From 8efeb4f365ae626cff8ee8b2c20ebc9d2829b4fd Mon Sep 17 00:00:00 2001
From: dou33 <douyan@kylinos.cn>
Date: Thu, 23 Nov 2023 10:05:39 +0800
Subject: [PATCH] add patch
 0001-Fix-double-free-in-stbi__load_gif_main_outofmem.patch fix CVE-2023-45664

(cherry picked from commit b1a4ebc168b5b19163ba7dd62018812b0263cf0b)
---
 ...free-in-stbi__load_gif_main_outofmem.patch | 28 +++++++++++++++++++
 stb.spec                                      | 15 +++++++++-
 2 files changed, 42 insertions(+), 1 deletion(-)
 create mode 100644 0001-Fix-double-free-in-stbi__load_gif_main_outofmem.patch

diff --git a/0001-Fix-double-free-in-stbi__load_gif_main_outofmem.patch b/0001-Fix-double-free-in-stbi__load_gif_main_outofmem.patch
new file mode 100644
index 0000000..bd4576d
--- /dev/null
+++ b/0001-Fix-double-free-in-stbi__load_gif_main_outofmem.patch
@@ -0,0 +1,28 @@
+From 4a4c1eeb8540c61ceb3456b3277184bc1c63c9be Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Jaroslav=20Loba=C4=8Devski?= <jarlob@github.com>
+Date: Thu, 19 Oct 2023 16:16:34 +0200
+Subject: [PATCH 1/2] Fix double-free in stbi__load_gif_main_outofmem
+
+Fixes #1544
+---
+ stb_image.h | 4 ++++
+ 1 file changed, 4 insertions(+)
+
+diff --git a/stb_image.h b/stb_image.h
+index aac3653..d3a1f59 100644
+--- a/stb_image.h
++++ b/stb_image.h
+@@ -6990,6 +6990,10 @@ static void *stbi__load_gif_main(stbi__context *s, int **delays, int *x, int *y,
+             stride = g.w * g.h * 4;
+ 
+             if (out) {
++               if (stride == 0) {
++                  void *ret = stbi__load_gif_main_outofmem(&g, out, delays);
++                  return ret;
++               }
+                if (!stbi__mul2sizes_valid(layers, stride)) {
+                   void *ret = stbi__load_gif_main_outofmem(&g, out, delays);
+                   return ret;
+-- 
+2.41.0
+
diff --git a/stb.spec b/stb.spec
index 67fd84d..e7a3b52 100644
--- a/stb.spec
+++ b/stb.spec
@@ -23,7 +23,7 @@ Name:           stb
 #   https://github.com/nothings/stb/issues/1101
 %global snapinfo .20220908git8b5f1f3
 Version:        0%{snapinfo}
-Release:        0.7
+Release:        0.8
 Summary:        Single-file public domain libraries for C/C++
 
 # See LICENSE.
@@ -167,6 +167,16 @@ Patch:          1534.patch
 # https://github.com/nothings/stb/issues/1538
 Patch:          1539.patch
 
+# Fix double-free in stbi__load_gif_main_outofmem
+# https://github.com/nothings/stb/pull/1545
+#
+# Fixes:
+#
+# Double-free in stbi__load_gif_main_outofmem (GHSL-2023-148/CVE-2023-45664)
+# https://github.com/nothings/stb/issues/1544
+#
+# Rebased on top of https://github.com/nothings/stb/pull/1539.
+Patch:        0001-Fix-double-free-in-stbi__load_gif_main_outofmem.patch
 
 %global stb_c_lexer_version 0.12
 %global stb_connected_components_version 0.96
@@ -923,6 +933,9 @@ EOF
 
 
 %changelog
+* Thu Nov 23 2023 douyan <douyan@kylinos.cn> - 0.20220908git8b5f1f3-0.8
+- add patch 0001-Fix-double-free-in-stbi__load_gif_main_outofmem.patch fix CVE-2023-45664
+
 * Fri Nov 10 2023 peijiankang <peijiankang@kylinos.cn> - 0.20220908git8b5f1f3-0.7
 - stb_image: fix GHSL-2023-145 / fix CVE-2023-45661
 
-- 
Gitee