From 4387ec70a79c62e29f0b8055f08de7bfb2799f8a Mon Sep 17 00:00:00 2001 From: compile_success <980965867@qq.com> Date: Sat, 27 Feb 2021 15:07:25 +0800 Subject: [PATCH] fix CVE-2020-35457 --- backport-CVE-2020-35457.patch | 36 +++++++++++++++++++++++++++++++++++ glib2.spec | 9 ++++++++- 2 files changed, 44 insertions(+), 1 deletion(-) create mode 100644 backport-CVE-2020-35457.patch diff --git a/backport-CVE-2020-35457.patch b/backport-CVE-2020-35457.patch new file mode 100644 index 0000000..66b1b28 --- /dev/null +++ b/backport-CVE-2020-35457.patch @@ -0,0 +1,36 @@ +From 63c5b62f0a984fac9a9700b12f54fe878e016a5d Mon Sep 17 00:00:00 2001 +From: Philip Withnall +Date: Wed, 2 Sep 2020 12:38:09 +0100 +Subject: [PATCH] goption: Add a precondition to avoid GOptionEntry list + overflow +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +reason:Add a precondition to avoid GOptionEntry list overflow +Conflict:NA +Reference:https://gitlab.gnome.org/GNOME/glib/-/commit/63c5b62f0a984fac9a9700b12f54fe878e016a5d + +Signed-off-by: Philip Withnall + +Fixes: #2197 +--- + glib/goption.c | 2 ++ + 1 file changed, 2 insertions(+) + +diff --git a/glib/goption.c b/glib/goption.c +index 9f5b977c4..bb9093a33 100644 +--- a/glib/goption.c ++++ b/glib/goption.c +@@ -2422,6 +2422,8 @@ g_option_group_add_entries (GOptionGroup *group, + + for (n_entries = 0; entries[n_entries].long_name != NULL; n_entries++) ; + ++ g_return_if_fail (n_entries <= G_MAXSIZE - group->n_entries); ++ + group->entries = g_renew (GOptionEntry, group->entries, group->n_entries + n_entries); + + /* group->entries could be NULL in the trivial case where we add no +-- +GitLab + diff --git a/glib2.spec b/glib2.spec index 0e8eb53..728a1c1 100644 --- a/glib2.spec +++ b/glib2.spec @@ -1,12 +1,13 @@ Name: glib2 Version: 2.62.5 -Release: 1 +Release: 2 Summary: The core library that forms the basis for projects such as GTK+ and GNOME License: LGPLv2+ URL: http://www.gtk.org Source0: http://download.gnome.org/sources/glib/2.62/glib-%{version}.tar.xz Patch9001: fix-accidentally-delete-temp-file-within-dtrace.patch +Patch6000: backport-CVE-2020-35457.patch BuildRequires: chrpath gcc gcc-c++ gettext gtk-doc perl-interpreter BUildRequires: glibc-devel libattr-devel libselinux-devel meson @@ -143,6 +144,12 @@ glib-compile-schemas %{_datadir}/glib-2.0/schemas &> /dev/null || : %doc %{_datadir}/gtk-doc/html/* %changelog +* Sat Feb 27 2021 zhujunhao - 2.62.5-3 +- Type:cve +- Id:CVE-2020-35457 +- SUG:NA +- DESC:fix CVE-2020-35457 + * Thu Apr 16 2020 hexiujun - 2.62.5-1 - Update to 2.62.5 -- Gitee