Contents of /trunk/qt/patches/qt-3.3.8-CVE-2007-3388.patch
Parent Directory | Revision Log
Revision 286 -
(show annotations)
(download)
Wed Aug 1 22:18:43 2007 UTC (17 years, 2 months ago) by niro
File size: 6511 byte(s)
Wed Aug 1 22:18:43 2007 UTC (17 years, 2 months ago) by niro
File size: 6511 byte(s)
-security fix
1 | --- //depot/qt/3/src/widgets/qtextedit.cpp Mon Jul 16 10:44:40 CEST 2007 |
2 | +++ //depot/qt/3/src/widgets/qtextedit.cpp Mon Jul 16 10:44:40 CEST 2007 |
3 | |
4 | @@ -6349,7 +6349,7 @@ |
5 | cur = tag->prev; |
6 | if ( !cur ) { |
7 | #ifdef QT_CHECK_RANGE |
8 | - qWarning( "QTextEdit::optimParseTags: no left-tag for '<" + tag->tag + ">' in line %d.", tag->line + 1 ); |
9 | + qWarning( "QTextEdit::optimParseTags: no left-tag for '<%s>' in line %d.", tag->tag.ascii(), tag->line + 1 ); |
10 | #endif |
11 | return; // something is wrong - give up |
12 | } |
13 | @@ -6372,7 +6372,7 @@ |
14 | break; |
15 | } else if ( !cur->leftTag ) { |
16 | #ifdef QT_CHECK_RANGE |
17 | - qWarning( "QTextEdit::optimParseTags: mismatching %s-tag for '<" + cur->tag + ">' in line %d.", cur->tag[0] == '/' ? "left" : "right", cur->line + 1 ); |
18 | + qWarning( "QTextEdit::optimParseTags: mismatching %s-tag for '<%s>' in line %d.", cur->tag[0] == '/' ? "left" : "right", cur->tag.ascii(), cur->line + 1 ); |
19 | #endif |
20 | return; // something is amiss - give up |
21 | } |
22 | --- //depot/qt/3/src/sql/qdatatable.cpp Mon Jul 16 10:45:03 CEST 2007 |
23 | +++ //depot/qt/3/src/sql/qdatatable.cpp Mon Jul 16 10:45:03 CEST 2007 |
24 | |
25 | @@ -1043,8 +1043,8 @@ |
26 | return FALSE; |
27 | if ( !sqlCursor()->canInsert() ) { |
28 | #ifdef QT_CHECK_RANGE |
29 | - qWarning("QDataTable::insertCurrent: insert not allowed for " + |
30 | - sqlCursor()->name() ); |
31 | + qWarning("QDataTable::insertCurrent: insert not allowed for %s", |
32 | + sqlCursor()->name().latin1() ); |
33 | #endif |
34 | endInsert(); |
35 | return FALSE; |
36 | @@ -1117,16 +1117,16 @@ |
37 | return FALSE; |
38 | if ( sqlCursor()->primaryIndex().count() == 0 ) { |
39 | #ifdef QT_CHECK_RANGE |
40 | - qWarning("QDataTable::updateCurrent: no primary index for " + |
41 | - sqlCursor()->name() ); |
42 | + qWarning("QDataTable::updateCurrent: no primary index for %s", |
43 | + sqlCursor()->name().latin1() ); |
44 | #endif |
45 | endUpdate(); |
46 | return FALSE; |
47 | } |
48 | if ( !sqlCursor()->canUpdate() ) { |
49 | #ifdef QT_CHECK_RANGE |
50 | - qWarning("QDataTable::updateCurrent: updates not allowed for " + |
51 | - sqlCursor()->name() ); |
52 | + qWarning("QDataTable::updateCurrent: updates not allowed for %s", |
53 | + sqlCursor()->name().latin1() ); |
54 | #endif |
55 | endUpdate(); |
56 | return FALSE; |
57 | @@ -1191,8 +1191,8 @@ |
58 | return FALSE; |
59 | if ( sqlCursor()->primaryIndex().count() == 0 ) { |
60 | #ifdef QT_CHECK_RANGE |
61 | - qWarning("QDataTable::deleteCurrent: no primary index " + |
62 | - sqlCursor()->name() ); |
63 | + qWarning("QDataTable::deleteCurrent: no primary index %s", |
64 | + sqlCursor()->name().latin1() ); |
65 | #endif |
66 | return FALSE; |
67 | } |
68 | |
69 | --- //depot/qt/3/src/sql/qsqldatabase.cpp Mon Jul 16 10:45:03 CEST 2007 |
70 | +++ //depot/qt/3/src/sql/qsqldatabase.cpp Mon Jul 16 10:45:03 CEST 2007 |
71 | |
72 | @@ -234,7 +234,8 @@ |
73 | db->open(); |
74 | #ifdef QT_CHECK_RANGE |
75 | if ( !db->isOpen() ) |
76 | - qWarning("QSqlDatabaseManager::database: unable to open database: " + db->lastError().databaseText() + ": " + db->lastError().driverText() ); |
77 | + qWarning("QSqlDatabaseManager::database: unable to open database: %s: %s", |
78 | + db->lastError().databaseText().latin1(), db->lastError().driverText().latin1() ); |
79 | #endif |
80 | } |
81 | return db; |
82 | @@ -686,7 +687,7 @@ |
83 | if ( !d->driver ) { |
84 | #ifdef QT_CHECK_RANGE |
85 | qWarning( "QSqlDatabase: %s driver not loaded", type.latin1() ); |
