From 4765cad0afed07a11a3b96b5da38887ac76112e5 Mon Sep 17 00:00:00 2001
From: tomcruiseqi <10762123+tomcruiseqi@user.noreply.gitee.com>
Date: Wed, 9 Apr 2025 15:11:07 +0800
Subject: [PATCH] [CVE] FIX CVE-2024-45993

to #20109
add patch to fix CVE-2024-45993
Project: TC2024080204
Signed-off-by: tomcruiseqi <10762123+tomcruiseqi@user.noreply.gitee.com>
---
 ...-heap-buffer-overflow-CVE-2024-45993.patch | 33 +++++++++++++++++++
 giflib.spec                                   |  8 ++++-
 2 files changed, 40 insertions(+), 1 deletion(-)
 create mode 100644 0001-Fix-heap-buffer-overflow-CVE-2024-45993.patch

diff --git a/0001-Fix-heap-buffer-overflow-CVE-2024-45993.patch b/0001-Fix-heap-buffer-overflow-CVE-2024-45993.patch
new file mode 100644
index 0000000..e02d949
--- /dev/null
+++ b/0001-Fix-heap-buffer-overflow-CVE-2024-45993.patch
@@ -0,0 +1,33 @@
+From 8d78841a40075d8a669a03cf15195531e89e28cb Mon Sep 17 00:00:00 2001
+From: Codres Bogdan <bogdan.codres@windriver.com>
+Date: Tue, 8 Apr 2025 18:37:31 +0300
+Subject: [PATCH] Fix heap-buffer overflow (CVE-2023-48161)
+
+The fix is identical with the one for CVE-2022-28506
+created initiallly by Matej Muzila
+
+Signed-off-by: Codres Bogdan <bogdan.codres@windriver.com>
+---
+ gif2rgb.c | 6 ++++++
+ 1 file changed, 6 insertions(+)
+
+diff --git a/gif2rgb.c b/gif2rgb.c
+index b80ebcd..7f1b06f 100644
+--- a/gif2rgb.c
++++ b/gif2rgb.c
+@@ -329,6 +329,12 @@ static void DumpScreen2RGB(char *FileName, int OneFileFlag,
+ 			GifRow = ScreenBuffer[i];
+ 			GifQprintf("\b\b\b\b%-4d", ScreenHeight - i);
+ 			for (j = 0; j < ScreenWidth; j++) {
++				/* Check if color is within color palete */
++				if (GifRow[j] >= ColorMap->ColorCount)
++				{
++					GIF_EXIT(GifErrorString(
++					    D_GIF_ERR_IMAGE_DEFECT));
++				}
+ 				ColorMapEntry = &ColorMap->Colors[GifRow[j]];
+ 				Buffers[0][j] = ColorMapEntry->Red;
+ 				Buffers[1][j] = ColorMapEntry->Green;
+-- 
+2.17.1
+
diff --git a/giflib.spec b/giflib.spec
index 6ddfb5e..e04a135 100644
--- a/giflib.spec
+++ b/giflib.spec
@@ -1,4 +1,4 @@
-%define anolis_release 1
+%define anolis_release 2
 Name:          giflib
 Summary:       A library and utilities for processing GIFs
 Version:       5.2.2
@@ -10,6 +10,9 @@ Source:        http://downloads.sourceforge.net/%{name}/%{name}-%{version}.tar.g
 # Downstream cmake support
 Source1:       CMakeLists.txt
 
+# https://sourceforge.net/p/giflib/bugs/_discuss/thread/c2fde05fda/aa61/attachment/0001-Fix-heap-buffer-overflow-CVE-2023-48161.patch
+Patch0001: 0001-Fix-heap-buffer-overflow-CVE-2024-45993.patch
+
 BuildRequires: cmake
 BuildRequires: gcc
 BuildRequires: xmlto
@@ -62,6 +65,9 @@ cp -a %{SOURCE1} .
 %{_mandir}/man1/*.1*
 
 %changelog
+* Wed Apr 09 2025 tomcruiseqi <qizengtian@inspur.com> - 5.2.2-2
+- Fix CVE-2024-45993
+
 * Fri Jun 28 2024 NewStart <os@gd-linux.com> - 5.2.2-1
 - Updated 5.2.2 to fix CVE-2023-48161
 
-- 
Gitee