Linux SDK: update Qt4 from latest Fedora patches

Qt 4.8.7 is still being maintained by Fedora

tools/jenkins/include/patches/Qt/qt-CVE-2020-17507.patch

@@ -0,0 +1,14 @@
+diff -up qt-everywhere-opensource-src-4.8.7/src/gui/image/qxbmhandler.cpp.me qt-everywhere-opensource-src-4.8.7/src/gui/image/qxbmhandler.cpp
+--- qt-everywhere-opensource-src-4.8.7/src/gui/image/qxbmhandler.cpp.me	2020-08-13 11:20:45.943402169 +0200
++++ qt-everywhere-opensource-src-4.8.7/src/gui/image/qxbmhandler.cpp	2020-08-13 11:21:26.025976881 +0200
+@@ -154,7 +154,9 @@ static bool read_xbm_body(QIODevice *dev
+     w = (w+7)/8;                                // byte width
+
+     while (y < h) {                                // for all encoded bytes...
+-        if (p) {                                // p = "0x.."
++        if (p && p < (buf + readBytes - 3)) {      // p = "0x.."
++            if (!isxdigit(p[2]) || !isxdigit(p[3]))
++                return false;
+             *b++ = hex2byte(p+2);
+             p += 2;
+             if (++x == w && ++y < h) {

tools/jenkins/include/patches/Qt/qt-everywhere-opensource-src-4.8.5-CVE-2020-24741.patch

@@ -0,0 +1,13 @@
+diff --git a/src/corelib/plugin/qlibrary_unix.cpp b/src/corelib/plugin/qlibrary_unix.cpp
+index f0de1010d7b..135b82cd378 100644
+--- a/src/corelib/plugin/qlibrary_unix.cpp
++++ b/src/corelib/plugin/qlibrary_unix.cpp
+@@ -218,6 +218,8 @@ bool QLibraryPrivate::load_sys()
+         for(int suffix = 0; retry && !pHnd && suffix < suffixes.size(); suffix++) {
+             if (!prefixes.at(prefix).isEmpty() && name.startsWith(prefixes.at(prefix)))
+                 continue;
++            if (path.isEmpty() && prefixes.at(prefix).contains(QLatin1Char('/')))
++                continue;
+             if (!suffixes.at(suffix).isEmpty() && name.endsWith(suffixes.at(suffix)))
+                 continue;
+             if (loadHints & QLibrary::LoadArchiveMemberHint) {

tools/jenkins/include/patches/Qt/qt-everywhere-opensource-src-4.8.7-clamp-parsed-doubles-to-float-representtable-values.patch

@@ -0,0 +1,40 @@
+diff -up qt-everywhere-opensource-src-4.8.7/src/svg/qsvghandler.cpp.me qt-everywhere-opensource-src-4.8.7/src/svg/qsvghandler.cpp
+--- qt-everywhere-opensource-src-4.8.7/src/svg/qsvghandler.cpp.me	2021-03-09 14:23:00.636840796 +0100
++++ qt-everywhere-opensource-src-4.8.7/src/svg/qsvghandler.cpp	2021-03-09 21:34:46.240482104 +0100
+@@ -68,6 +68,7 @@
+ #include "private/qmath_p.h"
+
+ #include "float.h"
++#include <cmath>
+
+ QT_BEGIN_NAMESPACE
+
+@@ -630,15 +631,10 @@ static qreal toDouble(const QChar *&str)
+         if (neg)
+             val = -val;
+     } else {
+-#if defined(Q_WS_QWS) && !defined(Q_OS_VXWORKS)
+-        if(sizeof(qreal) == sizeof(float))
+-            val = strtof(temp, 0);
+-        else
+-#endif
+-        {
+-            bool ok = false;
+-            val = qstrtod(temp, 0, &ok);
+-        }
++        val = QByteArray::fromRawData(temp, pos).toDouble();
++        // Do not tolerate values too wild to be represented normally by floats
++        if (std::fpclassify(float(val)) != FP_NORMAL)
++            val = 0;
+     }
+     return val;
+
+@@ -2945,6 +2941,8 @@ static QSvgStyleProperty *createRadialGr
+         ncy = toDouble(cy);
+     if (!r.isEmpty())
+         nr = toDouble(r);
++    if (nr < 0.5)
++        nr = 0.5;
+
+     qreal nfx = ncx;
+     if (!fx.isEmpty())

