[SCM] Qt 4 packaging branch, experimental-snapshots, updated. debian/4.7.3-1-7-g0470728

Fathi Boudra fabo at alioth.debian.org
Sat Jun 11 11:42:42 UTC 2011 

The following commit has been merged in the experimental-snapshots branch:
commit 05b69d5116f77d8d8130ae5fad5d2931b457698b
Author: Modestas Vainius <modestas at vainius.eu>
Date:   Sun Dec 5 12:35:17 2010 +0200

    Fix potential buffer overrun in ALSA QAudioInput implementation.
    
    Thanks to Gregor Herrmann for heads up. (Closes: #603052)
    Patch 0001_backport_e3f1268_alsa_buffer_overrun.diff
    Upstream commit: e3f1268e63064a54215051cf91d5f6b8c8bd4f0f
---
 debian/changelog                                   |    3 +
 .../0001_backport_e3f1268_alsa_buffer_overrun.diff |   86 ++++++++++++++++++++
 debian/patches/series                              |    3 +
 3 files changed, 92 insertions(+), 0 deletions(-)

diff --git a/debian/changelog b/debian/changelog
index 788e299..8310bee 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -59,6 +59,9 @@ qt4-x11 (4:4.7.1-0r1) UNRELEASED; urgency=low
   * Fix formatting error in the qmake-qt4.1 manpage at line 83.
   * Use dh_auto_* wrappers in place of $(MAKE) within debian/rules in order to
     get automatic handling of parallel building settings for these calls.
+  * Backport patch 0001_backport_e3f1268_alsa_buffer_overrun.diff to fix
+    potential buffer overrun in ALSA QAudioInput implementation. Thanks to
+    Gregor Herrmann for heads up. (Closes: #603052)
 
  -- Debian Qt/KDE Maintainers <debian-qt-kde at lists.debian.org>  Wed, 06 Oct 2010 14:55:15 +0200
 
diff --git a/debian/patches/0001_backport_e3f1268_alsa_buffer_overrun.diff b/debian/patches/0001_backport_e3f1268_alsa_buffer_overrun.diff
new file mode 100644
index 0000000..1fcdddf
--- /dev/null
+++ b/debian/patches/0001_backport_e3f1268_alsa_buffer_overrun.diff
@@ -0,0 +1,86 @@
+From: Andrew den Exter <andrew.den-exter at nokia.com>
+Date: Tue, 9 Nov 2010 16:30:32 +1000
+Subject: [PATCH] Fix potential buffer overrun in ALSA QAudioInput implementation.
+Origin: backport commit:e3f1268e63064a54215051cf91d5f6b8c8bd4f0f
+Forwarded: yes
+Bug: http://bugreports.qt.nokia.com/browse/QTBUG-14549
+Bug: http://bugreports.qt.nokia.com/browse/QTBUG-8578
+Bug-Debian: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=603052
+Applied-Upstream: yes
+Reviewed-by: Derick Hawcroft
+Last-Update: 2010-12-05
+
+Don't write more than the supplied max buffer size to the output buffer.
+
+Task-number: QTBUG-14549 QTBUG-8578
+Reviewed-by: Derick Hawcroft
+---
+ src/multimedia/audio/qaudioinput_alsa_p.cpp |   21 ++++++++++++---------
+ 1 files changed, 12 insertions(+), 9 deletions(-)
+
+--- a/src/multimedia/audio/qaudioinput_alsa_p.cpp
++++ b/src/multimedia/audio/qaudioinput_alsa_p.cpp
+@@ -464,19 +464,18 @@ int QAudioInputPrivate::bytesReady() con
+ 
+ qint64 QAudioInputPrivate::read(char* data, qint64 len)
+ {
+-    Q_UNUSED(len)
+-
+     // Read in some audio data and write it to QIODevice, pull mode
+     if ( !handle )
+         return 0;
+ 
+-    bytesAvailable = checkBytesReady();
++    // bytesAvaiable is saved as a side effect of checkBytesReady().
++    int bytesToRead = checkBytesReady();
+ 
+-    if (bytesAvailable < 0) {
++    if (bytesToRead < 0) {
+         // bytesAvailable as negative is error code, try to recover from it.
+-        xrun_recovery(bytesAvailable);
+-        bytesAvailable = checkBytesReady();
+-        if (bytesAvailable < 0) {
++        xrun_recovery(bytesToRead);
++        bytesToRead = checkBytesReady();
++        if (bytesToRead < 0) {
+             // recovery failed must stop and set error.
+             close();
+             errorState = QAudio::IOError;
+@@ -486,9 +485,11 @@ qint64 QAudioInputPrivate::read(char* da
+         }
+     }
+ 
++    bytesToRead = qMin<qint64>(len, bytesToRead);
++    bytesToRead -= bytesToRead % period_size;
+     int count=0, err = 0;
+     while(count < 5) {
+-        int chunks = bytesAvailable/period_size;
++        int chunks = bytesToRead/period_size;
+         int frames = chunks*period_frames;
+         if(frames > (int)buffer_frames)
+             frames = buffer_frames;
+@@ -536,6 +537,7 @@ qint64 QAudioInputPrivate::read(char* da
+                     emit stateChanged(deviceState);
+                 }
+             } else {
++                bytesAvailable -= err;
+                 totalTimeValue += err;
+                 resuming = false;
+                 if (deviceState != QAudio::ActiveState) {
+@@ -548,6 +550,7 @@ qint64 QAudioInputPrivate::read(char* da
+ 
+         } else {
+             memcpy(data,audioBuffer,err);
++            bytesAvailable -= err;
+             totalTimeValue += err;
+             resuming = false;
+             if (deviceState != QAudio::ActiveState) {
+@@ -643,7 +646,7 @@ bool QAudioInputPrivate::deviceReady()
+ {
+     if(pullMode) {
+         // reads some audio data and writes it to QIODevice
+-        read(0,0);
++        read(0, buffer_size);
+     } else {
+         // emits readyRead() so user will call read() on QIODevice to get some audio data
+         InputPrivate* a = qobject_cast<InputPrivate*>(audioSource);
diff --git a/debian/patches/series b/debian/patches/series
index 7ca2fb7..0a551cf 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -1,3 +1,6 @@
+# upstream patches
+0001_backport_e3f1268_alsa_buffer_overrun.diff
+
 # qt-copy patches
 0195-compositing-properties.diff
 0225-invalidate-tabbar-geometry-on-refresh.patch

-- 
Qt 4 packaging

More information about the pkg-kde-commits mailing list