CVE: CVE-2019-6462
Upstream-Status: Backport
Signed-off-by: Quentin Schulz <quentin.schulz@theobroma-systems.com>

From ab2c5ee21e5f3d3ee4b3f67cfcd5811a4f99c3a0 Mon Sep 17 00:00:00 2001
From: Heiko Lewin <hlewin@gmx.de>
Date: Sun, 1 Aug 2021 11:16:03 +0000
Subject: [PATCH] _arc_max_angle_for_tolerance_normalized: fix infinite loop

---
 src/cairo-arc.c | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/src/cairo-arc.c b/src/cairo-arc.c
index 390397bae..1c891d1a0 100644
--- a/src/cairo-arc.c
+++ b/src/cairo-arc.c
@@ -90,16 +90,18 @@ _arc_max_angle_for_tolerance_normalized (double tolerance)
 	{ M_PI / 11.0,  9.81410988043554039085e-09 },
     };
     int table_size = ARRAY_LENGTH (table);
+    const int max_segments = 1000; /* this value is chosen arbitrarily. this gives an error of about 1.74909e-20 */
 
     for (i = 0; i < table_size; i++)
 	if (table[i].error < tolerance)
 	    return table[i].angle;
 
     ++i;
+
     do {
 	angle = M_PI / i++;
 	error = _arc_error_normalized (angle);
-    } while (error > tolerance);
+    } while (error > tolerance && i < max_segments);
 
     return angle;
 }
-- 
2.38.1