[Libreoffice-commits] core.git: external/cairo

Stephan Bergmann (via logerrit) logerrit at kemper.freedesktop.org
Fri Oct 30 19:42:05 UTC 2020


 external/cairo/cairo/san.patch.0 |   50 +++++++++++++++++++++++++++++++++++++++
 1 file changed, 50 insertions(+)

New commits:
commit a499b4eb2ac1bd557dfcd1b00d1bf5916572e6d6
Author:     Stephan Bergmann <sbergman at redhat.com>
AuthorDate: Fri Oct 30 15:57:18 2020 +0100
Commit:     Stephan Bergmann <sbergman at redhat.com>
CommitDate: Fri Oct 30 20:41:25 2020 +0100

    external/cairo: Silence some more UBSan warnings
    
    ...seen when opening an Impress presentation on GNOME/X11:
    
    > cairo-xlib-source.c:570:26: runtime error: left shift of 191 by 24 places cannot be represented in type 'int'
    
    > cairo-xlib-render-compositor.c:1852:17: runtime error: left shift of negative value -186
    
    > cairo-xlib-render-compositor.c:1853:17: runtime error: left shift of negative value -646
    
    > cairo-xlib-surface-shm.c:1157:43: runtime error: member access within null pointer of type 'cairo_xlib_shm_surface_t' (aka 'struct _cairo_xlib_shm_surface')
    
    > cairo-fixed-private.h:252:8: runtime error: left shift of negative value -146048
    
    Change-Id: I93a5706c2ec3f83bc56d75fc92817668eef57fdb
    Reviewed-on: https://gerrit.libreoffice.org/c/core/+/105074
    Tested-by: Jenkins
    Reviewed-by: Stephan Bergmann <sbergman at redhat.com>

diff --git a/external/cairo/cairo/san.patch.0 b/external/cairo/cairo/san.patch.0
index 112741260ec5..9e187240f240 100644
--- a/external/cairo/cairo/san.patch.0
+++ b/external/cairo/cairo/san.patch.0
@@ -9,6 +9,15 @@
  }
  
  /* This is the "magic number" approach to converting a double into fixed
+@@ -249,7 +249,7 @@
+     } else if ((f >> CAIRO_FIXED_FRAC_BITS) > INT16_MAX) {
+ 	x = INT32_MAX;
+     } else {
+-	x = f << (16 - CAIRO_FIXED_FRAC_BITS);
++	x = (uint32_t)f << (16 - CAIRO_FIXED_FRAC_BITS);
+     }
+ 
+     return x;
 --- src/cairo-gstate.c
 +++ src/cairo-gstate.c
 @@ -2297,7 +2297,7 @@
@@ -109,3 +118,44 @@
  #else
  #  define  GRID_AREA_TO_ALPHA(c)  (((c)*255 + GRID_XY/2) / GRID_XY)
  #endif
+--- src/cairo-xlib-render-compositor.c
++++ src/cairo-xlib-render-compositor.c
+@@ -1849,8 +1849,8 @@
+ 	    return _cairo_error (CAIRO_STATUS_NO_MEMORY);
+     }
+ 
+-    dx = -dst_x << 16;
+-    dy = -dst_y << 16;
++    dx = (unsigned)-dst_x << 16;
++    dy = (unsigned)-dst_y << 16;
+     for (i = 0; i < traps->num_traps; i++) {
+ 	cairo_trapezoid_t *t = &traps->traps[i];
+ 
+--- src/cairo-xlib-source.c
++++ src/cairo-xlib-source.c
+@@ -567,7 +567,7 @@
+ {
+     cairo_xlib_display_t *display = dst->display;
+     uint32_t pixel =
+-	color->alpha_short >> 8 << 24 |
++	(uint32_t)(color->alpha_short >> 8) << 24 |
+ 	color->red_short   >> 8 << 16 |
+ 	color->green_short >> 8 << 8 |
+ 	color->blue_short  >> 8 << 0;
+--- src/cairo-xlib-surface-shm.c
++++ src/cairo-xlib-surface-shm.c
+@@ -1152,9 +1152,11 @@
+     cairo_surface_t *surface;
+ 
+     surface = NULL;
+-    if (has_shm (other))
+-	surface = &_cairo_xlib_shm_surface_create (other, format, width, height,
+-						   FALSE, has_shm_pixmaps (other))->image.base;
++    if (has_shm (other)) {
++	cairo_xlib_shm_surface_t * shm_surface = _cairo_xlib_shm_surface_create (other, format, width, height,
++						   FALSE, has_shm_pixmaps (other));
++	if (shm_surface) surface = &shm_surface->image.base;
++    }
+ 
+     return surface;
+ }


More information about the Libreoffice-commits mailing list