Overview

File 0002-Fix-broken-padding-in-BitReader.patch of Package kdegraphics-mobipocket

From a5b423d58133c46791cc53e6d67425366f94b266 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Stefan=20Br=C3=BCns?= <stefan.bruens@rwth-aachen.de>
Date: Fri, 28 Feb 2025 23:24:56 +0100
Subject: [PATCH 2/4] Fix broken padding in BitReader

The overload taking a char* appends the \0 terminated string, i.e.
QByteArray::append("\x0...") is essentially a noop. This causes
out-of-bounds accesses, either causing asserts or reading invalid data.

See https://doc.qt.io/qt-6/qbytearray.html#append-3

SENTRY: OKULAR-AD
SENTRY: BALOO-33
SENTRY: BALOO-43Y
CCBUG: 486853
---
 lib/decompressor.cpp | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/lib/decompressor.cpp b/lib/decompressor.cpp
index 25051cd..8509e7c 100644
--- a/lib/decompressor.cpp
+++ b/lib/decompressor.cpp
@@ -57,7 +57,7 @@ class BitReader
 {
 public:
     BitReader(const QByteArray& d) : pos(0), len(d.size() * 8), data(d) {
-        data.append("\000\000\000\000");    //krazy:exclude=strings
+        data.append(4, '\0');
     }
     
     quint32 read() {
-- 
2.48.1
openSUSE Build Service is sponsored by
Places