diff --git a/CVE-2025-0633.patch b/CVE-2025-0633.patch new file mode 100644 index 0000000000000000000000000000000000000000..e620949877e0763477ef640430744c7950dc00d6 --- /dev/null +++ b/CVE-2025-0633.patch @@ -0,0 +1,34 @@ +From 072a39a772a38c475e35a1be311304ca99e9de7f Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Lars=20M=C3=B6llendorf?= +Date: Sun, 26 Jan 2025 08:48:23 +0100 +Subject: [PATCH] Fix heap overflow in `iniparser_dumpsection_ini()` + +Origin: https://gitlab.com/iniparser/iniparser/-/commit/072a39a772a38c475e35a1be311304ca99e9de7f + +...reported in #177 + +As suggested by the issue reporter this is fixed by returning from +`iniparser_dumpsection_ini()` in case the length of the passed section name +of dictionary to dump was bigger than the size of the internal buffer used +to copy this string to. + +Changelog: changed +--- + src/iniparser.c | 1 + + 1 file changed, 1 insertion(+) + +diff --git a/src/iniparser.c b/src/iniparser.c +index abc8b52..1086b46 100644 +--- a/src/iniparser.c ++++ b/src/iniparser.c +@@ -327,6 +327,7 @@ void iniparser_dumpsection_ini(const dictionary * d, const char * s, FILE * f) + + if (d==NULL || f==NULL) return ; + if (! iniparser_find_entry(d, s)) return ; ++ if (strlen(s) > sizeof(keym)) return; + + seclen = (int)strlen(s); + fprintf(f, "\n[%s]\n", s); +-- +GitLab + diff --git a/iniparser.spec b/iniparser.spec index 776d7f1a69d2c0306ddb6cfbe87ecd3799b8eced..1327176afffde079de0de15deb2ae005a91e03d0 100644 --- a/iniparser.spec +++ b/iniparser.spec @@ -1,11 +1,12 @@ Name: iniparser Version: 4.1 -Release: 5 +Release: 6 Summary: ini file parser License: MIT and Zlib URL: https://github.com/ndevilla/iniparser Source0: https://github.com/ndevilla/iniparser/archive/v%{version}.tar.gz#/%{name}-%{version}.tar.gz Patch0: CVE-2023-33461.patch +Patch2: CVE-2025-0633.patch BuildRequires: gcc doxygen chrpath @@ -54,6 +55,9 @@ echo "%{_libdir}" > %{buildroot}/etc/ld.so.conf.d/%{name}-%{_arch}.conf %config(noreplace) /etc/ld.so.conf.d/* %changelog +* Fri Mar 07 2025 wangkai <13474090681@163.com> - 4.1-6 +- Fix CVE-2025-0633 + * Sun Jun 25 2023 wangkai <13474090681@163.com> - 4.1-5 - Fix CVE-2023-33461