From 7fb02eada65259ec24fbf0c0f4d7b7d7949b0a1a Mon Sep 17 00:00:00 2001
From: panysh <panyanshuang@ncti-gba.cn>
Date: Fri, 16 Sep 2022 16:14:24 +0800
Subject: [PATCH] Fix CVE-2022-40320

(cherry picked from commit 97f5d544d04f7bdf30e4ffdb288c8d52563c1dd2)
---
 CVE-2022-40320.patch | 25 +++++++++++++++++++++++++
 libconfuse.spec      |  8 +++++++-
 2 files changed, 32 insertions(+), 1 deletion(-)
 create mode 100644 CVE-2022-40320.patch

diff --git a/CVE-2022-40320.patch b/CVE-2022-40320.patch
new file mode 100644
index 0000000..c319a3d
--- /dev/null
+++ b/CVE-2022-40320.patch
@@ -0,0 +1,25 @@
+--- src/confuse.c
++++ src/confuse.c
+@@ -1865,16 +1865,19 @@
+ 		} else {
+ 			/* ~user or ~user/path */
+ 			char *user;
++                       size_t len;
+ 
+ 			file = strchr(filename, '/');
+ 			if (file == 0)
+ 				file = filename + strlen(filename);
+ 
+-			user = malloc(file - filename);
+-			if (!user)
++			len = file - filename - 1;
++                       user = malloc(len + 1);
++                       if (!user)
+ 				return NULL;
+ 
+-			strncpy(user, filename + 1, file - filename - 1);
++			strncpy(user, &filename[1], len);
++                       user[len] = 0;
+ 			passwd = getpwnam(user);
+ 			free(user);
+ 		}
diff --git a/libconfuse.spec b/libconfuse.spec
index 863ed7b..0621b6a 100644
--- a/libconfuse.spec
+++ b/libconfuse.spec
@@ -1,10 +1,11 @@
 Name:                libconfuse
 Version:             3.3
-Release:             1
+Release:             2
 Summary:             A configuration file parser library
 License:             ISC
 URL:                 https://github.com/martinh/libconfuse
 Source0:             https://github.com/martinh/libconfuse/releases/download/v%{version}/confuse-%{version}.tar.gz
+Patch0:              CVE-2022-40320.patch
 BuildRequires:       gcc check-devel, pkgconfig perl-interpreter make
 
 %description
@@ -30,6 +31,8 @@ Development files for %{name}.
 %setup -q -n confuse-%{version}
 perl -pi.orig -e 's|confuse.h|../src/confuse.h|g' tests/check_confuse.c
 
+%patch0 -p0
+
 %build
 %configure --enable-shared --disable-static
 make %{?_smp_mflags} AM_CFLAGS="-Wall -Wextra"
@@ -63,5 +66,8 @@ rm -rf $RPM_BUILD_ROOT%{_datadir}/doc/confuse
 %{_libdir}/pkgconfig/libconfuse.pc
 
 %changelog
+* Fri Sep 16 2022 panyanshuang<panyanshuang@ncti-gba.cn> - 3.3-2
+- Fix CVE-2022-40320
+
 * Wed Apr 14 2021 chengzihan <chengzihan2@huawei.com> - 3.3-1
 - package init