tools/jenkins/include/patches/Qt/qt-everywhere-opensource-src-4.8.7-gcc11.patch

@@ -0,0 +1,26 @@
+diff --git a/src/3rdparty/webkit/Source/WebCore/html/HTMLImageElement.cpp b/src/3rdparty/webkit/Source/WebCore/html/HTMLImageElement.cpp
+index d66075e4..b51a27ad 100644
+--- a/src/3rdparty/webkit/Source/WebCore/html/HTMLImageElement.cpp
++++ b/src/3rdparty/webkit/Source/WebCore/html/HTMLImageElement.cpp
+@@ -74,7 +74,7 @@ PassRefPtr<HTMLImageElement> HTMLImageElement::createForJSConstructor(Document*
+     RefPtr<HTMLImageElement> image = adoptRef(new HTMLImageElement(imgTag, document));
+     if (optionalWidth)
+         image->setWidth(*optionalWidth);
+-    if (optionalHeight > 0)
++    if (optionalHeight != 0)
+         image->setHeight(*optionalHeight);
+     return image.release();
+ }
+diff --git a/tools/linguist/linguist/messagemodel.cpp b/tools/linguist/linguist/messagemodel.cpp
+index 61c5389f..8d43d14b 100644
+--- a/tools/linguist/linguist/messagemodel.cpp
++++ b/tools/linguist/linguist/messagemodel.cpp
+@@ -183,7 +183,7 @@ static int calcMergeScore(const DataModel *one, const DataModel *two)
+         if (ContextItem *c = one->findContext(oc->context())) {
+             for (int j = 0; j < oc->messageCount(); ++j) {
+                 MessageItem *m = oc->messageItem(j);
+-                if (c->findMessage(m->text(), m->comment()) >= 0)
++                if (c->findMessage(m->text(), m->comment()) != 0)
+                     ++inBoth;
+             }
+         }

tools/jenkins/include/patches/Qt/qt-everywhere-opensource-src-4.8.7-gcc6.patch

@@ -1,24 +1,3 @@
-diff -up qt-everywhere-opensource-src-4.8.7/configure.gcc6 qt-everywhere-opensource-src-4.8.7/configure
---- qt-everywhere-opensource-src-4.8.7/configure.gcc6	2016-04-15 07:04:19.430268222 -0500
-+++ qt-everywhere-opensource-src-4.8.7/configure	2016-04-15 07:05:22.157568689 -0500
-@@ -7744,7 +7744,7 @@ case "$XPLATFORM" in
-     *-g++*)
- 	# Check gcc's version
- 	case "$(${QMAKE_CONF_COMPILER} -dumpversion)" in
--	    5*|4*|3.4*)
-+	    9*|8*|7*|6*|5*|4*|3.4*)
- 		;;
-             3.3*)
-                 canBuildWebKit="no"
-@@ -8060,7 +8060,7 @@ g++*)
-     3.*)
-         COMPILER_VERSION="3.*"
-         ;;
--    5*|4.*)
-+    9*|8*|7*|6*|5*|4.*)
-         COMPILER_VERSION="4"
-         ;;
-     *)
 diff -up qt-everywhere-opensource-src-4.8.7/src/xmlpatterns/api/qcoloroutput_p.h.gcc6 qt-everywhere-opensource-src-4.8.7/src/xmlpatterns/api/qcoloroutput_p.h
 --- qt-everywhere-opensource-src-4.8.7/src/xmlpatterns/api/qcoloroutput_p.h.gcc6	2015-05-07 09:14:48.000000000 -0500
 +++ qt-everywhere-opensource-src-4.8.7/src/xmlpatterns/api/qcoloroutput_p.h	2016-04-15 07:04:19.431268227 -0500

tools/jenkins/include/patches/Qt/qt-everywhere-opensource-src-4.8.7-hardcode-buildkey.patch

