mysql? ( dev-db/mysql-connector-c:= ) + oci8? ( dev-db/oracle-instantclient:=[sdk] ) + odbc? ( dev-db/unixODBC ) + postgres? ( dev-db/postgresql:* ) + sqlite? ( dev-db/sqlite:3 ) +" +RDEPEND="${DEPEND}" + +QT5_TARGET_SUBDIRS=( + src/sql + src/plugins/sqldrivers +) + +QT5_GENTOO_PRIVATE_CONFIG=( + :sql +) + +PATCHES=( "${FILESDIR}/${P}-CVE-2023-24607.patch" ) + +src_configure() { + local myconf=( + $(qt_use freetds sql-tds plugin) + $(qt_use mysql sql-mysql plugin) + $(qt_use oci8 sql-oci plugin) + $(qt_use odbc sql-odbc plugin) + $(qt_use postgres sql-psql plugin) + $(qt_use sqlite sql-sqlite plugin) + $(usev sqlite -system-sqlite) + ) + + use oci8 && myconf+=("-I${ORACLE_HOME}/include" "-L${ORACLE_HOME}/$(get_libdir)") + + qt5-build_src_configure +} |