| Patch | Description | Author | Forwarded | Bugs | Origin | Last update |
|---|---|---|---|---|---|---|
| Fix-stb-include.patch | Fix path to stb header | Nicholas Guriev <guriev-ns@ya.ru> | no | 2019-07-21 | ||
| Custom-IterativeReader.patch | Reimplement IterativeParseInit and IterativeParseNext In order to use the old rapidjson v1.1.0, we have to implement IterativeReader class by ourselves. |
Nicholas Guriev <guriev-ns@ya.ru> | no | 2019-07-21 | ||
| Cache-compatibility.patch | Hacks for cache compatibility In order to provide backward compatibility with previous versions of the package available in Debian, the patch temporary reintroduces the loadFromFile and the loadFromData methods with old signature. These methods are intended for use by non-rebuilt binaries. . The modification turns caching off by default. If a client supports rlottie's cache, it may call configureModelCacheSize to inform the library. |
Nicholas Guriev <guriev-ns@ya.ru> | no | 2020-03-05 | ||
| Bump-soversion.patch | Bump soversion number | Nicholas Guriev <guriev-ns@ya.ru> | not-needed | 2019-07-21 | ||
| No-cyclic-layers.patch | Check for layer parent-child links | John Preston <johnprestonmail@gmail.com> | no | https://github.com/Samsung/rlottie/pull/262/files | 2020-03-05 | |
| Check-buffer-length.patch | Check buffer length in vrle. Should fix CVE-2021-31315 related issues. https://github.com/desktop-app/rlottie/commit/75b31e49b3c69355c4971ee2029eff23a22fcb75 https://github.com/desktop-app/rlottie/commit/839dcab7f083a51b8130061ea5ec245195af6c58 |
John Preston <johnprestonmail@gmail.com> | no | https://github.com/desktop-app/rlottie/commit/0ee2e9c5843257ccd11672611829b9bb5d02aa98 | 2021-05-22 | |
| Fix-crash-in-malformed-animations.patch | Fix crash in malformed lottie animations. diff --git a/src/lottie/lottiemodel.h b/src/lottie/lottiemodel.h index 4a5473d..d263e46 100644 |
John Preston <johnprestonmail@gmail.com> | no | https://github.com/desktop-app/rlottie/commit/3c280ce86f649c1ea07c7ace5ed58162607c0edd | 2020-07-19 | |
| Fix-crash-on-invalid-data.patch | Fix some crashes on invalid data. Should fix CVE-2021-31318, CVE-2021-31319, CVE-2021-31320, CVE-2021-31322. https://github.com/desktop-app/rlottie/commit/839dcab7f083a51b8130061ea5ec245195af6c58 |
John Preston <johnprestonmail@gmail.com> | no | https://github.com/desktop-app/rlottie/commit/e0ea6af518345c4a46195c4951e023e621a9eb8f | 2021-05-22 | |
| Fortify-FreeType-raster.patch | Verify array length before writing in Freetype An attempt to fix CVE-2021-31321 based on John Preston's commit. https://github.com/desktop-app/rlottie/commit/d369d84e868352886cee48eecb60b462f6dfe067 . Also check the number of ycells in gray_find_cell(). |
Nicholas Guriev <guriev-ns@ya.ru> | no | 2022-03-02 | ||
| Fortify-lottie-parser.patch | Fortify Lottie parser https://github.com/Samsung/rlottie/pull/478/commits/2678250cb4baaf0422de8b96ed77d25e7025a365 | Ilya Laktyushin <ilya@laktyush.in>, Nicholas Guriev <nicholas@guriev.su> | yes | https://github.com/desktop-app/rlottie/commit/c490c7a098b9b3cbc3195b00e90d6fc3989e2ba2 | 2021-05-22 | |
| Extend-mDash-array.patch | An attempt to fix CVE-2021-31317 After conversation on GitHub PR, I've added check of data size in LOTDashProperty::getDashInfo method. However, a call to the push_back method remains, it should not hurt anything. |
Nicholas Guriev <guriev-ns@ya.ru> | yes | 2021-05-27 | ||
