From d69903646d411dff63cf2a14988b679b81075fbb Mon Sep 17 00:00:00 2001 From: Than Ngo Date: Jun 07 2010 13:40:38 +0000 Subject: Unsafe use of rand() in X11 (QTBUG-9793) --- diff --git a/0ebc9783d8ca0c4b27208bbc002c53c52c19ab4c.patch b/0ebc9783d8ca0c4b27208bbc002c53c52c19ab4c.patch new file mode 100644 index 0000000..c995519 --- /dev/null +++ b/0ebc9783d8ca0c4b27208bbc002c53c52c19ab4c.patch @@ -0,0 +1,44 @@ +From 0ebc9783d8ca0c4b27208bbc002c53c52c19ab4c Mon Sep 17 00:00:00 2001 +From: Bradley T. Hughes +Date: Tue, 4 May 2010 16:25:18 +0200 +Subject: [PATCH] Use qrand() instead of rand() + +This only affects X11 code, and are the only 2 places in Qt where rand() is +used instead of qrand(). + +Task-number: QTBUG-9793 +Reviewed-by: TrustMe +--- + src/gui/kernel/qwidget_x11.cpp | 2 +- + src/gui/painting/qpaintengine_x11.cpp | 2 +- + 2 files changed, 2 insertions(+), 2 deletions(-) + +diff --git a/src/gui/kernel/qwidget_x11.cpp b/src/gui/kernel/qwidget_x11.cpp +index 37ac6bf..43f510c 100644 +--- a/src/gui/kernel/qwidget_x11.cpp ++++ b/src/gui/kernel/qwidget_x11.cpp +@@ -3000,7 +3000,7 @@ Picture QX11Data::getSolidFill(int screen, const QColor &c) + return X11->solid_fills[i].picture; + } + // none found, replace one +- int i = rand() % 16; ++ int i = qrand() % 16; + + if (X11->solid_fills[i].screen != screen && X11->solid_fills[i].picture) { + XRenderFreePicture (X11->display, X11->solid_fills[i].picture); +diff --git a/src/gui/painting/qpaintengine_x11.cpp b/src/gui/painting/qpaintengine_x11.cpp +index da48fcb..aef8b80 100644 +--- a/src/gui/painting/qpaintengine_x11.cpp ++++ b/src/gui/painting/qpaintengine_x11.cpp +@@ -315,7 +315,7 @@ static Picture getPatternFill(int screen, const QBrush &b) + return X11->pattern_fills[i].picture; + } + // none found, replace one +- int i = rand() % 16; ++ int i = qrand() % 16; + + if (X11->pattern_fills[i].screen != screen && X11->pattern_fills[i].picture) { + XRenderFreePicture (X11->display, X11->pattern_fills[i].picture); +-- +1.6.1 + diff --git a/qt.spec b/qt.spec index 278c20e..c8e0048 100644 --- a/qt.spec +++ b/qt.spec @@ -13,7 +13,7 @@ Summary: Qt toolkit Name: qt Epoch: 1 Version: 4.6.2 -Release: 19%{?dist} +Release: 20%{?dist} # See LGPL_EXCEPTIONS.txt, LICENSE.GPL3, respectively, for exception details License: LGPLv2 with exceptions or GPLv3 with exceptions @@ -92,6 +92,8 @@ Patch214: qt-everywhere-opensource-src-4.6.2-QTBUG-6932.patch patch215: qt-everywhere-opensource-src-4.6.2-atomic-s390.patch patch216: qt-everywhere-opensource-src-4.6.2-cups-QTBUG-6471.patch Patch217: http://qt.gitorious.org/+kde-developers/qt/kde-qt/commit/55ef01d93f8257b5927660290fc1ead0b2b74ec9.patch +# QTBUG-9793 +Patch218: http://qt.gitorious.org/qt/qt/commit/0ebc9783d8ca0c4b27208bbc002c53c52c19ab4c.patch Source10: http://gstreamer.freedesktop.org/data/images/artwork/gstreamer-logo.svg Source11: hi16-phonon-gstreamer.png @@ -459,6 +461,7 @@ Qt libraries used for drawing widgets and OpenGL items. %patch215 -p1 -b .atomic-s390 %patch216 -p1 -b .cups-QTBUG-6471 %patch217 -p1 -b .QT_GRAPHICSSYSTEM +%patch218 -p1 -b .QTBUG-9793 # drop -fexceptions from $RPM_OPT_FLAGS RPM_OPT_FLAGS=`echo $RPM_OPT_FLAGS | sed 's|-fexceptions||g'` @@ -1054,6 +1057,9 @@ fi %changelog +* Thu May 27 2010 Rex Dieter - 4.6.2-20 +- Unsafe use of rand() in X11 (QTBUG-9793) + * Mon May 17 2010 Rex Dieter - 4.6.2-19 - support QT_GRAPHICSSYSTEM env