<pre style='margin:0'>
Marius Schamschula (Schamschula) pushed a commit to branch master
in repository macports-ports.
</pre>
<p><a href="https://github.com/macports/macports-ports/commit/f34f9bbfbfcdbcfd2855bf89e50738b29bc26906">https://github.com/macports/macports-ports/commit/f34f9bbfbfcdbcfd2855bf89e50738b29bc26906</a></p>
<pre style="white-space: pre; background: #F8F8F8">The following commit(s) were added to refs/heads/master by this push:
<span style='display:block; white-space:pre;color:#404040;'> new f34f9bbfbfc qt5: fix patch line-endings
</span>f34f9bbfbfc is described below
<span style='display:block; white-space:pre;color:#808000;'>commit f34f9bbfbfcdbcfd2855bf89e50738b29bc26906
</span>Author: Marius Schamschula <mschamschula@gmail.com>
AuthorDate: Wed Jun 7 10:36:31 2023 -0500
<span style='display:block; white-space:pre;color:#404040;'> qt5: fix patch line-endings
</span>---
aqua/qt5/files/CVE-2023-33285-qtbase-5.15.diff | 133 ++++++++++++-------------
1 file changed, 65 insertions(+), 68 deletions(-)
<span style='display:block; white-space:pre;color:#808080;'>diff --git a/aqua/qt5/files/CVE-2023-33285-qtbase-5.15.diff b/aqua/qt5/files/CVE-2023-33285-qtbase-5.15.diff
</span><span style='display:block; white-space:pre;color:#808080;'>index 3ecfd3b3015..f3932857b8d 100644
</span><span style='display:block; white-space:pre;background:#e0e0ff;'>--- a/aqua/qt5/files/CVE-2023-33285-qtbase-5.15.diff
</span><span style='display:block; white-space:pre;background:#e0e0ff;'>+++ b/aqua/qt5/files/CVE-2023-33285-qtbase-5.15.diff
</span><span style='display:block; white-space:pre;background:#e0e0e0;'>@@ -1,68 +1,65 @@
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>---- src/network/kernel/qdnslookup_unix.cpp.orig
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+++ src/network/kernel/qdnslookup_unix.cpp
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-@@ -227,7 +227,6 @@ void QDnsLookupRunnable::query(const int requestType, const QByteArray &requestN
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- // responseLength in case of error, we still can extract the
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- // exact error code from the response.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- HEADER *header = (HEADER*)response;
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- const int answerCount = ntohs(header->ancount);
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- switch (header->rcode) {
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- case NOERROR:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- break;
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-@@ -260,18 +259,31 @@ void QDnsLookupRunnable::query(const int requestType, const QByteArray &requestN
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- return;
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- }
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- // Skip the query host, type (2 bytes) and class (2 bytes).
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- char host[PACKETSZ], answer[PACKETSZ];
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- unsigned char *p = response + sizeof(HEADER);
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- int status = local_dn_expand(response, response + responseLength, p, host, sizeof(host));
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if (status < 0) {
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ int status;
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ if (ntohs(header->qdcount) == 1) {
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ // Skip the query host, type (2 bytes) and class (2 bytes).
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ status = local_dn_expand(response, response + responseLength, p, host, sizeof(host));
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ if (status < 0) {
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ reply->error = QDnsLookup::InvalidReplyError;
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ reply->errorString = tr("Could not expand domain name");
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ return;
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ }
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ if ((p - response) + status + 4 >= responseLength)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ header->qdcount = 0xffff; // invalid reply below
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ else
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ p += status + 4;
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ }
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ if (ntohs(header->qdcount) > 1) {
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- reply->error = QDnsLookup::InvalidReplyError;
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- reply->errorString = tr("Could not expand domain name");
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ reply->errorString = tr("Invalid reply received");
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- return;
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- }
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- p += status + 4;
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- // Extract results.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ const int answerCount = ntohs(header->ancount);
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- int answerIndex = 0;
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- while ((p < response + responseLength) && (answerIndex < answerCount)) {
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- status = local_dn_expand(response, response + responseLength, p, host, sizeof(host));
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-@@ -283,6 +295,11 @@ void QDnsLookupRunnable::query(const int requestType, const QByteArray &requestN
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- const QString name = QUrl::fromAce(host);
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- p += status;
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ if ((p - response) + 10 > responseLength) {
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ // probably just a truncated reply, return what we have
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ return;
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ }
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- const quint16 type = (p[0] << 8) | p[1];
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- p += 2; // RR type
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- p += 2; // RR class
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-@@ -290,6 +307,8 @@ void QDnsLookupRunnable::query(const int requestType, const QByteArray &requestN
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- p += 4;
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- const quint16 size = (p[0] << 8) | p[1];
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- p += 2;
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ if ((p - response) + size > responseLength)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ return; // truncated
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- if (type == QDnsLookup::A) {
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- if (size != 4) {
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+--- src/network/kernel/qdnslookup_unix.cpp.orig 2023-04-24 08:43:14
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++++ src/network/kernel/qdnslookup_unix.cpp 2023-06-07 08:58:04
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+@@ -227,7 +227,6 @@
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ // responseLength in case of error, we still can extract the
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ // exact error code from the response.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ HEADER *header = (HEADER*)response;
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- const int answerCount = ntohs(header->ancount);
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ switch (header->rcode) {
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ case NOERROR:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ break;
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+@@ -263,15 +262,29 @@
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ // Skip the query host, type (2 bytes) and class (2 bytes).
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ char host[PACKETSZ], answer[PACKETSZ];
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ unsigned char *p = response + sizeof(HEADER);
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- int status = local_dn_expand(response, response + responseLength, p, host, sizeof(host));
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if (status < 0) {
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ int status;
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ if (ntohs(header->qdcount) == 1) {
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ // Skip the query host, type (2 bytes) and class (2 bytes).
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ status = dn_expand(response, response + responseLength, p, host, sizeof(host));
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ if (status < 0) {
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ reply->error = QDnsLookup::InvalidReplyError;
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ reply->errorString = tr("Could not expand domain name");
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ return;
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ }
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ if ((p - response) + status + 4 >= responseLength)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ header->qdcount = 0xffff; // invalid reply below
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ else
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ p += status + 4;
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ }
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ if (ntohs(header->qdcount) > 1) {
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ reply->error = QDnsLookup::InvalidReplyError;
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- reply->errorString = tr("Could not expand domain name");
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ reply->errorString = tr("Invalid reply received");
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ return;
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ }
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- p += status + 4;
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ // Extract results.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ const int answerCount = ntohs(header->ancount);
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ int answerIndex = 0;
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ while ((p < response + responseLength) && (answerIndex < answerCount)) {
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ status = local_dn_expand(response, response + responseLength, p, host, sizeof(host));
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+@@ -283,6 +296,11 @@
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ const QString name = QUrl::fromAce(host);
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ p += status;
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ if ((p - response) + 10 > responseLength) {
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ // probably just a truncated reply, return what we have
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ return;
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ }
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ const quint16 type = (p[0] << 8) | p[1];
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ p += 2; // RR type
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ p += 2; // RR class
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+@@ -290,6 +308,8 @@
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ p += 4;
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ const quint16 size = (p[0] << 8) | p[1];
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ p += 2;
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ if ((p - response) + size > responseLength)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ return; // truncated
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ if (type == QDnsLookup::A) {
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ if (size != 4) {
</span></pre><pre style='margin:0'>
</pre>