cairo: fixes a CVE, activates glesv3 on wayland

4 files changed, 189 insertions, 9 deletions

diff --git a/cairo/.signature b/cairo/.signature
index 2a83c8b63..301bc5a9e 100644
--- a/cairo/.signature
+++ b/cairo/.signature
@@ -1,7 +1,9 @@
 untrusted comment: verify with /etc/ports/opt.pub
-RWSE3ohX2g5d/QkehMFqMWovc3NST3g0Zbs+fz3eKyJCDVeErRvWrtWXZu13aBGGqaYnmjYQ277uIJrPbAQFiYoFLSHR5HZn7A4=
-SHA256 (Pkgfile) = 52863419cb709a04a90e7064ba668bc9071bb20980dd474a29cc0bc78075cecf
+RWSE3ohX2g5d/WxTh5ZDThEZJQnninUujKFyYl0r3kf+LE95hQ30R5ebPySfAxyQz85E65znNbTlK0O1bsCBGbEvuNt2GpMx4Ao=
+SHA256 (Pkgfile) = 66251a576754c11a60bc920aa5b5be856f40de9b10f13358ff8ed23b2d932cb4
 SHA256 (.footprint) = b945d5a708013c2c3b534d0349b096b861f32a3ae97d16a38e2c64b0dabadee0
 SHA256 (cairo-1.17.4.tar.xz) = 74b24c1ed436bbe87499179a3b27c43f4143b8676d8ad237a6fa787401959705
 SHA256 (xlib-xcb.diff) = 70cd3783381bf73ea7fccd5c2db43956b10865a9c54d5edd251dbcdb9b595a43
 SHA256 (fix-library-versioning.diff) = ba678534bbfb2ae8d2397b015f77d30719efee7bb7992dbd2c8e5f2fa5fd8efc
+SHA256 (fix-mask-usage-in-image-compositor.patch) = cdfbdc1292629997d5cb39e91c7e577d872634669565e06e37a0130c2da2480a
+SHA256 (fix-pdf-fonts.patch) = a5926f8bca3cb09e41ed8d2a60fb053c4243fdeec2c36c5c7e15d2a784b6ee9a
diff --git a/cairo/Pkgfile b/cairo/Pkgfile
index 79f538957..ac78364d8 100644
--- a/cairo/Pkgfile
+++ b/cairo/Pkgfile
@@ -1,23 +1,31 @@
 # Description: A 2D graphics library with support for multiple output devices
-# URL:         https://www.cairographics.org/
-# Maintainer:  CRUX System Team, core-ports at crux dot nu
-# Depends on:  fontconfig, xorg-libxext, xorg-libxrender, xorg-libpixman, xorg-xcb-util, glib
+# URL: https://www.cairographics.org/
+# Maintainer: CRUX System Team, core-ports at crux dot nu
+# Depends on: fontconfig glib xorg-libpixman xorg-libxext xorg-libxrender xorg-xcb-util
 
 name=cairo
 version=1.17.4
-release=1
+release=2
 source=(https://cairographics.org/snapshots/$name-$version.tar.xz
-	xlib-xcb.diff fix-library-versioning.diff)
+	xlib-xcb.diff fix-library-versioning.diff
+	fix-mask-usage-in-image-compositor.patch fix-pdf-fonts.patch)
 
 build() {
 	patch -p1 -d $name-$version -i $SRC/fix-library-versioning.diff
 	patch -p1 -d $name-$version -i $SRC/xlib-xcb.diff
+	patch -p1 -d $name-$version -i $SRC/fix-mask-usage-in-image-compositor.patch
+	patch -p1 -d $name-$version -i $SRC/fix-pdf-fonts.patch
 
