backport upstream patch

(cherry picked from commit 8b05750238c3ba5450491013d2b14e834059bb42)

backport-common-Protect-against-a-theoretical-integer-overflow.patch

@@ -0,0 +1,34 @@
+From c300253181cfc591cbcae9251eda5296ed29591b Mon Sep 17 00:00:00 2001
+From: Werner Koch <wk@gnupg.org>
+Date: Fri, 7 Oct 2022 14:12:33 +0200
+Subject: [PATCH] common: Protect against a theoretical integer overflow in
+ tlv.c
+
+* common/tlv.c (parse_ber_header): Protect agains integer overflow.
+--
+
+Although there is no concrete case where we use the (nhdr + length),
+it is better to protect against this already here.
+---
+ common/tlv.c | 5 +++++
+ 1 file changed, 5 insertions(+)
+
+diff --git a/common/tlv.c b/common/tlv.c
+index abef83a37..9618d04cb 100644
+--- a/common/tlv.c
++++ b/common/tlv.c
+@@ -222,6 +222,11 @@ parse_ber_header (unsigned char const **buffer, size_t *size,
+       *r_length = len;
+     }
+ 
++  if (*r_length > *r_nhdr && (*r_nhdr + *r_length) < *r_length)
++    {
++      return gpg_err_make (default_errsource, GPG_ERR_EOVERFLOW);
++    }
++
+   /* Without this kludge some example certs can't be parsed. */
+   if (*r_class == CLASS_UNIVERSAL && !*r_tag)
+     *r_length = 0;
+-- 
+2.27.0
+

gnupg2.spec

@@ -1,6 +1,6 @@
 Name: gnupg2
 Version: 2.2.32
-Release: 4
+Release: 5
 Summary: Utility for secure communication and data storage
 
 License: GPLv3+
@@ -21,6 +21,7 @@ Patch9:  gnupg-2.2.20-file-is-digest.patch
 Patch10: gnupg-2.2.21-coverity.patch
 Patch11: common-Avoid-undefined-behavior-of-left-shift-operat.patch
 Patch12: backport-CVE-2022-34903.patch
+Patch13: backport-common-Protect-against-a-theoretical-integer-overflow.patch
 
 BuildRequires: gcc
 BuildRequires: zlib-devel, npth-devel, texinfo
@@ -118,6 +119,9 @@ make check
 
 
 %changelog
+* Wed Jun 14 2023 yixiangzhike <yixiangzhike007@163.com> - 2.2.32-5
+- backport upstream patch
+
 * Wed Apr 19 2023 yixiangzhike <yixiangzhike007@163.com> - 2.2.32-4
 - add BuildRequires:gnutls-devel to support TLS