From b402b1d6a485878f7a86f6fb6b146c8912e7ad88 Mon Sep 17 00:00:00 2001
From: Than Ngo <than@redhat.com>
Date: Thu, 18 May 2023 15:15:05 +0000
Subject: [PATCH] fix #2208136, CVE-2023-32573 Uninitialized variable usage in
 m_unitsPerEm

Gbp-Pq: Name CVE-2023-32573.patch
---
 src/svg/qsvgfont_p.h    | 5 ++---
 src/svg/qsvghandler.cpp | 2 +-
 2 files changed, 3 insertions(+), 4 deletions(-)

diff --git a/src/svg/qsvgfont_p.h b/src/svg/qsvgfont_p.h
index 62bc4c08a..e02060c02 100644
--- a/src/svg/qsvgfont_p.h
+++ b/src/svg/qsvgfont_p.h
@@ -78,6 +78,7 @@ public:
 class QSvgFont : public QSvgRefCounted
 {
 public:
+    static const qreal DEFAULT_UNITS_PER_EM = 1000;
     QSvgFont(qreal horizAdvX);
 
     void setFamilyName(const QString &name);
@@ -90,9 +91,7 @@ public:
     void draw(QPainter *p, const QPointF &point, const QString &str, qreal pixelSize, Qt::Alignment alignment) const;
 public:
     QString m_familyName;
-    qreal m_unitsPerEm;
-    qreal m_ascent;
-    qreal m_descent;
+    qreal m_unitsPerEm = DEFAULT_UNITS_PER_EM;
     qreal m_horizAdvX;
     QHash<QChar, QSvgGlyph> m_glyphs;
 };
diff --git a/src/svg/qsvghandler.cpp b/src/svg/qsvghandler.cpp
index 229e550f4..2f03da093 100644
--- a/src/svg/qsvghandler.cpp
+++ b/src/svg/qsvghandler.cpp
@@ -2567,7 +2567,7 @@ static bool parseFontFaceNode(QSvgStyleProperty *parent,
 
     qreal unitsPerEm = toDouble(unitsPerEmStr);
     if (!unitsPerEm)
-        unitsPerEm = 1000;
+        unitsPerEm = QSvgFont::DEFAULT_UNITS_PER_EM;
 
     if (!name.isEmpty())
         font->setFamilyName(name);
-- 
2.30.2