@@ -0,0 +1,43 @@
+diff -ur qt-everywhere-opensource-src-4.8.7/configure qt-everywhere-opensource-src-4.8.7-hardcode-buildkey/configure
+--- qt-everywhere-opensource-src-4.8.7/configure	2015-05-07 16:14:56.000000000 +0200
++++ qt-everywhere-opensource-src-4.8.7-hardcode-buildkey/configure	2020-08-19 23:43:10.792653485 +0200
+@@ -7732,18 +7732,6 @@
+ 	canBuildQtXmlPatterns="no"
+ 	;;
+     *-g++*)
+-	# Check gcc's version
+-	case "$(${QMAKE_CONF_COMPILER} -dumpversion)" in
+-	    5*|4*|3.4*)
+-		;;
+-            3.3*)
+-                canBuildWebKit="no"
+-                ;;
+-	    *)
+-		canBuildWebKit="no"
+-		canBuildQtXmlPatterns="no"
+-		;;
+-	esac
+ 	;;
+     solaris-cc*)
+         # Check the compiler version
+@@ -8043,19 +8031,7 @@
+         ;;
+     esac
+
+-    case "$COMPILER_VERSION" in
+-    2.95.*)
+-        COMPILER_VERSION="2.95.*"
+-        ;;
+-    3.*)
+-        COMPILER_VERSION="3.*"
+-        ;;
+-    5*|4.*)
+-        COMPILER_VERSION="4"
+-        ;;
+-    *)
+-        ;;
+-    esac
++    COMPILER_VERSION="4"
+     [ '!' -z "$COMPILER_VERSION" ] && COMPILER="g++-${COMPILER_VERSION}"
+     ;;
+ icc*)

tools/jenkins/include/patches/Qt/qt-everywhere-opensource-src-4.8.7-openssl3.patch

