From 9504c5356ed2e105746372d887f78aa2397b6738 Mon Sep 17 00:00:00 2001
From: Funda Wang <fundawang@yeah.net>
Date: Sat, 7 Jun 2025 13:27:30 +0800
Subject: [PATCH] fix CVE-2025-5455

(cherry picked from commit b1f32e0f374a92f24293e84dd8bf861da32d3ea9)
---
 CVE-2025-5455-qtbase-5.15.patch | 20 ++++++++++++++++++++
 qt5-qtbase.spec                 |  6 +++++-
 2 files changed, 25 insertions(+), 1 deletion(-)
 create mode 100644 CVE-2025-5455-qtbase-5.15.patch

diff --git a/CVE-2025-5455-qtbase-5.15.patch b/CVE-2025-5455-qtbase-5.15.patch
new file mode 100644
index 0000000..9cee864
--- /dev/null
+++ b/CVE-2025-5455-qtbase-5.15.patch
@@ -0,0 +1,20 @@
+diff --git a/src/corelib/io/qdataurl.cpp b/src/corelib/io/qdataurl.cpp
+index f14d399301f..83e59e3ac00 100644
+--- a/src/corelib/io/qdataurl.cpp
++++ b/src/corelib/io/qdataurl.cpp
+@@ -76,10 +76,11 @@ Q_CORE_EXPORT bool qDecodeDataUrl(const QUrl &uri, QString &mimeType, QByteArray
+         }
+ 
+         if (data.toLower().startsWith("charset")) {
+-            int i = 7;      // strlen("charset")
+-            while (data.at(i) == ' ')
+-                ++i;
+-            if (data.at(i) == '=')
++            int prefixSize = 7; // strlen("charset")
++            QLatin1String copy(data.constData() + prefixSize, data.size() - prefixSize);
++            while (copy.startsWith(QLatin1String(" ")))
++                copy = copy.mid(1);
++            if (copy.startsWith(QLatin1String("=")))
+                 data.prepend("text/plain;");
+         }
+ 
diff --git a/qt5-qtbase.spec b/qt5-qtbase.spec
index b463304..a08ff7f 100644
--- a/qt5-qtbase.spec
+++ b/qt5-qtbase.spec
@@ -36,7 +36,7 @@
 Name:             qt5-qtbase
 Summary:          Qt5 - QtBase components
 Version:          5.15.10
-Release:          11
+Release:          12
 
 # See LGPL_EXCEPTIONS.txt, for exception details
 License:          LGPL-3.0-only OR GPL-3.0-only WITH Qt-GPL-exception-1.0
@@ -137,6 +137,7 @@ Patch0030:        CVE-2024-25580-qtbase-5.15.diff
 Patch0031:        CVE-2023-45935.patch
 Patch0032:	  add-sw_64-support-for-syscall_fork.patch
 Patch0033:        CVE-2025-30348.patch
+Patch0034:        CVE-2025-5455-qtbase-5.15.patch
 
 # Do not check any files in %%{_qt5_plugindir}/platformthemes/ for requires.
 # Those themes are there for platform integration. If the required libraries are
@@ -1031,6 +1032,9 @@ fi
 
 
 %changelog
+* Sat Jun 07 2025 Funda Wang <fundawang@yeah.net> - 5.15.10-12
+- fix CVE-2025-5455
+
 * Wed Apr 02 2025 Funda Wang <fundawang@yeah.net> - 5.15.10-11
 - fix CVE-2025-30348
 
-- 
Gitee