From b6d4cb25e47a73f5c0c4cca48a51d73833b1d6c6 Mon Sep 17 00:00:00 2001
From: wk333 <13474090681@163.com>
Date: Tue, 20 May 2025 14:44:36 +0800
Subject: [PATCH] Fix CVE-2025-40907

---
 CVE-2025-40907.patch | 38 ++++++++++++++++++++++++++++++++++++++
 perl-FCGI.spec       |  6 +++++-
 2 files changed, 43 insertions(+), 1 deletion(-)
 create mode 100644 CVE-2025-40907.patch

diff --git a/CVE-2025-40907.patch b/CVE-2025-40907.patch
new file mode 100644
index 0000000..5fbb9c4
--- /dev/null
+++ b/CVE-2025-40907.patch
@@ -0,0 +1,38 @@
+From b0eabcaf4d4f371514891a52115c746815c2ff15 Mon Sep 17 00:00:00 2001
+From: Pycatchown <39068868+Pycatchown@users.noreply.github.com>
+Date: Tue, 8 Apr 2025 17:39:30 +0200
+Subject: [PATCH] Update fcgiapp.c
+
+Origin: https://github.com/FastCGI-Archives/fcgi2/pull/74
+
+Fixing an integer overflow (CVE-2025-23016)
+---
+ fcgiapp.c | 8 ++++++++
+ 1 file changed, 8 insertions(+)
+
+diff --git a/fcgiapp.c b/fcgiapp.c
+index 4ffe318..99c3630 100644
+--- a/fcgiapp.c
++++ b/fcgiapp.c
+@@ -1175,6 +1175,10 @@ static int ReadParams(Params *paramsPtr, FCGX_Stream *stream)
+ 	    }
+             nameLen = ((nameLen & 0x7f) << 24) + (lenBuff[0] << 16)
+                     + (lenBuff[1] << 8) + lenBuff[2];
++	    if (nameLen >= INT_MAX) {
++                SetError(stream, FCGX_PARAMS_ERROR);
++                return -1;
++	    }
+         }
+         if((valueLen = FCGX_GetChar(stream)) == EOF) {
+             SetError(stream, FCGX_PARAMS_ERROR);
+@@ -1187,6 +1191,10 @@ static int ReadParams(Params *paramsPtr, FCGX_Stream *stream)
+ 	    }
+             valueLen = ((valueLen & 0x7f) << 24) + (lenBuff[0] << 16)
+                     + (lenBuff[1] << 8) + lenBuff[2];
++	    if (valueLen >= INT_MAX) {
++                SetError(stream, FCGX_PARAMS_ERROR);
++                return -1;
++	    }
+         }
+         /*
+          * nameLen and valueLen are now valid; read the name and value
diff --git a/perl-FCGI.spec b/perl-FCGI.spec
index b692ae2..356b980 100644
--- a/perl-FCGI.spec
+++ b/perl-FCGI.spec
@@ -1,12 +1,13 @@
 Name:           perl-FCGI
 Epoch:          1
 Version:        0.78
-Release:        13
+Release:        14
 Summary:        FastCGI Perl bindings
 License:        OML
 URL:            https://metacpan.org/release/FCGI
 Source0:        https://cpan.metacpan.org/authors/id/E/ET/ETHER/FCGI-%{version}.tar.gz
 Patch0:         FCGI-0.78-CVE-2012-6687.patch
+Patch1:         CVE-2025-40907.patch
 BuildRequires:  findutils gcc make perl-interpreter perl-devel perl-generators
 BuildRequires:  perl(Config) perl(Cwd) perl(ExtUtils::MakeMaker) >= 6.76
 BuildRequires:  perl(File::Copy) perl(Getopt::Long) perl(IO::File)
@@ -51,6 +52,9 @@ make test
 %doc ChangeLog README
 
 %changelog
+* Tue May 20 2025 wangkai <13474090681@163.com> - 1:0.78-14
+- Fix CVE-2025-40907
+
 * Tue Jan 14 2025 wangkai <13474090681@163.com> - 1:0.78-13
 - Fix CVE-2012-6687
 - Introduced environment variable-controlled polling timeouts 
-- 
Gitee