commit: 04d8c0b2f1069d63a1711862310d0052d1fd1502 Author: Sam James <sam <AT> gentoo <DOT> org> AuthorDate: Sun Jun 16 10:18:36 2024 +0000 Commit: Sam James <sam <AT> gentoo <DOT> org> CommitDate: Sun Jun 16 10:28:29 2024 +0000 URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=04d8c0b2
media-libs/woff2: fix strict aliasing violation Signed-off-by: Sam James <sam <AT> gentoo.org> media-libs/woff2/files/woff2-1.0.2-aliasing.patch | 79 +++++++++++++++++++++++ media-libs/woff2/woff2-1.0.2-r6.ebuild | 41 ++++++++++++ 2 files changed, 120 insertions(+) diff --git a/media-libs/woff2/files/woff2-1.0.2-aliasing.patch b/media-libs/woff2/files/woff2-1.0.2-aliasing.patch new file mode 100644 index 000000000000..5bc75b744559 --- /dev/null +++ b/media-libs/woff2/files/woff2-1.0.2-aliasing.patch @@ -0,0 +1,79 @@ +https://github.com/google/woff2/commit/23a34adec39d7cef30c1eebbf775a1ea5cc43c53 + +From 23a34adec39d7cef30c1eebbf775a1ea5cc43c53 Mon Sep 17 00:00:00 2001 +From: David Benjamin <[email protected]> +Date: Thu, 26 Oct 2023 10:16:05 -0400 +Subject: [PATCH] Fix undefined type-punning when loading/storing words + +Despite common practice, type-punning integer types out of buffers is +undefined in C and C++. It's both a strict aliasing violation on access, +and if the pointer isn't aligned, an alignment violation on cast. Being +undefined, the compiler is allowed to arbitrarily miscompile the code +when we rely on it. + +Instead, the two legal ways to pull a uint32_t out of a buffer are to +either use memcpy, or load byte by byte and use shifts. In both cases, +a good compiler should be smart enough to recognize what we're doing and +generate reasonable code. Since there was already fallback code for the +latter (for a middle-endian architecture?), I went ahead and switched to +that. + +This change is needed to fix UBSan violations in Chromium. +--- a/src/store_bytes.h ++++ b/src/store_bytes.h +@@ -27,15 +27,8 @@ inline size_t StoreU32(uint8_t* dst, size_t offset, uint32_t x) { + } + + inline size_t Store16(uint8_t* dst, size_t offset, int x) { +-#if defined(WOFF_LITTLE_ENDIAN) +- *reinterpret_cast<uint16_t*>(dst + offset) = +- ((x & 0xFF) << 8) | ((x & 0xFF00) >> 8); +-#elif defined(WOFF_BIG_ENDIAN) +- *reinterpret_cast<uint16_t*>(dst + offset) = static_cast<uint16_t>(x); +-#else + dst[offset] = x >> 8; + dst[offset + 1] = x; +-#endif + return offset + 2; + } + +@@ -47,17 +40,8 @@ inline void StoreU32(uint32_t val, size_t* offset, uint8_t* dst) { + } + + inline void Store16(int val, size_t* offset, uint8_t* dst) { +-#if defined(WOFF_LITTLE_ENDIAN) +- *reinterpret_cast<uint16_t*>(dst + *offset) = +- ((val & 0xFF) << 8) | ((val & 0xFF00) >> 8); +- *offset += 2; +-#elif defined(WOFF_BIG_ENDIAN) +- *reinterpret_cast<uint16_t*>(dst + *offset) = static_cast<uint16_t>(val); +- *offset += 2; +-#else + dst[(*offset)++] = val >> 8; + dst[(*offset)++] = val; +-#endif + } + + inline void StoreBytes(const uint8_t* data, size_t len, +--- a/src/woff2_common.cc ++++ b/src/woff2_common.cc +@@ -19,16 +19,8 @@ uint32_t ComputeULongSum(const uint8_t* buf, size_t size) { + uint32_t checksum = 0; + size_t aligned_size = size & ~3; + for (size_t i = 0; i < aligned_size; i += 4) { +-#if defined(WOFF_LITTLE_ENDIAN) +- uint32_t v = *reinterpret_cast<const uint32_t*>(buf + i); +- checksum += (((v & 0xFF) << 24) | ((v & 0xFF00) << 8) | +- ((v & 0xFF0000) >> 8) | ((v & 0xFF000000) >> 24)); +-#elif defined(WOFF_BIG_ENDIAN) +- checksum += *reinterpret_cast<const uint32_t*>(buf + i); +-#else +- checksum += (buf[i] << 24) | (buf[i + 1] << 16) | +- (buf[i + 2] << 8) | buf[i + 3]; +-#endif ++ checksum += ++ (buf[i] << 24) | (buf[i + 1] << 16) | (buf[i + 2] << 8) | buf[i + 3]; + } + + // treat size not aligned on 4 as if it were padded to 4 with 0's + diff --git a/media-libs/woff2/woff2-1.0.2-r6.ebuild b/media-libs/woff2/woff2-1.0.2-r6.ebuild new file mode 100644 index 000000000000..f104cb69f87d --- /dev/null +++ b/media-libs/woff2/woff2-1.0.2-r6.ebuild @@ -0,0 +1,41 @@ +# Copyright 1999-2024 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=8 + +inherit cmake + +DESCRIPTION="Encode/decode WOFF2 font format" +HOMEPAGE="https://github.com/google/woff2"; +SRC_URI="https://github.com/google/${PN}/archive/v${PV}.tar.gz -> ${P}.tar.gz" + +LICENSE="MIT" +SLOT="0" +KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~loong ~m68k ~mips ~ppc ~ppc64 ~riscv ~s390 ~sparc ~x86 ~amd64-linux ~x86-linux ~x64-macos ~x64-solaris" +IUSE="" + +RDEPEND="app-arch/brotli:=" +DEPEND="${RDEPEND}" +BDEPEND="virtual/pkgconfig" + +PATCHES=( + "${FILESDIR}"/${P}-aliasing.patch +) + +src_configure() { + local mycmakeargs=( + -DCMAKE_SKIP_RPATH=ON # needed, causes QA warnings otherwise + -DCANONICAL_PREFIXES=ON #661942 + ) + cmake_src_configure +} + +src_install() { + cmake_src_install + + dobin "${BUILD_DIR}"/woff2_compress + dobin "${BUILD_DIR}"/woff2_decompress + dobin "${BUILD_DIR}"/woff2_info + + einstalldocs +}
