fix CVE-2024-40724

(cherry picked from commit b2ffc000a1b86badfe3fd6773031ed1195f8c7ca)
2024-07-22 16:02:11 +08:00 · 2024-07-22 16:02:11 +08:00 · 61e63033a8
commit 61e63033a8
parent 6050929ca2
2 changed files with 33 additions and 1 deletions
--- a/CVE-2024-40724-Fix-out-of-bound-access-5651.patch
+++ b/CVE-2024-40724-Fix-out-of-bound-access-5651.patch
@ -0,0 +1,27 @@
+From ddb74c2bbdee1565dda667e85f0c82a0588c8053 Mon Sep 17 00:00:00 2001
+From: Kim Kulling <kimkulling@users.noreply.github.com>
+Date: Wed, 3 Jul 2024 21:37:24 +0200
+Subject: [PATCH] Fix out of bound access (#5651)
+
+---
+ code/AssetLib/Ply/PlyLoader.cpp | 4 ++++
+ 1 file changed, 4 insertions(+)
+
+diff --git a/code/AssetLib/Ply/PlyLoader.cpp b/code/AssetLib/Ply/PlyLoader.cpp
+index 783c7f1..e109541 100644
+--- a/code/AssetLib/Ply/PlyLoader.cpp
+++ b/code/AssetLib/Ply/PlyLoader.cpp
+@@ -567,6 +567,10 @@ void PLYImporter::LoadFace(const PLY::Element *pcElement, const PLY::ElementInst
+         if (mGeneratedMesh->mFaces == nullptr) {
+             mGeneratedMesh->mNumFaces = pcElement->NumOccur;
+             mGeneratedMesh->mFaces = new aiFace[mGeneratedMesh->mNumFaces];
+        } else {
+            if (mGeneratedMesh->mNumFaces < pcElement->NumOccur) {
+                throw DeadlyImportError("Invalid .ply file: Too many faces");
+            }
+         }
+ 
+         if (!bIsTriStrip) {
+-- 
+2.41.0
+
--- a/assimp.spec
+++ b/assimp.spec
@ -1,11 +1,13 @@
 Name:          assimp
 Version:       5.2.4
-Release:       1
+Release:       2
 Summary:       Library to load and process various 3D model formats into applications.
 License:       BSD and MIT and LGPL-2.1 and LGPL-2.0 and GPL-2.0 and LGPL-3.0 and GPL-3.0
 URL:           http://www.assimp.org/
 Source0:       https://github.com/assimp/assimp/archive/v%{version}.tar.gz
 Patch0001:     0001-Fix-build-with-zlib.patch
+Patch0002:     CVE-2024-40724-Fix-out-of-bound-access-5651.patch
+
 BuildRequires: gcc-c++ boost-devel cmake dos2unix irrlicht-devel irrXML-devel
 BuildRequires: doxygen poly2tri-devel gtest-devel pkgconfig(zzip-zlib-config)
 BuildRequires: pkgconfig(zlib) pkgconfig(minizip) gmock-devel make
@ -83,6 +85,9 @@ install -m 0644 port/PyAssimp/pyassimp/*.py %{buildroot}%{python3_sitelib}/pyass
 %{python3_sitelib}/pyassimp

 %changelog
+* Mon Jul 22 2024 yinyongkang <yinyongkang@kylinos.cn> - 5.2.4-2
+- fix CVE-2024-40724
+
 * Mon Oct 17 2022 yaoxin <yaoxin30@h-partners.com> - 5.2.4-1
 - Upgrade to 5.2.4