poky/meta/recipes-graphics/cairo/cairo/CVE-2019-6461.patch - openbmc/openbmc - Gitiles

 There is a potential infinite-loop in function _arc_error_normalized().

 CVE: CVE-2019-6461
 Upstream-Status: Pending
 Signed-off-by: Ross Burton <ross.burton@intel.com>

 diff --git a/src/cairo-arc.c b/src/cairo-arc.c
 index 390397bae..f9249dbeb 100644
 --- a/src/cairo-arc.c
 +++ b/src/cairo-arc.c
 @@ -99,7 +99,7 @@ _arc_max_angle_for_tolerance_normalized (double tolerance)
      do {
  	angle = M_PI / i++;
  	error = _arc_error_normalized (angle);
 -    } while (error > tolerance);
 +    } while (error > tolerance && error > __DBL_EPSILON__);

      return angle;
  }
	There is a potential infinite-loop in function _arc_error_normalized().

	CVE: CVE-2019-6461
	Upstream-Status: Pending
	Signed-off-by: Ross Burton <ross.burton@intel.com>

	diff --git a/src/cairo-arc.c b/src/cairo-arc.c
	index 390397bae..f9249dbeb 100644
	--- a/src/cairo-arc.c
	+++ b/src/cairo-arc.c
	@@ -99,7 +99,7 @@ _arc_max_angle_for_tolerance_normalized (double tolerance)
	do {
	angle = M_PI / i++;
	error = _arc_error_normalized (angle);
	- } while (error > tolerance);
	+ } while (error > tolerance && error > __DBL_EPSILON__);

	return angle;
	}