From nobody Mon Feb 21 00:26:58 2022
X-Original-To: dev-commits-ports-main@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id D33D519C8B5A;
	Mon, 21 Feb 2022 00:26:58 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
	 client-signature RSA-PSS (4096 bits) client-digest SHA256)
	(Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK))
	by mx1.freebsd.org (Postfix) with ESMTPS id 4K235Z2rKPz4ZXq;
	Mon, 21 Feb 2022 00:26:58 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim;
	t=1645403218;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=BkFl1ZSyFK/cQ+8X62VNeVCzxv9fmmSc58s+KUy3D6E=;
	b=g+RLdqijk6mKVNEWfypYV8zXId3R4phSVhUMYKFUtUcBNPxM2Yh0aGEnGFilW5G9YpuMmF
	cSi+fM3qRl1xW6pyQDlM+K3NOGUWUQEHcNe7xthYMSK9WiFwJ2BMhoQgjkRqkNt9okklCI
	G3gVH6OPJAK6cDHMTx3e/egtmNgf2u5WesdtaOACu7zQAGxlsowcJxE3+UtlvT7+WVcq24
	kKk0gRfeE1l48sanmSLTq/YdTGIHlSl6gZbJDcpRNk3KHMoBvmZlMwKKy/K9rEQB5epzZQ
	MEI8sRUTQIZrE+0/Dc39n2gvGjRPbw+HiLv7zDDD1FDfX6tNJh3cWeVIodEvzA==
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(Client did not present a certificate)
	by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 38CA726609;
	Mon, 21 Feb 2022 00:26:58 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
	by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 21L0QwHM021916;
	Mon, 21 Feb 2022 00:26:58 GMT
	(envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
	by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 21L0QwN0021915;
	Mon, 21 Feb 2022 00:26:58 GMT
	(envelope-from git)
Date: Mon, 21 Feb 2022 00:26:58 GMT
Message-Id: <202202210026.21L0QwN0021915@gitrepo.freebsd.org>
To: ports-committers@FreeBSD.org, dev-commits-ports-all@FreeBSD.org,
        dev-commits-ports-main@FreeBSD.org
From: Adriaan de Groot <adridg@FreeBSD.org>
Subject: git: 7c60f16624be - main - devel/qt5-core: add upstream security patch
List-Id: Commits to the main branch of the FreeBSD ports repository <dev-commits-ports-main.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/dev-commits-ports-main
List-Help: <mailto:dev-commits-ports-main+help@freebsd.org>
List-Post: <mailto:dev-commits-ports-main@freebsd.org>
List-Subscribe: <mailto:dev-commits-ports-main+subscribe@freebsd.org>
List-Unsubscribe: <mailto:dev-commits-ports-main+unsubscribe@freebsd.org>
Sender: owner-dev-commits-ports-main@freebsd.org
X-BeenThere: dev-commits-ports-main@freebsd.org
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: adridg
X-Git-Repository: ports
X-Git-Refname: refs/heads/main
X-Git-Reftype: branch
X-Git-Commit: 7c60f16624be06a178455989e618cc79d1eade6f
Auto-Submitted: auto-generated
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org;
	s=dkim; t=1645403218;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=BkFl1ZSyFK/cQ+8X62VNeVCzxv9fmmSc58s+KUy3D6E=;
	b=Q7+Uu63yedZWmH6XB0WajAR3mVOJnvjf9Yx/jFfFjlYdqtCq/zcXspp77178FGrW0jr1DR
	1OlVod3SJ3HAzLc6hW/eEfLsj78SzoU0KBzHdDozUnazMubM8VhMesaJI0Q9mRQyRQw+ao
	UBjmCn5mZW/UZAcFuvzI1iHlQGEQzRgJhHX+wxK0J7jQDSNz/NyATpnnobBDniw1ncDlQZ
	IbJRLjYU4+rkNpBMWLSA5dHnQRX3g60MJYK8XBdNnSEjc+E1iE7a3TVhFRGQkJ0yG5f1me
	EzvQRNz07zYgxerd1ShLUe8BxlnGQKY3e5DzJWzuYVVVqrqZXETOyD7Dozmw1A==
ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1645403218; a=rsa-sha256; cv=none;
	b=LxZfq8guY3+7i5/xsf0hpeSn45LxtP9YKDN7jAvQrZo9Do0GnSu2Jxw87XxlmkpQXi4C6M
	fflEkY7tFsp0G1P/8u10YZ2+hlf3VM8sNGLu81WjGBY9UB5EBpKZF7JrfbnyoyvCkEaBNL
	mA4cBQuCBgg4aF0CB52aJKQrGTvuarttmA5eNAJc7Gj/OYfOcFf4aZHlo3Sw9hkPmKi/m6
	t6N/6HyPAcWaHwWQ8nUgEYWj7Ikodf/UZK39WyNigT7PZfzQdoLjn22PDf1AmUo+5EAums
	bYwDIxxm4D2dsaybBtiPX/Zx1R/IQrj0wfFB5n1iStmoHFmDb7gWkkAb54li4A==
ARC-Authentication-Results: i=1;
	mx1.freebsd.org;
	none
X-ThisMailContainsUnwantedMimeParts: N

