Hello community, here is the log from the commit of package graphite2 for openSUSE:Factory checked in at 2018-03-20 21:52:09 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/graphite2 (Old) and /work/SRC/openSUSE:Factory/.graphite2.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "graphite2" Tue Mar 20 21:52:09 2018 rev:25 rq:587898 version:1.3.11 Changes: -------- --- /work/SRC/openSUSE:Factory/graphite2/graphite2.changes 2018-02-21 14:06:16.189426685 +0100 +++ /work/SRC/openSUSE:Factory/.graphite2.new/graphite2.changes 2018-03-20 21:52:10.599361454 +0100 @@ -1,0 +2,20 @@ +Fri Mar 16 12:58:15 UTC 2018 - [email protected] + +- Use python3 everywhere +- Drop fonttools test dep as it pulls TON of py3 packages + +------------------------------------------------------------------- +Mon Mar 12 13:13:26 UTC 2018 - [email protected] + +- Update to 1.3.11: +- removed patches (upstreamed or not needed) + * gcc8.patch (code commeted out) + * graphite-nonvoid-return.patch (code commented out) + * graphite2-python3_tests.patch (upstreamed) + * graphite2-python3_tests_cornercases.patch (upstreamed +- refreshed patch + * link-gcc-shared.diff +- fixes security issue: CVE-2018-7999 [bsc#1084850] + + graphite2-CVE-2018-7999.patch + +------------------------------------------------------------------- Old: ---- gcc8.patch graphite-nonvoid-return.patch graphite2-1.3.10.tar.gz graphite2-python3_tests.patch graphite2-python3_tests_cornercases.patch New: ---- graphite2-1.3.11.tar.gz graphite2-CVE-2018-7999.patch ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ graphite2.spec ++++++ --- /var/tmp/diff_new_pack.LSWxEI/_old 2018-03-20 21:52:11.775319108 +0100 +++ /var/tmp/diff_new_pack.LSWxEI/_new 2018-03-20 21:52:11.779318964 +0100 @@ -18,7 +18,7 @@ %define libname libgraphite2-3 Name: graphite2 -Version: 1.3.10 +Version: 1.3.11 Release: 0 Summary: Font rendering capabilities for complex non-Roman writing systems License: LGPL-2.1-or-later OR MPL-2.0+ @@ -27,24 +27,15 @@ Source0: https://github.com/silnrsi/graphite/archive/%{version}.tar.gz#/%{name}-%{version}.tar.gz Source1: baselibs.conf Patch0: graphite2-1.2.0-cmakepath.patch -Patch1: graphite-nonvoid-return.patch Patch2: link-gcc-shared.diff -Patch3: graphite2-python3_tests.patch -Patch4: graphite2-python3_tests_cornercases.patch -Patch5: gcc8.patch +Patch3: graphite2-CVE-2018-7999.patch BuildRequires: cmake BuildRequires: fontconfig-devel -# Required for tests -BuildRequires: fonttools BuildRequires: freetype2-devel BuildRequires: gcc-c++ BuildRequires: glib2-devel BuildRequires: pkgconfig -%if %{suse_version} >= 1330 BuildRequires: python3-base -%else -BuildRequires: python-base -%endif %description Graphite2 is a project within SIL's Non-Roman Script Initiative and Language @@ -85,18 +76,14 @@ %prep %setup -q -n graphite-%{version} %patch0 -p1 -%patch1 -p1 %patch2 -p1 %patch3 -p1 -%patch4 -p1 -%patch5 -p1 -%build # Make sure to use python3 everywhere -%if %{suse_version} >= 1330 find tests -type f -exec sed -i "s|python|python3|g" {} + find . -name *.cmake -exec sed -i "s|python|python3|g" {} + -%endif + +%build %cmake \ -DGRAPHITE2_COMPARE_RENDERER=OFF \ -DGRAPHITE2_NTRACING=ON \ @@ -112,7 +99,10 @@ find %{buildroot} -type f -name "*.la" -delete -print %check -%ctest +# exclude tests based on fonttool +cd build +ctest --output-on-failure --force-new-ctest-process %{?