diff options
author | Miklos Vajna <vmiklos@collabora.com> | 2022-11-16 13:37:33 +0100 |
---|---|---|
committer | Andras Timar <andras.timar@collabora.com> | 2023-01-29 15:38:22 +0100 |
commit | 21060da35436cd567f26e309562c38fc8ad20cbe (patch) | |
tree | 62bdd766cadfd7e87b33927d7b566f47e2662583 | |
parent | 65bed853b1f4522178153a97e871cc426eecaaa0 (diff) |
Update freetype to 2.12.0
- fixes CVE-2022-27404
- dropped the no longer applying parts of ubsan.patch
Change-Id: Ia8a496d53b62f68a27dbd9be08c89273b6bd01cd
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/142768
Tested-by: Jenkins
Reviewed-by: Miklos Vajna <vmiklos@collabora.com>
(cherry picked from commit 7229a380d3d607dc896e1d48b1a13f7b301aef80)
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/142927
Reviewed-by: Michael Stahl <michael.stahl@allotropia.de>
-rw-r--r-- | download.lst | 4 | ||||
-rw-r--r-- | external/freetype/ExternalProject_freetype.mk | 10 | ||||
-rw-r--r-- | external/freetype/UnpackedTarball_freetype.mk | 3 | ||||
-rw-r--r-- | external/freetype/freetype-2.6.5.patch.1 | 45 | ||||
-rw-r--r-- | external/freetype/ubsan.patch | 11 |
5 files changed, 46 insertions, 27 deletions
diff --git a/download.lst b/download.lst index 82507e415d06..96053558cc50 100644 --- a/download.lst +++ b/download.lst @@ -96,8 +96,8 @@ export FONT_SCHEHERAZADE_SHA256SUM := 251c8817ceb87d9b661ce1d5b49e732a0116add10a export FONT_SCHEHERAZADE_TARBALL := Scheherazade-2.100.zip export FREEHAND_SHA256SUM := 0e422d1564a6dbf22a9af598535425271e583514c0f7ba7d9091676420de34ac export FREEHAND_TARBALL := libfreehand-0.1.2.tar.xz -export FREETYPE_SHA256SUM := 8bee39bd3968c4804b70614a0a3ad597299ad0e824bc8aad5ce8aaf48067bde7 -export FREETYPE_TARBALL := freetype-2.11.0.tar.xz +export FREETYPE_SHA256SUM := ef5c336aacc1a079ff9262d6308d6c2a066dd4d2a905301c4adda9b354399033 +export FREETYPE_TARBALL := freetype-2.12.0.tar.xz export GLM_SHA256SUM := 6bba5f032bed47c73ad9397f2313b9acbfb56253d0d0576b5873d3dcb25e99ad export GLM_TARBALL := glm-0.9.9.8.zip export GPGME_SHA256SUM := 6c8cc4aedb10d5d4c905894ba1d850544619ee765606ac43df7405865de29ed0 diff --git a/external/freetype/ExternalProject_freetype.mk b/external/freetype/ExternalProject_freetype.mk index 032e0362917a..2a61ac7d7be4 100644 --- a/external/freetype/ExternalProject_freetype.mk +++ b/external/freetype/ExternalProject_freetype.mk @@ -18,13 +18,19 @@ $(call gb_ExternalProject_get_state_target,freetype,build) : $(call gb_ExternalProject_run,build,\ $(gb_RUN_CONFIGURE) ./configure \ --disable-shared \ + --with-pic \ --without-zlib \ --without-brotli \ --without-bzip2 \ --without-harfbuzz \ + --without-png \ --prefix=$(call gb_UnpackedTarball_get_dir,freetype/instdir) \ - --build=$(BUILD_PLATFORM) --host=$(HOST_PLATFORM) \ - CFLAGS="$(CFLAGS) $(if $(debug),-g) $(gb_VISIBILITY_FLAGS)" \ + $(gb_CONFIGURE_PLATFORMS) \ + CFLAGS="$(CFLAGS) \ + $(call gb_ExternalProject_get_build_flags,freetype) \ + $(gb_VISIBILITY_FLAGS) \ + $(gb_EMSCRIPTEN_CPPFLAGS)" \ + LDFLAGS="$(call gb_ExternalProject_get_link_flags,freetype)" \ && $(MAKE) install \ && touch $@ ) $(call gb_Trace_EndRange,freetype,EXTERNAL) diff --git a/external/freetype/UnpackedTarball_freetype.mk b/external/freetype/UnpackedTarball_freetype.mk index 6f724d1776fc..076edb9e3d97 100644 --- a/external/freetype/UnpackedTarball_freetype.mk +++ b/external/freetype/UnpackedTarball_freetype.mk @@ -13,6 +13,9 @@ $(eval $(call