| Include-limits-header.patch | Explicitly include <limits> header. | Nicholas Guriev <guriev-ns@ya.ru> | yes | debian upstream | 2021-05-24 | |
| Avoid-nullptr-in-solidColor.patch | Fix dereferencing of null pointer in model::Layer::solidColor() getter Also remove unnecessarily check of mExtra->mAsset in the asset() getter. | Nicholas Guriev <guriev-ns@ya.ru> | yes | 2021-05-29 | ||
| Empty-animation-data.patch | Fix crash when path animation data is empty | Subhransu Mohanty <sub.mohanty@samsung.com> | yes | debian upstream | https://github.com/Samsung/rlottie/commit/1cb2021d6883ebe41c17e710fc90a225f038cb51 | 2021-11-27 |
| Finite-loop-in-VBezier-tAtLength.patch | Finite loop in VBezier::tAtLength() | Nicholas Guriev <guriev-ns@ya.ru> | yes | https://github.com/Samsung/rlottie/commit/625bc4c48a2d5d45661fd56202f8a1af78b01195 | 2022-02-16 | |
| Reject-reversed-frames.patch | Reject reversed frames | Nicholas Guriev <guriev-ns@ya.ru> | yes | https://github.com/Samsung/rlottie/commit/327fb7dbaad225555d5ca567b9adee9ce5f879f4 | 2022-02-16 | |
| Ignore-unspecified-type.patch | Ignore animations with objects of unspecified type | Nicholas Guriev <guriev-ns@ya.ru> | yes | https://github.com/Samsung/rlottie/commit/d1636c7b47481e69d4100f3bff2a7a3be7680286 | 2022-02-16 | |
| Improve-rendering-performance.patch | Improve matte rendering performance for simple layer | Subhransu Mohanty <sub.mohanty@samsung.com> | no | https://github.com/Samsung/rlottie/commit/194b31736d666056ec43931bb3732d5919f6a06a | 2022-02-17 | |
| Init-keyframe.patch | Do default initialization of key frame values | Nicholas Guriev <guriev-ns@ya.ru> | yes | upstream | 2022-03-02 | |
| Check-empty-frames.patch | Check that animation has frames before accessing | Nicholas Guriev <guriev-ns@ya.ru> | yes | upstream | https://github.com/Samsung/rlottie/pull/523/commits/7446363b482978746bd6e7b5dbc4f49553f9f50f | 2022-03-02 |
| No-cyclic-structures.patch | Deal with cyclic structures, avoid stack overflow in Lottie model | Nicholas Guriev <guriev-ns@ya.ru> | yes | upstream | 2022-09-10 | |
| Positive-points.patch | Points counter must be positive | Nicholas Guriev <guriev-ns@ya.ru> | yes | upstream | https://github.com/Samsung/rlottie/pull/523/commits/19fc8e9c2804ccfba5bee3eb18bc952a87684490 | 2022-03-02 |
| Stop-VBezier-length-overflow.patch | Stop computing Bézier curve length when float overflow occurs after splitting | Nicholas Guriev <guriev-ns@ya.ru> | yes | upstream | https://github.com/Samsung/rlottie/pull/523/commits/f7b72f1ed133882f1d5a75ede5fe6b6fc4cbea1d | 2022-03-02 |
| Avoid-assertion-failures.patch | Touch up some incorrect values that result to assertion violations | Nicholas Guriev <guriev-ns@ya.ru> | no | |||
| No-deadlock.patch | Realize a lock at any end of VRleTask | Nicholas Guriev <guriev-ns@ya.ru> | yes | 2022-05-29 | ||
| Atomic-render.patch | Make the render() method really atomic Value of the mRenderInProgress flag should be checked and updated in a single operation or its atomic characteristics will not work. |
Nicholas Guriev <guriev-ns@ya.ru> | no | 2022-09-10 | ||
| fix-static-variable-delete.patch | Remove default constructor implementation vcow_ptr is a rlottie-specific implementation of the shared pointer. It provides a default constructor containing a static variable that is potentially deleted in the destructor. Remove constructor implementation in order to avoid undefined behavior. |
Vladimir Petko <vladimir.petko@canonical.com> | no | debian | 2023-03-07 |