1 files changed, 0 insertions, 63 deletions

diff --git a/dev-qt/qtgui/files/qtgui-4.8.6-CVE-2015-1858.patch b/dev-qt/qtgui/files/qtgui-4.8.6-CVE-2015-1858.patch
deleted file mode 100644
index c1aac444a644..000000000000
--- a/dev-qt/qtgui/files/qtgui-4.8.6-CVE-2015-1858.patch
+++ /dev/null
@@ -1,63 +0,0 @@
-From 3e55cd6dc467303a3c35312e9fcb255c2c048b32 Mon Sep 17 00:00:00 2001
-From: Eirik Aavitsland <eirik.aavitsland@theqtcompany.com>
-Date: Wed, 11 Mar 2015 13:34:01 +0100
-Subject: Fixes crash in bmp and ico image decoding
-
-Fuzzing test revealed that for certain malformed bmp and ico files,
-the handler would segfault.
-
-Change-Id: I19d45145f31e7f808f7f6a1a1610270ea4159cbe
-(cherry picked from qtbase/2adbbae5432aa9d8cc41c6fcf55c2e310d2d4078)
-Reviewed-by: Richard J. Moore <rich@kde.org>
----
- src/gui/image/qbmphandler.cpp                | 13 +++++++------
- src/plugins/imageformats/ico/qicohandler.cpp |  2 +-
- 2 files changed, 8 insertions(+), 7 deletions(-)
-
-diff --git a/src/gui/image/qbmphandler.cpp b/src/gui/image/qbmphandler.cpp
-index 30fa9e0..17a880b 100644
---- a/src/gui/image/qbmphandler.cpp
-+++ b/src/gui/image/qbmphandler.cpp
-@@ -478,12 +478,6 @@ static bool read_dib_body(QDataStream &s, const BMP_INFOHDR &bi, int offset, int
-                             p = data + (h-y-1)*bpl;
-                             break;
-                         case 2:                        // delta (jump)
--                            // Protection
--                            if ((uint)x >= (uint)w)
--                                x = w-1;
--                            if ((uint)y >= (uint)h)
--                                y = h-1;
--
-                             {
-                                 quint8 tmp;
-                                 d->getChar((char *)&tmp);
-@@ -491,6 +485,13 @@ static bool read_dib_body(QDataStream &s, const BMP_INFOHDR &bi, int offset, int
-                                 d->getChar((char *)&tmp);
-                                 y += tmp;
-                             }
-+
-+                            // Protection
-+                            if ((uint)x >= (uint)w)
-+                                x = w-1;
-+                            if ((uint)y >= (uint)h)
-+                                y = h-1;
-+
-                             p = data + (h-y-1)*bpl + x;
-                             break;
-                         default:                // absolute mode
-diff --git a/src/plugins/imageformats/ico/qicohandler.cpp b/src/plugins/imageformats/ico/qicohandler.cpp
-index 1a88605..3c34765 100644
---- a/src/plugins/imageformats/ico/qicohandler.cpp
-+++ b/src/plugins/imageformats/ico/qicohandler.cpp
-@@ -571,7 +571,7 @@ QImage ICOReader::iconAt(int index)
-                 QImage::Format format = QImage::Format_ARGB32;
-                 if (icoAttrib.nbits == 24)
-                     format = QImage::Format_RGB32;
--                else if (icoAttrib.ncolors == 2)
-+                else if (icoAttrib.ncolors == 2 && icoAttrib.depth == 1)
-                     format = QImage::Format_Mono;
-                 else if (icoAttrib.ncolors > 0)
-                     format = QImage::Format_Indexed8;
--- 
-cgit v0.11.0
-