Not yet Submitted By: Ken Moffat <ken at linuxfromscratch dot org>	
Date: 2021-06-19	
Initial Package Version: 5.15.2
Upstream Status: Applied
Origin: Upstream, found at debian
Description: Fixes CVE-2021-3401 (out of bounds read) by clamoing
parsed doubles to float representable values. Upstream commits:
 https://code.qt.io/cgit/qt/qtsvg.git/commit/?id=aceea78cc05ac8ff
 https://code.qt.io/cgit/qt/qtsvg.git/commit/?id=bfd6ee0d8cf34b63

diff -Naur a/qtsvg/src/svg/qsvghandler.cpp b/qtsvg/src/svg/qsvghandler.cpp
--- a/qtsvg/src/svg/qsvghandler.cpp	2020-10-27 08:02:11.000000000 +0000
+++ b/qtsvg/src/svg/qsvghandler.cpp	2021-06-18 23:16:47.263564883 +0100
@@ -65,6 +65,7 @@
 #include "private/qmath_p.h"
 
 #include "float.h"
+#include <cmath>
 
 QT_BEGIN_NAMESPACE
 
@@ -672,6 +673,9 @@
             val = -val;
     } else {
         val = QByteArray::fromRawData(temp, pos).toDouble();
+        // Do not tolerate values too wild to be represented normally by floats
+        if (qFpClassify(float(val)) != FP_NORMAL)
+            val = 0;
     }
     return val;
 
@@ -3043,6 +3047,8 @@
         ncy = toDouble(cy);
     if (!r.isEmpty())
         nr = toDouble(r);
+    if (nr < 0.5)
+        nr = 0.5;
 
     qreal nfx = ncx;
     if (!fx.isEmpty())