@@ -0,0 +1,90 @@
+diff -up qt-everywhere-opensource-src-4.8.7/src/network/ssl/qsslsocket_openssl.cpp.me qt-everywhere-opensource-src-4.8.7/src/network/ssl/qsslsocket_openssl.cpp
+--- qt-everywhere-opensource-src-4.8.7/src/network/ssl/qsslsocket_openssl.cpp.me	2021-10-19 15:12:03.727951685 +0200
++++ qt-everywhere-opensource-src-4.8.7/src/network/ssl/qsslsocket_openssl.cpp	2021-10-19 15:18:59.795315141 +0200
+@@ -273,7 +273,11 @@ init_context:
+ #endif
+         break;
+     case QSsl::SslV3:
++#ifndef OPENSSL_NO_SSL3
+         ctx = q_SSL_CTX_new(client ? q_SSLv3_client_method() : q_SSLv3_server_method());
++#else
++        ctx = 0;
++#endif
+         break;
+     case QSsl::SecureProtocols: // SslV2 will be disabled below
+     case QSsl::TlsV1SslV3: // SslV2 will be disabled below
+diff -up qt-everywhere-opensource-src-4.8.7/src/network/ssl/qsslsocket_openssl_symbols.cpp.me qt-everywhere-opensource-src-4.8.7/src/network/ssl/qsslsocket_openssl_symbols.cpp
+--- qt-everywhere-opensource-src-4.8.7/src/network/ssl/qsslsocket_openssl_symbols.cpp.me	2021-10-12 19:58:01.005913416 +0200
++++ qt-everywhere-opensource-src-4.8.7/src/network/ssl/qsslsocket_openssl_symbols.cpp	2021-10-19 15:11:32.660331443 +0200
+@@ -253,7 +253,9 @@ DEFINEFUNC(int, SSL_shutdown, SSL *a, a,
+ #ifndef OPENSSL_NO_SSL2
+ DEFINEFUNC(const SSL_METHOD *, SSLv2_client_method, DUMMYARG, DUMMYARG, return 0, return)
+ #endif
++#ifndef OPENSSL_NO_SSL3
+ DEFINEFUNC(const SSL_METHOD *, SSLv3_client_method, DUMMYARG, DUMMYARG, return 0, return)
++#endif
+ #if OPENSSL_VERSION_NUMBER < 0x10100000L
+ DEFINEFUNC(const SSL_METHOD *, SSLv23_client_method, DUMMYARG, DUMMYARG, return 0, return)
+ #else
+@@ -263,7 +265,9 @@ DEFINEFUNC(const SSL_METHOD *, TLSv1_cli
+ #ifndef OPENSSL_NO_SSL2
+ DEFINEFUNC(const SSL_METHOD *, SSLv2_server_method, DUMMYARG, DUMMYARG, return 0, return)
+ #endif
++#ifndef OPENSSL_NO_SSL3
+ DEFINEFUNC(const SSL_METHOD *, SSLv3_server_method, DUMMYARG, DUMMYARG, return 0, return)
++#endif
+ #if OPENSSL_VERSION_NUMBER < 0x10100000L
+ DEFINEFUNC(const SSL_METHOD *, SSLv23_server_method, DUMMYARG, DUMMYARG, return 0, return)
+ #else
+@@ -272,11 +276,15 @@ DEFINEFUNC(const SSL_METHOD *, TLS_serve
+ DEFINEFUNC(const SSL_METHOD *, TLSv1_server_method, DUMMYARG, DUMMYARG, return 0, return)
+ #else
+ DEFINEFUNC(SSL_METHOD *, SSLv2_client_method, DUMMYARG, DUMMYARG, return 0, return)
++#ifndef OPENSSL_NO_SSL3
+ DEFINEFUNC(SSL_METHOD *, SSLv3_client_method, DUMMYARG, DUMMYARG, return 0, return)
++#endif
+ DEFINEFUNC(SSL_METHOD *, SSLv23_client_method, DUMMYARG, DUMMYARG, return 0, return)
+ DEFINEFUNC(SSL_METHOD *, TLSv1_client_method, DUMMYARG, DUMMYARG, return 0, return)
+ DEFINEFUNC(SSL_METHOD *, SSLv2_server_method, DUMMYARG, DUMMYARG, return 0, return)
++#ifndef OPENSSL_NO_SSL3
+ DEFINEFUNC(SSL_METHOD *, SSLv3_server_method, DUMMYARG, DUMMYARG, return 0, return)
++#endif
+ DEFINEFUNC(SSL_METHOD *, SSLv23_server_method, DUMMYARG, DUMMYARG, return 0, return)
+ DEFINEFUNC(SSL_METHOD *, TLSv1_server_method, DUMMYARG, DUMMYARG, return 0, return)
+ #endif
+@@ -756,11 +764,15 @@ bool q_resolveOpenSslSymbols()
+     RESOLVEFUNC(SSL_shutdown, 173, libs.first )
+     RESOLVEFUNC(SSL_write, 188, libs.first )
+     RESOLVEFUNC(SSLv2_client_method, 192, libs.first )
++#ifndef OPENSSL_NO_SSL3
+     RESOLVEFUNC(SSLv3_client_method, 195, libs.first )
++#endif
+     RESOLVEFUNC(SSLv23_client_method, 189, libs.first )
+     RESOLVEFUNC(TLSv1_client_method, 198, libs.first )
+     RESOLVEFUNC(SSLv2_server_method, 194, libs.first )
++#ifndef OPENSSL_NO_SSL3
+     RESOLVEFUNC(SSLv3_server_method, 197, libs.first )
++#endif
+     RESOLVEFUNC(SSLv23_server_method, 191, libs.first )
+     RESOLVEFUNC(TLSv1_server_method, 200, libs.first )
+     RESOLVEFUNC(SSL_CTX_load_verify_locations, 34, libs.first )
+@@ -927,7 +939,9 @@ bool q_resolveOpenSslSymbols()
+ #ifndef OPENSSL_NO_SSL2
+     RESOLVEFUNC(SSLv2_client_method)
+ #endif
++#ifndef OPENSSL_NO_SSL3
+     RESOLVEFUNC(SSLv3_client_method)
++#endif
+ #if OPENSSL_VERSION_NUMBER < 0x10100000L
+     RESOLVEFUNC(SSLv23_client_method)
+ #else
+@@ -937,7 +951,9 @@ bool q_resolveOpenSslSymbols()
+ #ifndef OPENSSL_NO_SSL2
+     RESOLVEFUNC(SSLv2_server_method)
+ #endif
++#ifndef OPENSSL_NO_SSL3
+     RESOLVEFUNC(SSLv3_server_method)
++#endif
+ #if OPENSSL_VERSION_NUMBER < 0x10100000L
+     RESOLVEFUNC(SSLv23_server_method)
+ #else

