diff --git a/srcpkgs/osg/patches/fix-narrowing.patch b/srcpkgs/osg/patches/fix-narrowing.patch new file mode 100644 index 00000000000..a5c7684a852 --- /dev/null +++ b/srcpkgs/osg/patches/fix-narrowing.patch @@ -0,0 +1,60 @@ +Use short instead of char for the decoding[] table. +Also fix an off-by-one error when checking the upper boundary for value_in. + +--- src/osgDB/ConvertBase64.cpp 2015-07-23 13:14:00.000000000 +0200 ++++ src/osgDB/ConvertBase64.cpp 2016-12-06 14:05:50.435406287 +0100 +@@ -28,10 +28,10 @@ + + int base64_decode_value(char value_in) + { +- static const char decoding[] = {62,-1,-1,-1,63,52,53,54,55,56,57,58,59,60,61,-1,-1,-1,-2,-1,-1,-1,0,1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,-1,-1,-1,-1,-1,-1,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43,44,45,46,47,48,49,50,51}; +- static const char decoding_size = sizeof(decoding); ++ static const short decoding[] = {62,-1,-1,-1,63,52,53,54,55,56,57,58,59,60,61,-1,-1,-1,-2,-1,-1,-1,0,1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,-1,-1,-1,-1,-1,-1,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43,44,45,46,47,48,49,50,51}; ++ static const int decoding_size = sizeof(decoding) / sizeof(decoding[0]); + value_in -= 43; +- if (value_in < 0 || value_in > decoding_size) return -1; ++ if (value_in < 0 || value_in >= decoding_size) return -1; + return decoding[(int)value_in]; + } + +--- src/osgPlugins/osgjs/Base64.cpp 2015-03-09 12:27:26.000000000 +0100 ++++ src/osgPlugins/osgjs/Base64.cpp 2016-12-06 14:27:36.284022097 +0100 +@@ -20,22 +20,22 @@ + + const char _from_table[128] = + { +- -1, -1, -1, -1, -1, -1, -1, -1, // 0 +- -1, -1, -1, -1, -1, -1, -1, -1, // 8 +- -1, -1, -1, -1, -1, -1, -1, -1, // 16 +- -1, -1, -1, -1, -1, -1, -1, -1, // 24 +- -1, -1, -1, -1, -1, -1, -1, -1, // 32 +- -1, -1, -1, 62, -1, -1, -1, 63, // 40 +- 52, 53, 54, 55, 56, 57, 58, 59, // 48 +- 60, 61, -1, -1, -1, 0, -1, -1, // 56 +- -1, 0, 1, 2, 3, 4, 5, 6, // 64 +- 7, 8, 9, 10, 11, 12, 13, 14, // 72 +- 15, 16, 17, 18, 19, 20, 21, 22, // 80 +- 23, 24, 25, -1, -1, -1, -1, -1, // 88 +- -1, 26, 27, 28, 29, 30, 31, 32, // 96 +- 33, 34, 35, 36, 37, 38, 39, 40, // 104 +- 41, 42, 43, 44, 45, 46, 47, 48, // 112 +- 49, 50, 51, -1, -1, -1, -1, -1 // 120 ++ '\xff','\xff','\xff','\xff','\xff','\xff','\xff','\xff', // 0 ++ '\xff','\xff','\xff','\xff','\xff','\xff','\xff','\xff', // 8 ++ '\xff','\xff','\xff','\xff','\xff','\xff','\xff','\xff', // 16 ++ '\xff','\xff','\xff','\xff','\xff','\xff','\xff','\xff', // 24 ++ '\xff','\xff','\xff','\xff','\xff','\xff','\xff','\xff', // 32 ++ '\xff','\xff','\xff', 62,'\xff','\xff','\xff', 63, // 40 ++ 52, 53, 54, 55, 56, 57, 58, 59, // 48 ++ 60, 61,'\xff','\xff','\xff', 0,'\xff','\xff', // 56 ++ '\xff', 0, 1, 2, 3, 4, 5, 6, // 64 ++ 7, 8, 9, 10, 11, 12, 13, 14, // 72 ++ 15, 16, 17, 18, 19, 20, 21, 22, // 80 ++ 23, 24, 25,'\xff','\xff','\xff','\xff','\xff', // 88 ++ '\xff', 26, 27, 28, 29, 30, 31, 32, // 96 ++ 33, 34, 35, 36, 37, 38, 39, 40, // 104 ++ 41, 42, 43, 44, 45, 46, 47, 48, // 112 ++ 49, 50, 51,'\xff','\xff','\xff','\xff','\xff' // 120 + }; + const char* from_table = _from_table; + }