From c549953cd9c8b24d8e92991a530886d29663a325 Mon Sep 17 00:00:00 2001
From: Florian Bruhin <git@the-compiler.org>
Date: Thu, 7 Mar 2019 10:56:44 +0100
Subject: [PATCH] Add fix for CVE-2019-5786

---
 qt5-webengine/PKGBUILD | 13 ++++++++++---
 1 file changed, 10 insertions(+), 3 deletions(-)

diff --git a/qt5-webengine/PKGBUILD b/qt5-webengine/PKGBUILD
index d7c25ed..2410d4c 100644
--- a/qt5-webengine/PKGBUILD
+++ b/qt5-webengine/PKGBUILD
@@ -5,7 +5,7 @@ pkgname=qt5-webengine-debug
 _orig_pkgname=${pkgname/-debug/}
 _qtver=5.12.1
 pkgver=${_qtver/-/}
-pkgrel=2
+pkgrel=3
 arch=('x86_64')
 url='https://www.qt.io'
 license=('LGPL3' 'LGPL2.1' 'BSD')
@@ -19,9 +19,11 @@ provides=("qt5-webengine=$pkgver")
 options=("debug" "!strip")
 conflicts=('qt5-webengine')
 source=("https://download.qt.io/official_releases/qt/${pkgver%.*}/${_qtver}/submodules/${_pkgfqn}.tar.xz"
-         qtwebengine-harmony.patch)
+         qtwebengine-harmony.patch
+         'cve-2019-5786.patch::http://code.qt.io/cgit/qt/qtwebengine-chromium.git/patch/?id=43316b156e65f867a76ed2afd96bf30696c5f4f6')
 sha256sums=('43e91e06bc4a60ef0f91d15ae06425cf9c6b4f7dafe960259a5b013c687c3bd0'
-            'feca54ab09ac0fc9d0626770a6b899a6ac5a12173c7d0c1005bc3964ec83e7b3')
+            'feca54ab09ac0fc9d0626770a6b899a6ac5a12173c7d0c1005bc3964ec83e7b3'
+            'd8434d27ac0dd8c4d49b0208fc2df91611440d3ee733bb8597212980f98d4b1b')
 
 prepare() {
   mkdir -p build
@@ -34,6 +36,11 @@ prepare() {
 
   # FreeType 2.8.1
   patch -Np1 -i ../qtwebengine-harmony.patch
+
+  # https://bugreports.qt.io/browse/QTBUG-74254
+  # https://codereview.qt-project.org/#/c/255162/
+  cd src/3rdparty
+  patch -p1 -i "$srcdir/cve-2019-5786.patch"
 }
 
 build() {
-- 
2.20.1