tools/jenkins/include/scripts/pkg/qt-installer.sh

@@ -24,10 +24,10 @@ if build_step && { force_build || { [ ! -s "$SDK_HOME/installer/bin/qmake" ]; };
     untar "$SRC_PATH/$QT4_TAR"
     pushd "qt-everywhere-opensource-src-${QT4_VERSION}"
 
-        ############################################################
+    ############################################################
     # Fedora patches
 
-    ## Patches from https://download.fedoraproject.org/pub/fedora/linux/development/rawhide/Everything/source/tree/Packages/q/qt-4.8.7-49.fc31.src.rpm
+    ## Patches from https://download.fedoraproject.org/pub/fedora/linux/development/rawhide/Everything/source/tree/Packages/q/qt-4.8.7-66.fc36.src.rpm
 
     # set default QMAKE_CFLAGS_RELEASE
     Patch2=qt-everywhere-opensource-src-4.8.0-tp-multilib-optflags.patch
@@ -168,6 +168,15 @@ if build_step && { force_build || { [ ! -s "$SDK_HOME/installer/bin/qmake" ]; };
     # https://bugzilla.redhat.com/show_bug.cgi?id=1580047
     Patch96=qt-everywhere-opensource-src-4.8.7-gcc8_qtscript.patch
 
+    # Fix ordered pointer comparison against zero problem reported by gcc-11
+    Patch97=qt-everywhere-opensource-src-4.8.7-gcc11.patch
+
+    # hardcode the compiler version in the build key once and for all
+    Patch98=qt-everywhere-opensource-src-4.8.7-hardcode-buildkey.patch
+
+    # FTBFS openssl3
+    Patch99=qt-everywhere-opensource-src-4.8.7-openssl3.patch
+
     # upstream patches
     # backported from Qt5 (essentially)
     # http://bugzilla.redhat.com/702493
@@ -190,14 +199,23 @@ if build_step && { force_build || { [ ! -s "$SDK_HOME/installer/bin/qmake" ]; };
     # CVE-2018-19872 qt: malformed PPM image causing division by zero and crash in qppmhandler.cpp
     Patch500=qt-everywhere-opensource-src-4.8.7-crash-in-qppmhandler.patch
 
