fix CVE-2023-45675
(cherry picked from commit ebf58542c0a905670c4d964bb1e616653187ff8a)
This commit is contained in:
peijiankang
openeuler-sync-bot
parent
20d7d30fbb
commit
456d10a8da
22
1553.patch
Normal file
22
1553.patch
Normal file
@ -0,0 +1,22 @@
|
||||
From 746d207256ef408d92112a13a75aa8a42df6753f Mon Sep 17 00:00:00 2001
|
||||
From: =?UTF-8?q?Jaroslav=20Loba=C4=8Devski?= <jarlob@github.com>
|
||||
Date: Thu, 19 Oct 2023 16:39:06 +0200
|
||||
Subject: [PATCH] Fix `0` byte write heap buffer overflow in `start_decoder`
|
||||
|
||||
Fixes #1552
|
||||
---
|
||||
stb_vorbis.c | 1 +
|
||||
1 file changed, 1 insertion(+)
|
||||
|
||||
diff --git a/stb_vorbis.c b/stb_vorbis.c
|
||||
index 3e5c2504c0..8bc21de6b7 100644
|
||||
--- a/stb_vorbis.c
|
||||
+++ b/stb_vorbis.c
|
||||
@@ -952,6 +952,7 @@ static void *setup_malloc(vorb *f, int sz)
|
||||
sz = (sz+7) & ~7; // round up to nearest 8 for alignment of future allocs.
|
||||
f->setup_memory_required += sz;
|
||||
if (f->alloc.alloc_buffer) {
|
||||
+ if (sz == 0) return NULL;
|
||||
void *p = (char *) f->alloc.alloc_buffer + f->setup_offset;
|
||||
if (f->setup_offset + sz > f->temp_offset) return NULL;
|
||||
f->setup_offset += sz;
|
||||
17
stb.spec
17
stb.spec
@ -23,7 +23,7 @@ Name: stb
|
||||
# https://github.com/nothings/stb/issues/1101
|
||||
%global snapinfo .20220908git8b5f1f3
|
||||
Version: 0%{snapinfo}
|
||||
Release: 0.12
|
||||
Release: 0.13
|
||||
Summary: Single-file public domain libraries for C/C++
|
||||
|
||||
# See LICENSE.
|
||||
@ -223,6 +223,18 @@ Patch: 0002-Fix-possible-double-free-or-memory-leak-in-stbi__loa.patch
|
||||
# Rebased on top of https://github.com/nothings/stb/pull/1541.
|
||||
Patch: 0001-Fix-Null-pointer-dereference-because-of-an-uninitial.patch
|
||||
|
||||
# Fix 0 byte write heap buffer overflow in start_decoder
|
||||
# https://github.com/nothings/stb/pull/1553
|
||||
#
|
||||
# Fixes:
|
||||
#
|
||||
# 0 byte write heap buffer overflow in start_decoder
|
||||
# (GHSL-2023-165/CVE-2023-45675)
|
||||
# https://github.com/nothings/stb/issues/1552
|
||||
Patch: %{url}/pull/1553.patch
|
||||
|
||||
%global stb_c_lexer_version 0.12
|
||||
%global stb_connected_components_version 0.96
|
||||
%global stb_c_lexer_version 0.12
|
||||
%global stb_connected_components_version 0.96
|
||||
%global stb_divide_version 0.94
|
||||
@ -978,6 +990,9 @@ EOF
|
||||
|
||||
|
||||
%changelog
|
||||
* Fri Mar 08 2024 peijiankang <peijiankang@kylinos.cn> - 0.20220908git8b5f1f3-0.13
|
||||
- stb_vorbis: fix GHSL-2023-165 / fix CVE-2023-45675
|
||||
|
||||
* Fri Mar 01 2024 peijiankang <peijiankang@kylinos.cn> - 0.20220908git8b5f1f3-0.12
|
||||
- stb_image: fix GHSL-2023-151 / fix CVE-2023-45667
|
||||
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user