From 71b919d6d86568aa1406d713dc7ff86c356fbc19 Mon Sep 17 00:00:00 2001
From: eaglegai <eaglegai@163.com>
Date: Wed, 19 Apr 2023 09:12:16 +0000
Subject: [PATCH] backport to fix build error when user don't use glibc

(cherry picked from commit e5747300b7647d12797adf591e1b7c5a6c8e84b2)
---
 ...uild-error-when-user-don-t-use-glibc.patch | 111 ++++++++++++++++++
 curl.spec                                     |   9 +-
 2 files changed, 119 insertions(+), 1 deletion(-)
 create mode 100644 backport-after-CVE-2022-32207-to-fix-build-error-when-user-don-t-use-glibc.patch

diff --git a/backport-after-CVE-2022-32207-to-fix-build-error-when-user-don-t-use-glibc.patch b/backport-after-CVE-2022-32207-to-fix-build-error-when-user-don-t-use-glibc.patch
new file mode 100644
index 0000000..0e46ad5
--- /dev/null
+++ b/backport-after-CVE-2022-32207-to-fix-build-error-when-user-don-t-use-glibc.patch
@@ -0,0 +1,111 @@
+From 20f9dd6bae50b7223171b17ba7798946e74f877f Mon Sep 17 00:00:00 2001
+From: Daniel Stenberg <daniel@haxx.se>
+Date: Wed, 25 May 2022 10:09:53 +0200
+Subject: [PATCH] fopen: add Curl_fopen() for better overwriting of files
+                 backport to fix build error when user don't use glibc
+---
+ CMakeLists.txt          |  1 +
+ configure.ac            |  1 +
+ lib/curl_config.h.cmake |  3 +++
+ lib/fopen.c             | 19 +++++++++++++------
+ lib/fopen.h             |  2 ++
+ 5 files changed, 20 insertions(+), 6 deletions(-)
+
+diff --git a/CMakeLists.txt b/CMakeLists.txt
+index d8084de..3a64f02 100644
+--- a/CMakeLists.txt
++++ b/CMakeLists.txt
+@@ -1013,6 +1013,7 @@ elseif(HAVE_LIBSOCKET)
+   set(CMAKE_REQUIRED_LIBRARIES socket)
+ endif()
+ 
++check_symbol_exists(fchmod        "${CURL_INCLUDES}" HAVE_FCHMOD)
+ check_symbol_exists(basename      "${CURL_INCLUDES}" HAVE_BASENAME)
+ check_symbol_exists(socket        "${CURL_INCLUDES}" HAVE_SOCKET)
+ check_symbol_exists(select        "${CURL_INCLUDES}" HAVE_SELECT)
+diff --git a/configure.ac b/configure.ac
+index 152b047..245a731 100644
+--- a/configure.ac
++++ b/configure.ac
+@@ -3320,6 +3320,7 @@ AC_CHECK_DECLS([getpwuid_r], [], [AC_DEFINE(HAVE_DECL_GETPWUID_R_MISSING, 1, "Se
+ 
+ 
+ AC_CHECK_FUNCS([fnmatch \
++  fchmod \
+   geteuid \
+   getpass_r \
+   getppid \
+diff --git a/lib/curl_config.h.cmake b/lib/curl_config.h.cmake
+index 4ef4883..7bd563b 100644
+--- a/lib/curl_config.h.cmake
++++ b/lib/curl_config.h.cmake
+@@ -157,6 +157,9 @@
+ /* Define to 1 if you have the <assert.h> header file. */
+ #cmakedefine HAVE_ASSERT_H 1
+ 
++/* Define to 1 if you have the `fchmod' function. */
++#cmakedefine HAVE_FCHMOD 1
++
+ /* Define to 1 if you have the `basename' function. */
+ #cmakedefine HAVE_BASENAME 1
+ 
+diff --git a/lib/fopen.c b/lib/fopen.c
+index 94b87f5..ad3691b 100644
+--- a/lib/fopen.c
++++ b/lib/fopen.c
+@@ -18,6 +18,8 @@
+  * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
+  * KIND, either express or implied.
+  *
++ * SPDX-License-Identifier: curl
++ *
+  ***************************************************************************/
+ 
+ #include "curl_setup.h"
+@@ -50,7 +52,7 @@ CURLcode Curl_fopen(struct Curl_easy *data, const char *filename,
+   CURLcode result = CURLE_WRITE_ERROR;
+   unsigned char randsuffix[9];
+   char *tempstore = NULL;
+-  struct_stat sb, nsb;
++  struct_stat sb;
+   int fd = -1;
+   *tempname = NULL;
+ 
+@@ -77,12 +79,17 @@ CURLcode Curl_fopen(struct Curl_easy *data, const char *filename,
+   if(fd == -1)
+     goto fail;
+ 
+-  if((fstat(fd, &nsb) != -1) &&
+-     (nsb.st_uid == sb.st_uid) && (nsb.st_gid == sb.st_gid)) {
+-    /* if the user and group are the same, clone the original mode */
+-    if(fchmod(fd, sb.st_mode) == -1)
+-      goto fail;
++#ifdef HAVE_FCHMOD
++  {
++    struct_stat nsb;
++    if((fstat(fd, &nsb) != -1) &&
++       (nsb.st_uid == sb.st_uid) && (nsb.st_gid == sb.st_gid)) {
++      /* if the user and group are the same, clone the original mode */
++      if(fchmod(fd, sb.st_mode) == -1)
++        goto fail;
++    }
+   }
++#endif
+ 
+   *fh = fdopen(fd, FOPEN_WRITETEXT);
+   if(!*fh)
+diff --git a/lib/fopen.h b/lib/fopen.h
+index 1020f3c..289e55f 100644
+--- a/lib/fopen.h
++++ b/lib/fopen.h
+@@ -20,6 +20,8 @@
+  * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
+  * KIND, either express or implied.
+  *
++ * SPDX-License-Identifier: curl
++ *
+  ***************************************************************************/
+ 
+ CURLcode Curl_fopen(struct Curl_easy *data, const char *filename,
+-- 
+2.39.1
diff --git a/curl.spec b/curl.spec
index db59d67..c17b83d 100644
--- a/curl.spec
+++ b/curl.spec
@@ -6,7 +6,7 @@
 