-	meson setup build $name-$version \
+	prt-get isinst wayland-protocols mesa && PKGMK_CAIRO+=' -D gl-backend=glesv3 -D glesv3=enabled'
+
+	meson setup build $name-$version $PKGMK_CAIRO \
 		--prefix=/usr \
 		--buildtype=plain \
-		-D spectre=disabled \
+		--wrap-mode nodownload \
+		-D b_lto=true \
+		-D b_pie=true \
 		-D tee=enabled \
+		-D spectre=disabled \
 		-D tests=disabled
 	meson compile -C build
 	DESTDIR=$PKG meson install -C build
diff --git a/cairo/fix-mask-usage-in-image-compositor.patch b/cairo/fix-mask-usage-in-image-compositor.patch
new file mode 100644
index 000000000..3ec4f1e47
--- /dev/null
+++ b/cairo/fix-mask-usage-in-image-compositor.patch
@@ -0,0 +1,112 @@
+From 03a820b173ed1fdef6ff14b4468f5dbc02ff59be Mon Sep 17 00:00:00 2001
+From: Heiko Lewin <heiko.lewin@worldiety.de>
+Date: Tue, 15 Dec 2020 16:48:19 +0100
+Subject: [PATCH] Fix mask usage in image-compositor
+
+---
+ src/cairo-image-compositor.c                |   8 ++--
+ test/Makefile.sources                       |   1 +
+ test/bug-image-compositor.c                 |  39 ++++++++++++++++++++
+ 4 files changed, 44 insertions(+), 4 deletions(-)
+ create mode 100644 test/bug-image-compositor.c
+
+diff --git a/src/cairo-image-compositor.c b/src/cairo-image-compositor.c
+index 79ad69f68..4f8aaed99 100644
+--- a/src/cairo-image-compositor.c
++++ b/src/cairo-image-compositor.c
+@@ -2610,14 +2610,14 @@ _inplace_src_spans (void *abstract_renderer, int y, int h,
+ 		    unsigned num_spans)
+ {
+     cairo_image_span_renderer_t *r = abstract_renderer;
+-    uint8_t *m;
++    uint8_t *m, *base = (uint8_t*)pixman_image_get_data(r->mask);
+     int x0;
+ 
+     if (num_spans == 0)
+ 	return CAIRO_STATUS_SUCCESS;
+ 
+     x0 = spans[0].x;
+-    m = r->_buf;
++    m = base;
+     do {
+ 	int len = spans[1].x - spans[0].x;
+ 	if (len >= r->u.composite.run_length && spans[0].coverage == 0xff) {
+@@ -2655,7 +2655,7 @@ _inplace_src_spans (void *abstract_renderer, int y, int h,
+ 				      spans[0].x, y,
+ 				      spans[1].x - spans[0].x, h);
+ 
+-	    m = r->_buf;
++	    m = base;
+ 	    x0 = spans[1].x;
+ 	} else if (spans[0].coverage == 0x0) {
+ 	    if (spans[0].x != x0) {
+@@ -2684,7 +2684,7 @@ _inplace_src_spans (void *abstract_renderer, int y, int h,
+ #endif
+ 	    }
+ 
+-	    m = r->_buf;
++	    m = base;
+ 	    x0 = spans[1].x;
+ 	} else {
+ 	    *m++ = spans[0].coverage;
+diff --git a/test/Makefile.sources b/test/Makefile.sources
+index 7eb73647f..86494348d 100644
+--- a/test/Makefile.sources
++++ b/test/Makefile.sources
+@@ -34,6 +34,7 @@ test_sources = \
+ 	bug-source-cu.c					\
+ 	bug-extents.c					\
+ 	bug-seams.c					\
++	bug-image-compositor.c				\
+ 	caps.c						\
+ 	checkerboard.c					\
+ 	caps-joins.c					\
+diff --git a/test/bug-image-compositor.c b/test/bug-image-compositor.c
+new file mode 100644
+index 000000000..fc4fd370b
+--- /dev/null
++++ b/test/bug-image-compositor.c
+@@ -0,0 +1,39 @@
++#include "cairo-test.h"
++
++static cairo_test_status_t
++draw (cairo_t *cr, int width, int height)
++{
++    cairo_set_source_rgb (cr, 0., 0., 0.);
++    cairo_paint (cr);
++