The branch main has been updated by adridg:

URL: https://cgit.FreeBSD.org/ports/commit/?id=7c60f16624be06a178455989e618cc79d1eade6f

commit 7c60f16624be06a178455989e618cc79d1eade6f
Author:     Adriaan de Groot <adridg@FreeBSD.org>
AuthorDate: 2022-02-21 00:26:36 +0000
Commit:     Adriaan de Groot <adridg@FreeBSD.org>
CommitDate: 2022-02-21 00:26:36 +0000

    devel/qt5-core: add upstream security patch
---
 devel/qt5-core/Makefile                            |  1 +
 .../files/patch-CVE-2022-25255-qprocess5-15.diff   | 63 ++++++++++++++++++++++
 2 files changed, 64 insertions(+)

diff --git a/devel/qt5-core/Makefile b/devel/qt5-core/Makefile
index d2b938e1f768..32440f6a5882 100644
--- a/devel/qt5-core/Makefile
+++ b/devel/qt5-core/Makefile
@@ -1,5 +1,6 @@
 PORTNAME=	core
 PORTVERSION=	${QT5_VERSION}${QT5_KDE_PATCH}
+PORTREVISION=	1
 CATEGORIES=	devel
 PKGNAMEPREFIX=	qt5-
 
diff --git a/devel/qt5-core/files/patch-CVE-2022-25255-qprocess5-15.diff b/devel/qt5-core/files/patch-CVE-2022-25255-qprocess5-15.diff
new file mode 100644
index 000000000000..538ab4ead6db
--- /dev/null
+++ b/devel/qt5-core/files/patch-CVE-2022-25255-qprocess5-15.diff
@@ -0,0 +1,63 @@
+This is the patch linked from the announcement
+	https://lists.qt-project.org/pipermail/announce/2022-February/000333.html
+with two changes: in our sources, the copyright year for the
+Qt Company is 2016, the upstream patch says 2021. Changed that
+to make the patch apply. The upstream patch is fetched with
+CRLF line-endings, changed to plain LF.
+
+--- src/corelib/io/qprocess_unix.cpp
++++ src/corelib/io/qprocess_unix.cpp
+@@ -1,7 +1,7 @@
+ /****************************************************************************
+ **
+ ** Copyright (C) 2016 The Qt Company Ltd.
+-** Copyright (C) 2016 Intel Corporation.
++** Copyright (C) 2022 Intel Corporation.
+ ** Contact: https://www.qt.io/licensing/
+ **
+ ** This file is part of the QtCore module of the Qt Toolkit.
+@@ -422,14 +422,15 @@ void QProcessPrivate::startProcess()
+     // Add the program name to the argument list.
+     argv[0] = nullptr;
+     if (!program.contains(QLatin1Char('/'))) {
++        // findExecutable() returns its argument if it's an absolute path,
++        // otherwise it searches $PATH; returns empty if not found (we handle
++        // that case much later)
+         const QString &exeFilePath = QStandardPaths::findExecutable(program);
+-        if (!exeFilePath.isEmpty()) {
+-            const QByteArray &tmp = QFile::encodeName(exeFilePath);
+-            argv[0] = ::strdup(tmp.constData());
+-        }
+-    }
+-    if (!argv[0])
++        const QByteArray &tmp = QFile::encodeName(exeFilePath);
++        argv[0] = ::strdup(tmp.constData());
++    } else {
+         argv[0] = ::strdup(encodedProgramName.constData());
++    }
+
+     // Add every argument to the list
+     for (int i = 0; i < arguments.count(); ++i)
+@@ -983,15 +984,16 @@ bool QProcessPrivate::startDetached(qint64 *pid)
+                 envp = _q_dupEnvironment(environment.d.constData()->vars, &envc);
+             }
+
+-            QByteArray tmp;
+             if (!program.contains(QLatin1Char('/'))) {
++                // findExecutable() returns its argument if it's an absolute path,
++                // otherwise it searches $PATH; returns empty if not found (we handle
++                // that case much later)
+                 const QString &exeFilePath = QStandardPaths::findExecutable(program);
+-                if (!exeFilePath.isEmpty())
+-                    tmp = QFile::encodeName(exeFilePath);
++                const QByteArray &tmp = QFile::encodeName(exeFilePath);
++                argv[0] = ::strdup(tmp.constData());
++            } else {
++                argv[0] = ::strdup(QFile::encodeName(program));
+             }
+-            if (tmp.isEmpty())
+-                tmp = QFile::encodeName(program);
+-            argv[0] = tmp.data();
+
+             if (envp)
+                 qt_safe_execve(argv[0], argv, envp);