gb_UnpackedTarball_set_tarball,freetype,$(FREETYPE_TARBALL),,freet $(eval $(call gb_UnpackedTarball_add_patches,freetype,\ external/freetype/freetype-2.6.5.patch.1 \ + external/freetype/ubsan.patch \ )) +$(eval $(call gb_UnpackedTarball_set_patchlevel,freetype,0)) + # vim: set noet sw=4 ts=4: diff --git a/external/freetype/freetype-2.6.5.patch.1 b/external/freetype/freetype-2.6.5.patch.1 index faae4bafddd4..c10c0bb38ea8 100644 --- a/external/freetype/freetype-2.6.5.patch.1 +++ b/external/freetype/freetype-2.6.5.patch.1 @@ -1,7 +1,7 @@ diff -up freetype/builds/unix/configure.dt freetype/builds/unix/configure --- freetype/builds/unix/configure.dt 2017-02-01 22:14:45.206257952 +0100 +++ freetype/builds/unix/configure 2017-02-01 22:16:31.076183707 +0100 -@@ -8887,7 +8887,7 @@ +@@ -9386,7 +9386,7 @@ case $host_cpu in powerpc) # see comment about AmigaOS4 .so support @@ -10,7 +10,7 @@ diff -up freetype/builds/unix/configure.dt freetype/builds/unix/configure archive_expsym_cmds='' ;; m68k) -@@ -8903,7 +8903,7 @@ +@@ -9402,7 +9402,7 @@ allow_undefined_flag=unsupported # Joseph Beckenbach <jrb3@best.com> says some releases of gcc # support --undefined. This deserves some investigation. FIXME @@ -19,7 +19,7 @@ diff -up freetype/builds/unix/configure.dt freetype/builds/unix/configure else ld_shlibs=no fi -@@ -8937,7 +8937,7 @@ +@@ -9436,7 +9436,7 @@ ;; haiku*) @@ -28,7 +28,7 @@ diff -up freetype/builds/unix/configure.dt freetype/builds/unix/configure link_all_deplibs=yes ;; -@@ -9032,13 +9032,13 @@ +@@ -9531,13 +9531,13 @@ *Sun\ F*) # Sun Fortran 8.3 tmp_sharedflag='-G' ;; esac @@ -44,7 +44,7 @@ diff -up freetype/builds/unix/configure.dt freetype/builds/unix/configure fi case $cc_basename in -@@ -9068,8 +9068,8 @@ +@@ -9567,8 +9567,8 @@ archive_cmds='$LD -Bshareable $libobjs $deplibs $linker_flags -o $lib' wlarc= else @@ -55,7 +55,7 @@ diff -up freetype/builds/unix/configure.dt freetype/builds/unix/configure fi ;; -@@ -9087,8 +9087,8 @@ +@@ -9586,8 +9586,8 @@ _LT_EOF elif $LD --help 2>&1 | $GREP ': supported targets:.* elf' > /dev/null; then @@ -66,7 +66,7 @@ diff -up freetype/builds/unix/configure.dt freetype/builds/unix/configure else ld_shlibs=no fi -@@ -9116,8 +9116,8 @@ +@@ -9615,8 +9615,8 @@ # requires that you compile everything twice, which is a pain. if $LD --help 2>&1 | $GREP ': supported targets:.* elf' > /dev/null; then hardcode_libdir_flag_spec='$wl-rpath $wl$libdir' @@ -77,7 +77,7 @@ diff -up freetype/builds/unix/configure.dt freetype/builds/unix/configure else ld_shlibs=no fi -@@ -9134,8 +9134,8 @@ +@@ -9633,8 +9633,8 @@ *) if $LD --help 2>&1 | $GREP ': supported targets:.* elf' > /dev/null; then @@ -88,7 +88,7 @@ diff -up freetype/builds/unix/configure.dt freetype/builds/unix/configure else ld_shlibs=no fi -@@ -9434,7 +9434,7 @@ +@@ -9937,7 +9937,7 @@ case $host_cpu in powerpc) # see comment about AmigaOS4 .so support @@ -97,7 +97,7 @@ diff -up freetype/builds/unix/configure.dt freetype/builds/unix/configure archive_expsym_cmds='' ;; m68k) -@@ -9703,7 +9703,7 @@ +@@ -10207,7 +10207,7 @@ irix5* | irix6* | nonstopux*) if test yes = "$GCC"; then @@ -106,16 +106,16 @@ diff -up freetype/builds/unix/configure.dt freetype/builds/unix/configure # Try to use the -exported_symbol ld option, if it does not # work, assume that -exports_file does not work either and # implicitly export all symbols. -@@ -9731,7 +9731,7 @@ - { $as_echo "$as_me:${as_lineno-$LINENO}: result: $lt_cv_irix_exported_symbol" >&5 - $as_echo "$lt_cv_irix_exported_symbol" >&6; } +@@ -10237,7 +10237,7 @@ + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $lt_cv_irix_exported_symbol" >&5 + printf "%s\n" "$lt_cv_irix_exported_symbol" >&6; } if test yes = "$lt_cv_irix_exported_symbol"; then - archive_expsym_cmds='$CC -shared $pic_flag $libobjs $deplibs $compiler_flags $wl-soname $wl$soname `test -n "$verstring" && func_echo_all "$wl-set_version $wl$verstring"` $wl-update_registry $wl$output_objdir/so_locations $wl-exports_file $wl$export_symbols -o $lib' + archive_expsym_cmds='$CC -shared $pic_flag $libobjs $deplibs $compiler_flags `test -n "$verstring" && func_echo_all "$wl-set_version $wl$verstring"` $wl-update_registry $wl$output_objdir/so_locations $wl-exports_file $wl$export_symbols -o $lib' fi else archive_cmds='$CC -shared $libobjs $deplibs $compiler_flags -soname $soname `test -n "$verstring" && func_echo_all "-set_version $verstring"` -update_registry $output_objdir/so_locations -o $lib' -@@ -9826,7 +9826,7 @@ +@@ -10332,7 +10332,7 @@ osf3*) if test yes = "$GCC"; then allow_undefined_flag=' $wl-expect_unresolved $wl\*' @@ -124,7 +124,7 @@ diff -up freetype/builds/unix/configure.dt freetype/builds/unix/configure else allow_undefined_flag=' -expect_unresolved \*' archive_cmds='$CC -shared$allow_undefined_flag $libobjs $deplibs $compiler_flags -soname $soname `test -n "$verstring" && func_echo_all "-set_version $verstring"` -update_registry $output_objdir/so_locations -o $lib' -@@ -9839,7 +9839,7 @@ +@@ -10345,7 +10345,7 @@ osf4* | osf5*) # as osf3* with the addition of -msym flag if test yes = "$GCC"; then allow_undefined_flag=' $wl-expect_unresolved $wl\*' @@ -133,7 +133,7 @@ diff -up freetype/builds/unix/configure.dt freetype/builds/unix/configure hardcode_libdir_flag_spec='$wl-rpath $wl$libdir' else allow_undefined_flag=' -expect_unresolved \*' -@@ -13254,10 +13254,10 @@ +@@ -13620,10 +13620,10 @@ XX_CFLAGS="-Wall" case "$host" in *-*-mingw*) @@ -146,13 +146,12 @@ diff -up freetype/builds/unix/configure.dt freetype/builds/unix/configure ;; *) XX_ANSIFLAGS="" -@@ -13294,7 +13294,7 @@ - if ac_fn_c_try_compile "$LINENO"; then : - { $as_echo "$as_me:${as_lineno-$LINENO}: result: ok, adding to XX_ANSIFLAGS" >&5 - $as_echo "ok, adding to XX_ANSIFLAGS" >&6; } +@@ -13661,7 +13661,7 @@ + then : + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: ok, adding to XX_ANSIFLAGS" >&5 + printf "%s\n" "ok, adding to XX_ANSIFLAGS" >&6; } - XX_ANSIFLAGS="${XX_ANSIFLAGS} ${a}" + XX_ANSIFLAGS="${XX_ANSIFLAGS}" - else - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -diff -up freetype/configure.dt freetype/configure + else $as_nop + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5 diff --git a/external/freetype/ubsan.patch b/external/freetype/ubsan.patch new file mode 100644 index 000000000000..c8173eeff531 --- /dev/null +++ b/external/freetype/ubsan.patch @@ -0,0 +1,11 @@ +--- src/truetype/ttgxvar.c ++++ src/truetype/ttgxvar.c +@@ -964,7 +964,7 @@ + /* in the OpenType specification. */ + + varData = &itemStore->varData[outerIndex]; +- deltaSet = &varData->deltaSet[varData->regionIdxCount * innerIndex]; ++ deltaSet = varData->regionIdxCount * innerIndex == 0 ? varData->deltaSet : &varData->deltaSet[varData->regionIdxCount * innerIndex]; + + /* outer loop steps through master designs to be blended */ + for ( master = 0; master < varData->regionIdxCount; master++ ) |