1CVE: CVE-2019-6462 2Upstream-Status: Backport 3Signed-off-by: Quentin Schulz <quentin.schulz@theobroma-systems.com> 4 5From ab2c5ee21e5f3d3ee4b3f67cfcd5811a4f99c3a0 Mon Sep 17 00:00:00 2001 6From: Heiko Lewin <hlewin@gmx.de> 7Date: Sun, 1 Aug 2021 11:16:03 +0000 8Subject: [PATCH] _arc_max_angle_for_tolerance_normalized: fix infinite loop 9 10--- 11 src/cairo-arc.c | 4 +++- 12 1 file changed, 3 insertions(+), 1 deletion(-) 13 14diff --git a/src/cairo-arc.c b/src/cairo-arc.c 15index 390397bae..1c891d1a0 100644 16--- a/src/cairo-arc.c 17+++ b/src/cairo-arc.c 18@@ -90,16 +90,18 @@ _arc_max_angle_for_tolerance_normalized (double tolerance) 19 { M_PI / 11.0, 9.81410988043554039085e-09 }, 20 }; 21 int table_size = ARRAY_LENGTH (table); 22+ const int max_segments = 1000; /* this value is chosen arbitrarily. this gives an error of about 1.74909e-20 */ 23 24 for (i = 0; i < table_size; i++) 25 if (table[i].error < tolerance) 26 return table[i].angle; 27 28 ++i; 29+ 30 do { 31 angle = M_PI / i++; 32 error = _arc_error_normalized (angle); 33- } while (error > tolerance); 34+ } while (error > tolerance && i < max_segments); 35 36 return angle; 37 } 38-- 392.38.1 40 41