From e9e31508f72f2a544fef3bce62cf6a03b6c07e8b Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=E6=9D=A8=E8=AF=9A?= <yc02267530@alibaba-inc.com>
Date: Mon, 20 Oct 2025 15:09:49 +0800
Subject: [PATCH] Add patch to fix CVE-2025-5455

---
 CVE-2025-5455-qtbase-5.15.patch | 21 +++++++++++++++++++++
 qt5-qtbase.spec                 | 10 ++++++++--
 2 files changed, 29 insertions(+), 2 deletions(-)
 create mode 100644 CVE-2025-5455-qtbase-5.15.patch

diff --git a/CVE-2025-5455-qtbase-5.15.patch b/CVE-2025-5455-qtbase-5.15.patch
new file mode 100644
index 0000000..de7f20c
--- /dev/null
+++ b/CVE-2025-5455-qtbase-5.15.patch
@@ -0,0 +1,21 @@
+diff --git a/src/corelib/io/qdataurl.cpp b/src/corelib/io/qdataurl.cpp
+index f14d399301f..83e59e3ac00 100644
+--- a/src/corelib/io/qdataurl.cpp
++++ b/src/corelib/io/qdataurl.cpp
+@@ -76,10 +76,11 @@ Q_CORE_EXPORT bool qDecodeDataUrl(const QUrl &uri, QString &mimeType, QByteArray
+         }
+ 
+         if (data.toLower().startsWith("charset")) {
+-            int i = 7;      // strlen("charset")
+-            while (data.at(i) == ' ')
+-                ++i;
+-            if (data.at(i) == '=')
++            int prefixSize = 7; // strlen("charset")
++            QLatin1String copy(data.constData() + prefixSize, data.size() - prefixSize);
++            while (copy.startsWith(QLatin1String(" ")))
++                copy = copy.mid(1);
++            if (copy.startsWith(QLatin1String("=")))
+                 data.prepend("text/plain;");
+         }
+ 
+
diff --git a/qt5-qtbase.spec b/qt5-qtbase.spec
index ad4dd28..16c1205 100644
--- a/qt5-qtbase.spec
+++ b/qt5-qtbase.spec
@@ -1,4 +1,4 @@
-%define anolis_release 6
+%define anolis_release 7
 
 %global openssl -openssl-linked
 %global zstd 1
@@ -38,7 +38,7 @@ Release: %{anolis_release}%{?dist}
 License: LGPLv2 with exceptions or GPLv3 with exceptions
 Url:     http://qt-project.org/
 %global  majmin %(echo %{version} | cut -d. -f1-2)
-Source0: https://download.qt.io/official_releases/qt/%{majmin}/%{version}/submodules/%{qt_module}-everywhere-opensource-src-%{version}.tar.xz
+Source0: https://download.qt.io/archive/qt/%{majmin}/%{version}/submodules/%{qt_module}-everywhere-opensource-src-%{version}.tar.xz
 
 Source1: qtlogging.ini
 Source6: 10-qt5-check-opengl2.sh
@@ -80,6 +80,8 @@ Patch105: CVE-2023-51714.patch
 Patch106: CVE-2024-25580-qtbase-5.15.patch
 Patch107: CVE-2024-39936.patch
 Patch108: add-sw_64-support-for-syscall_fork.patch
+# https://gitlab.com/redhat/centos-stream/rpms/qt5-qtbase/-/commit/78c42affd70476bdfade7e84d67a54f7fddad332
+Patch109: CVE-2025-5455-qtbase-5.15.patch
 %global __requires_exclude_from ^%{_qt5_plugindir}/platformthemes/.*$
 # filter plugin provides
 %global __provides_exclude_from ^%{_qt5_plugindir}/.*\\.so$
@@ -269,6 +271,7 @@ Qt5 libraries used for drawing widgets and OpenGL items.
 %patch -P 106 -p1
 %patch -P 107 -p1
 %patch -P 108 -p1
+%patch -P 109 -p1
 pushd src/3rdparty
 mkdir UNUSED
 mv freetype libjpeg libpng zlib UNUSED/
@@ -895,6 +898,9 @@ fi
 
 
 %changelog
+* Mon Oct 20 2025 YangCheng <yc02267530@alibaba-inc.com> - 5.15.11-7
+- Add patch to fix CVE-2025-5455
+
 * Wed Mar 12 2025 yangguanghui <yangguanghui@nfschina.com> - 5.15.11-6
 - Add sw_64 native compiler support.
 
-- 
Gitee