86 | - qWarning( "QSqlDatabase: available drivers: " + drivers().join(" ") ); |
87 | + qWarning( "QSqlDatabase: available drivers: %s", drivers().join(" ").latin1() ); |
88 | #endif |
89 | d->driver = new QNullDriver(); |
90 | d->driver->setLastError( QSqlError( "Driver not loaded", "Driver not loaded" ) ); |
91 | |
92 | --- //depot/qt/3/src/sql/qsqlindex.cpp Mon Jul 16 10:45:03 CEST 2007 |
93 | +++ //depot/qt/3/src/sql/qsqlindex.cpp Mon Jul 16 10:45:03 CEST 2007 |
94 | |
95 | @@ -273,7 +273,7 @@ |
96 | if ( field ) |
97 | newSort.append( *field, desc ); |
98 | else |
99 | - qWarning( "QSqlIndex::fromStringList: unknown field: '" + f + "'" ); |
100 | + qWarning( "QSqlIndex::fromStringList: unknown field: '%s'", f.latin1()); |
101 | } |
102 | return newSort; |
103 | } |
104 | |
105 | --- //depot/qt/3/src/sql/qsqlrecord.cpp Mon Jul 16 10:45:03 CEST 2007 |
106 | +++ //depot/qt/3/src/sql/qsqlrecord.cpp Mon Jul 16 10:45:03 CEST 2007 |
107 | |
108 | @@ -298,7 +298,7 @@ |
109 | return i; |
110 | } |
111 | #ifdef QT_CHECK_RANGE |
112 | - qWarning( "QSqlRecord::position: unable to find field " + name ); |
113 | + qWarning( "QSqlRecord::position: unable to find field %s", name.latin1() ); |
114 | #endif |
115 | return -1; |
116 | } |
117 | @@ -313,7 +313,7 @@ |
118 | checkDetach(); |
119 | if ( !sh->d->contains( i ) ) { |
120 | #ifdef QT_CHECK_RANGE |
121 | - qWarning( "QSqlRecord::field: index out of range: " + QString::number( i ) ); |
122 | + qWarning( "QSqlRecord::field: index out of range: %d", i ); |
123 | #endif |
124 | return 0; |
125 | } |
126 | @@ -344,7 +344,7 @@ |
127 | { |
128 | if ( !sh->d->contains( i ) ) { |
129 | #ifdef QT_CHECK_RANGE |
130 | - qWarning( "QSqlRecord::field: index out of range: " + QString::number( i ) ); |
131 | + qWarning( "QSqlRecord::field: index out of range: %d", i ); |
132 | #endif // QT_CHECK_RANGE |
133 | return 0; |
134 | } |
135 | |
136 | --- //depot/qt/3/src/tools/qglobal.cpp Mon Jul 16 10:45:03 CEST 2007 |
137 | +++ //depot/qt/3/src/tools/qglobal.cpp Mon Jul 16 10:45:03 CEST 2007 |
138 | |
139 | @@ -680,7 +680,7 @@ |
140 | if ( code != -1 ) |
141 | qWarning( "%s\n\tError code %d - %s", msg, code, strerror( code ) ); |
142 | else |
143 | - qWarning( msg ); |
144 | + qWarning( "%s", msg ); |
145 | #endif |
146 | #else |
147 | Q_UNUSED( msg ); |
148 | |
149 | --- //depot/qt/3/src/xml/qsvgdevice.cpp Mon Jul 16 10:45:03 CEST 2007 |
150 | +++ //depot/qt/3/src/xml/qsvgdevice.cpp Mon Jul 16 10:45:03 CEST 2007 |
151 | |
152 | @@ -978,7 +978,7 @@ |
153 | // ### catch references to embedded .svg files |
154 | QPixmap pix; |
155 | if ( !pix.load( href ) ) { |
156 | - qWarning( "QSvgDevice::play: Couldn't load image "+href ); |
157 | + qWarning( "QSvgDevice::play: Couldn't load image %s", href.latin1() ); |
158 | break; |
159 | } |
160 | pt->drawPixmap( QRect( x1, y1, w, h ), pix ); |
161 | @@ -1024,8 +1024,8 @@ |
162 | break; |
163 | } |
164 | case InvalidElement: |
165 | - qWarning( "QSvgDevice::play: unknown element type " + |
166 | - node.nodeName() ); |
167 | + qWarning( "QSvgDevice::play: unknown element type %s", |
168 | + node.nodeName().latin1() ); |
169 | break; |
170 | }; |
171 | |
172 | @@ -1111,7 +1111,7 @@ |
173 | { |
174 | QRegExp reg( QString::fromLatin1("([+-]?\\d*\\.*\\d*[Ee]?[+-]?\\d*)(em|ex|px|%|pt|pc|cm|mm|in|)$") ); |
175 | if ( reg.search( str ) == -1 ) { |
176 | - qWarning( "QSvgDevice::parseLen: couldn't parse " + str ); |
177 | + qWarning( "QSvgDevice::parseLen: couldn't parse %s ", str.latin1() ); |
178 | if ( ok ) |
179 | *ok = FALSE; |
180 | return 0.0; |
181 | @@ -1140,7 +1140,7 @@ |
182 | else if ( u == "pc" ) |
183 | dbl *= m.logicalDpiX() / 6.0; |
184 | else |
185 | - qWarning( "QSvgDevice::parseLen: Unknown unit " + u ); |
186 | + qWarning( "QSvgDevice::parseLen: Unknown unit %s", u.latin1() ); |
187 | } |
188 | if ( ok ) |
189 | *ok = TRUE; |