+    # CVE-2020-17507 qt: buffer over-read in read_xbm_body in gui/image/qxbmhandler.cpp
+    Patch501=qt-CVE-2020-17507.patch
+
+    # no CVE qt: Clamp parsed doubles to float representable values
+    Patch502=qt-everywhere-opensource-src-4.8.7-clamp-parsed-doubles-to-float-representtable-values.patch
+
+    # CVE-2020-24741 qt: QLibrary loads libraries relative to CWD which could result in arbitrary code execution
+    Patch503=qt-everywhere-opensource-src-4.8.5-CVE-2020-24741.patch
+
     patch -Np1 -i "$INC_PATH/patches/Qt/$Patch4" # -p1 -b .uic_multilib
     patch -Np1 -i "$INC_PATH/patches/Qt/$Patch5" # -p1 -b .webcore_debuginfo
     # ie, where cups-1.6+ is present
     #%if 0%{?fedora} || 0%{?rhel} > 7
     ##patch6 -p1 -b .cupsEnumDests
     #%endif
     patch -Np0 -i "$INC_PATH/patches/Qt/$Patch10" # -p0 -b .prefer_adwaita_on_gnome
-    # disable for installer build
+    # disable for installer build, which uses a much older freetype
     #patch -Np1 -i "$INC_PATH/patches/Qt/$Patch15" # -p1 -b .enable_ft_lcdfilter
     patch -Np1 -i "$INC_PATH/patches/Qt/$Patch23" # -p1 -b .glib_eventloop_nullcheck
     patch -Np1 -i "$INC_PATH/patches/Qt/$Patch25" # -p1 -b .qdbusconnection_no_debug
@@ -240,14 +258,15 @@ if build_step && { force_build || { [ ! -s "$SDK_HOME/installer/bin/qmake" ]; };
     patch -Np1 -i "$INC_PATH/patches/Qt/$Patch93" # -p1 -b .alsa1.1
     if version_gt "$OPENSSL_VERSION" 1.0.9999; then
         # Fedora patch from https://src.fedoraproject.org/rpms/qt/tree/master
-	    #patch -Np1 -i "$INC_PATH/patches/Qt/$Patch94" # -p1 -b .openssl1.1
-        # The following patch is from MacPorts and fixes a few type issues
-	    patch -Np0 -i "$INC_PATH/patches/Qt/patch-qt4-openssl111.diff" # -p1 -b .openssl1.1
+	    patch -Np1 -i "$INC_PATH/patches/Qt/$Patch94" # -p1 -b .openssl1.1
     fi
     patch -Np1 -i "$INC_PATH/patches/Qt/$Patch95" # -p1 -b .icu59
     if version_gt "$SYSTEM_GCC_VERSION" 7.99; then
 	    patch -Np1 -i "$INC_PATH/patches/Qt/$Patch96" # -p1 -b .gcc8_qtscript
     fi
+    patch -Np1 -i "$INC_PATH/patches/Qt/$Patch97" # -p1 -b .gcc11
+    patch -Np1 -i "$INC_PATH/patches/Qt/$Patch98" # -p1 -b .hardcode-buildkey
+    patch -Np1 -i "$INC_PATH/patches/Qt/$Patch99" # -p1 -b .ssl3
 
 
     # upstream patches
@@ -261,6 +280,9 @@ if build_step && { force_build || { [ ! -s "$SDK_HOME/installer/bin/qmake" ]; };
 
     # security fixes
     patch -Np1 -i "$INC_PATH/patches/Qt/$Patch500" # -p1 -b .malformed-ppb-image-causing-crash
+    patch -Np1 -i "$INC_PATH/patches/Qt/$Patch501" # -p1 -b .buffer-over-read-in-read_xbm_body
+    patch -Np1 -i "$INC_PATH/patches/Qt/$Patch502" # -p1 -b .clamp-parsed-doubles-to-float-representtable-values
+    patch -Np1 -i "$INC_PATH/patches/Qt/$Patch503" # -p1 -b .CVE-2020-24741
 
     # regression fixes for the security fixes
     patch -Np1 -i "$INC_PATH/patches/Qt/$Patch84" # -p1 -b .QTBUG-35459