_smp_mflags} \ + -E "padaukcmp1|chariscmp1|chariscmp2|annacmp1|schercmp1|awamicmp1|awamicmp2" %post -n %{libname} -p /sbin/ldconfig %postun -n %{libname} -p /sbin/ldconfig ++++++ graphite2-1.3.10.tar.gz -> graphite2-1.3.11.tar.gz ++++++ ++++ 4081 lines of diff (skipped) ++++++ graphite2-CVE-2018-7999.patch ++++++ --- a/include/graphite2/Font.h +++ b/include/graphite2/Font.h @@ -56,7 +56,7 @@ GR2_API void gr_engine_version(int *nMajor, int *nMinor, int *nBugFix); enum gr_face_options { /** No preload, no cmap caching, fail if the graphite tables are invalid */ gr_face_default = 0, - /** Dumb rendering will be enabled if the graphite tables are invalid */ + /** Dumb rendering will be enabled if the graphite tables are invalid. DEPRECATED. */ gr_face_dumbRendering = 1, /** preload glyphs at construction time */ gr_face_preloadGlyphs = 2, diff --git a/src/GlyphCache.cpp b/src/GlyphCache.cpp index c4ab807b..1acf7f98 100644 --- a/src/GlyphCache.cpp +++ b/src/GlyphCache.cpp @@ -84,7 +84,7 @@ const SlantBox SlantBox::empty = {0,0,0,0}; class GlyphCache::Loader { public: - Loader(const Face & face, const bool dumb_font); //return result indicates success. Do not use if failed. + Loader(const Face & face); //return result indicates success. Do not use if failed. operator bool () const throw(); unsigned short int units_per_em() const throw(); @@ -115,7 +115,7 @@ class GlyphCache::Loader GlyphCache::GlyphCache(const Face & face, const uint32 face_options) -: _glyph_loader(new Loader(face, bool(face_options & gr_face_dumbRendering))), +: _glyph_loader(new Loader(face)), _glyphs(_glyph_loader && *_glyph_loader && _glyph_loader->num_glyphs() ? grzeroalloc<const GlyphFace *>(_glyph_loader->num_glyphs()) : 0), _boxes(_glyph_loader && _glyph_loader->has_boxes() && _glyph_loader->num_glyphs() @@ -239,7 +239,7 @@ const GlyphFace *GlyphCache::glyph(unsigned short glyphid) const //result m -GlyphCache::Loader::Loader(const Face & face, const bool dumb_font) +GlyphCache::Loader::Loader(const Face & face) : _head(face, Tag::head), _hhea(face, Tag::hhea), _hmtx(face, Tag::hmtx), @@ -265,52 +265,49 @@ GlyphCache::Loader::Loader(const Face & face, const bool dumb_font) return; } - if (!dumb_font) + if ((m_pGlat = Face::Table(face, Tag::Glat, 0x00030000)) == NULL + || (m_pGloc = Face::Table(face, Tag::Gloc)) == NULL + || m_pGloc.size() < 8) { - if ((m_pGlat = Face::Table(face, Tag::Glat, 0x00030000)) == NULL - || (m_pGloc = Face::Table(face, Tag::Gloc)) == NULL - || m_pGloc.size() < 8) - { - _head = Face::Table(); - return; - } - const byte * p = m_pGloc; - int version = be::read<uint32>(p); - const uint16 flags = be::read<uint16>(p); - _num_attrs = be::read<uint16>(p); - // We can accurately calculate the number of attributed glyphs by - // subtracting the length of the attribids array (numAttribs long if present) - // and dividing by either 2 or 4 depending on shor or lonf format - _long_fmt = flags & 1; - int tmpnumgattrs = (m_pGloc.size() - - (p - m_pGloc) - - sizeof(uint16)*(flags & 0x2 ? _num_attrs : 0)) - / (_long_fmt ? sizeof(uint32) : sizeof(uint16)) - 1; - - if (version >= 0x00020000 || tmpnumgattrs < 0 || tmpnumgattrs > 65535 - || _num_attrs == 0 || _num_attrs > 0x3000 // is this