 Name:           curl
 Version:        7.79.1
-Release:        15
+Release:        16
 Summary:        Curl is used in command lines or scripts to transfer data
 License:        MIT
 URL:            https://curl.haxx.se/
@@ -47,6 +47,7 @@ Patch32:        backport-CVE-2023-27538.patch
 Patch33:        backport-CVE-2023-27535-pre1.patch
 Patch34:        backport-CVE-2023-27536.patch
 Patch35:        backport-CVE-2023-27535.patch
+Patch36:        backport-after-CVE-2022-32207-to-fix-build-error-when-user-don-t-use-glibc.patch
 
 BuildRequires:  automake brotli-devel coreutils gcc groff krb5-devel
 BuildRequires:  libidn2-devel libnghttp2-devel libpsl-devel
@@ -221,6 +222,12 @@ rm -rf ${RPM_BUILD_ROOT}%{_libdir}/libcurl.la
 %{_mandir}/man3/*
 
 %changelog
+* Wed Apr 19 2023 gaihuiying <eaglegai@163.com> - 7.79.1-16
+- Type:bugfix
+- CVE:NA
+- SUG:NA
+- DESC:backport to fix build error when user don't use glibc
+
 * Wed Mar 22 2023 xingwei <xingwei14@h-partners.com> - 7.79.1-15
 - Type:cves
 - CVE:CVE-2023-27533 CVE-2023-27534 CVE-2023-27535 CVE-2023-27536 CVE-2023-27538