++    cairo_set_source_rgb (cr, 1., 1., 1.);
++    cairo_set_line_width (cr, 1.);
++
++    cairo_pattern_t *p = cairo_pattern_create_linear (0, 0, width, height);
++    cairo_pattern_add_color_stop_rgb (p, 0, 0.99, 1, 1);
++    cairo_pattern_add_color_stop_rgb (p, 1, 1, 1, 1);
++    cairo_set_source (cr, p);
++
++    cairo_move_to (cr, 0.5, -1);
++    for (int i = 0; i < width; i+=3) {
++	cairo_rel_line_to (cr, 2, 2);
++	cairo_rel_line_to (cr, 1, -2);
++    }
++
++    cairo_set_operator (cr, CAIRO_OPERATOR_SOURCE);
++    cairo_stroke (cr);
++
++    cairo_pattern_destroy(p);
++
++    return CAIRO_TEST_SUCCESS;
++}
++
++
++CAIRO_TEST (bug_image_compositor,
++	    "Crash in image-compositor",
++	    "stroke, stress", /* keywords */
++	    NULL, /* requirements */
++	    10000, 1,
++	    NULL, draw)
++	    
++	    
+
+-- 
+GitLab
+
diff --git a/cairo/fix-pdf-fonts.patch b/cairo/fix-pdf-fonts.patch
new file mode 100644
index 000000000..d5cfe2f22
--- /dev/null
+++ b/cairo/fix-pdf-fonts.patch
@@ -0,0 +1,58 @@
+From a3b69a0215fdface0fd5730872a4b3242d979dca Mon Sep 17 00:00:00 2001
+From: Uli Schlachter <psychon@znc.in>
+Date: Tue, 9 Feb 2021 16:54:35 +0100
+Subject: [PATCH] pdf font subset: Generate valid font names
+
+A hash value is encoded in base 26 with upper case letters for font
+names.
+
+Commit ed984146 replaced "numerator = abs (hash);" with "numerator =
+hash;" in this code, because hash has type uint32_t and the compiler
+warned about taking the absolute value of an unsigned value.  However,
+abs() is actually defined to take an int argument. Thus, there was some
+implicit cast.
+
+Since numerator has type long, i.e. is signed, it is now actually
+possible to get an overflow in the implicit cast and then have a
+negative number. The following code is not prepared for this and
+produces non-letters when encoding the hash.
+
+This commit fixes that problem by not using ldiv() and instead using /
+and % to directly compute the needed values. This gets rid of the need
+to convert to type long. Since now everything works with uint32_t, there
+is no more chance for negative numbers messing things up.
+
+Fixes: https://gitlab.freedesktop.org/cairo/cairo/-/issues/449
+Signed-off-by: Uli Schlachter <psychon@znc.in>
+---
+ src/cairo-pdf-surface.c | 8 ++------
+ 1 file changed, 2 insertions(+), 6 deletions(-)
+
+diff --git a/src/cairo-pdf-surface.c b/src/cairo-pdf-surface.c
+index 6da460878..52c49b6d2 100644
+--- a/src/cairo-pdf-surface.c
++++ b/src/cairo-pdf-surface.c
+@@ -5310,18 +5310,14 @@ _create_font_subset_tag (cairo_scaled_font_subset_t	*font_subset,
+ {
+     uint32_t hash;
+     int i;
+-    long numerator;
+-    ldiv_t d;
+ 
+     hash = _hash_data ((unsigned char *) font_name, strlen(font_name), 0);
+     hash = _hash_data ((unsigned char *) (font_subset->glyphs),
+ 		       font_subset->num_glyphs * sizeof(unsigned long), hash);
+ 
+-    numerator = hash;
+     for (i = 0; i < 6; i++) {
+-	d = ldiv (numerator, 26);
+-	numerator = d.quot;
+-        tag[i] = 'A' + d.rem;
++	tag[i] = 'A' + (hash % 26);
++	hash /= 26;
+     }
+     tag[i] = 0;
+ }
+-- 
+GitLab
+