hard limit appropriate? - || _num_glyphs_graphics > tmpnumgattrs - || m_pGlat.size() < 4) - { - _head = Face::Table(); - return; - } + _head = Face::Table(); + return; + } + const byte * p = m_pGloc; + int version = be::read<uint32>(p); + const uint16 flags = be::read<uint16>(p); + _num_attrs = be::read<uint16>(p); + // We can accurately calculate the number of attributed glyphs by + // subtracting the length of the attribids array (numAttribs long if present) + // and dividing by either 2 or 4 depending on shor or lonf format + _long_fmt = flags & 1; + int tmpnumgattrs = (m_pGloc.size() + - (p - m_pGloc) + - sizeof(uint16)*(flags & 0x2 ? _num_attrs : 0)) + / (_long_fmt ? sizeof(uint32) : sizeof(uint16)) - 1; + + if (version >= 0x00020000 || tmpnumgattrs < 0 || tmpnumgattrs > 65535 + || _num_attrs == 0 || _num_attrs > 0x3000 // is this hard limit appropriate? + || _num_glyphs_graphics > tmpnumgattrs + || m_pGlat.size() < 4) + { + _head = Face::Table(); + return; + } - _num_glyphs_attributes = static_cast<unsigned short>(tmpnumgattrs); - p = m_pGlat; - version = be::read<uint32>(p); - if (version >= 0x00040000 || (version >= 0x00030000 && m_pGlat.size() < 8)) // reject Glat tables that are too new - { - _head = Face::Table(); - return; - } - else if (version >= 0x00030000) - { - unsigned int glatflags = be::read<uint32>(p); - _has_boxes = glatflags & 1; - // delete this once the compiler is fixed - _has_boxes = true; - } + _num_glyphs_attributes = static_cast<unsigned short>(tmpnumgattrs); + p = m_pGlat; + version = be::read<uint32>(p); + if (version >= 0x00040000 || (version >= 0x00030000 && m_pGlat.size() < 8)) // reject Glat tables that are too new + { + _head = Face::Table(); + return; + } + else if (version >= 0x00030000) + { + unsigned int glatflags = be::read<uint32>(p); + _has_boxes = glatflags & 1; + // delete this once the compiler is fixed + _has_boxes = true; } } diff --git a/src/gr_face.cpp b/src/gr_face.cpp index 65a4b117..e69c7fbe 100644 --- a/src/gr_face.cpp +++ b/src/gr_face.cpp @@ -47,8 +47,7 @@ namespace telemetry::category _misc_cat(face.tele.misc); #endif Face::Table silf(face, Tag::Silf, 0x00050000); - if (silf) options &= ~gr_face_dumbRendering; - else if (!(options & gr_face_dumbRendering)) + if (!silf) return false; if (!face.readGlyphs(options)) @@ -74,7 +73,7 @@ namespace return true; } else - return options & gr_face_dumbRendering; + return false; } } diff --git a/tests/featuremap/CMakeLists.txt b/tests/featuremap/CMakeLists.txt index fc57f96c..a438f66c 100644 --- a/tests/featuremap/CMakeLists.txt +++ b/tests/featuremap/CMakeLists.txt @@ -20,7 +20,7 @@ if (GRAPHITE2_ASAN) endif (GRAPHITE2_ASAN) target_link_libraries(featuremaptest graphite2 graphite2-base graphite2-segcache graphite2-base) -add_test(NAME featuremaptest COMMAND $<TARGET_FILE:featuremaptest> ${testing_SOURCE_DIR}/fonts/tiny.ttf) +add_test(NAME featuremaptest COMMAND $<TARGET_FILE:featuremaptest> ${testing_SOURCE_DIR}/fonts/small.ttf) set_tests_properties(featuremaptest PROPERTIES TIMEOUT 3) if (GRAPHITE2_ASAN) set_property(TEST featuremaptest APPEND PROPERTY ENVIRONMENT "ASAN_SYMBOLIZER_PATH=${ASAN_SYMBOLIZER}") diff --git a/tests/featuremap/featuremaptest.cpp b/tests/featuremap/featuremaptest.cpp index fcd9b873..a9aa497f 100644 --- a/tests/featuremap/featuremaptest.cpp +++ b/tests/featuremap/featuremaptest.cpp @@ -243,7 +243,7 @@ template <class T> void testFeatTable(const T & table, const char * testName) { FeatureMap testFeatureMap; dummyFace.replace_table(TtfUtil::Tag::Feat, &table, sizeof(T)); - gr_face * face = gr_make_face_with_ops(&dummyFace, &face_handle::ops, gr_face_dumbRendering); + gr_face * face = gr_make_face_with_ops(&dummyFace, &face_handle::ops, 0); if (!face) throw std::runtime_error("failed to load font"); bool readStatus = testFeatureMap.readFeats(*face); testAssert("readFeats", readStatus); @@ -285,9 +285,8 @@ int main(int argc, char * argv[]) // test a bad settings offset stradling the end of the table FeatureMap testFeatureMap; dummyFace.replace_table(TtfUtil::Tag::Feat, &testBadOffset, sizeof testBadOffset); - face = gr_make_face_with_ops(&dummyFace, &face_handle::ops, gr_face_dumbRendering); - bool readStatus = testFeatureMap.readFeats(*face); - testAssert("fail gracefully on bad table", !readStatus); + face = gr_make_face_with_ops(&dummyFace, &face_handle::ops, 0); + testAssert("fail gracefully on bad table", !face); } catch (std::exception & e) { diff --git a/tests/vm/CMakeLists.txt b/tests/vm/CMakeLists.txt index 4a0b8231..24fbd3b8 100644 --- a/tests/vm/CMakeLists.txt +++ b/tests/vm/CMakeLists.txt @@ -41,7 +41,7 @@ if (${CMAKE_SYSTEM_NAME} STREQUAL "Linux") endif ("${CMAKE_BUILD_TYPE}" STREQUAL "Release") endif (${CMAKE_SYSTEM_NAME} STREQUAL "Linux") -add_test(vm-test-call-threading vm-test-call ${testing_SOURCE_DIR}/fonts/tiny.ttf 1) +add_test(vm-test-call-threading vm-test-call ${testing_SOURCE_DIR}/fonts/small.ttf 1) set_tests_properties(vm-test-call-threading PROPERTIES PASS_REGULAR_EXPRESSION "simple program size: 14 bytes.*result of program: 42" FAIL_REGULAR_EXPRESSION "program terminated early;stack not empty") @@ -51,7 +51,7 @@ if (GRAPHITE2_ASAN) endif (GRAPHITE2_ASAN) if (${CMAKE_COMPILER_IS_GNUCXX}) - add_test(vm-test-direct-threading vm-test-direct ${testing_SOURCE_DIR}/fonts/tiny.ttf 1) + add_test(vm-test-direct-threading vm-test-direct ${testing_SOURCE_DIR}/fonts/small.ttf 1) set_tests_properties(vm-test-direct-threading PROPERTIES PASS_REGULAR_EXPRESSION "simple program size: 14 bytes.*result of program: 42" FAIL_REGULAR_EXPRESSION "program terminated early;stack not empty") ++++++ link-gcc-shared.diff ++++++ --- /var/tmp/diff_new_pack.LSWxEI/_old 2018-03-20 21:52:13.215267257 +0100 +++ /var/tmp/diff_new_pack.LSWxEI/_new 2018-03-20 21:52:13.223266969 +0100 @@ -1,8 +1,8 @@ -Index: graphite-1.3.10/src/CMakeLists.txt +Index: graphite-1.3.11/src/CMakeLists.txt =================================================================== ---- graphite-1.3.10.orig/src/CMakeLists.txt -+++ graphite-1.3.10/src/CMakeLists.txt -@@ -127,7 +127,7 @@ if (${CMAKE_SYSTEM_NAME} STREQUAL "Linu +--- graphite-1.3.11.orig/src/CMakeLists.txt 2018-03-12 14:07:16.947663510 +0100 ++++ graphite-1.3.11/src/CMakeLists.txt 2018-03-12 14:07:16.959663721 +0100 +@@ -131,7 +131,7 @@ if (${CMAKE_SYSTEM_NAME} STREQUAL "Linu if (GRAPHITE2_ASAN) target_link_libraries(graphite2 c gcc_s) else (GRAPHITE2_ASAN) @@ -10,4 +10,4 @@ + target_link_libraries(graphite2 c gcc_s) endif (GRAPHITE2_ASAN) include(Graphite) - nolib_test(stdc++ $<TARGET_SONAME_FILE:graphite2>) + if (BUILD_SHARED_LIBS)
