Fix CVE-2024-48425

(cherry picked from commit 067f8987540bdd02af424a78db92bcd849b0bb70)
2024-09-30 06:15:14 +08:00 · 2024-09-30 06:15:14 +08:00 · c80d9ac88b
commit c80d9ac88b
parent 0b01e1cd9f
2 changed files with 34 additions and 1 deletions
--- a/CVE-2024-48425.patch
+++ b/CVE-2024-48425.patch
@ -0,0 +1,29 @@
+From ecdf8d24b85367b22ba353b4f82299d4af7f1f97 Mon Sep 17 00:00:00 2001
+From: Kim Kulling <kimkulling@users.noreply.github.com>
+Date: Mon, 7 Oct 2024 10:30:45 +0200
+Subject: [PATCH] SplitLargeMeshes: Fix crash (#5799)
+
+- Fix nullptr access when rootnode of the scene is a nullptr. This can happen even if the scene stores any kind of meshes. closes https://github.com/assimp/assimp/issues/5791
+---
+ code/PostProcessing/SplitLargeMeshes.cpp | 5 +++++
+ 1 file changed, 5 insertions(+)
+
+diff --git a/code/PostProcessing/SplitLargeMeshes.cpp b/code/PostProcessing/SplitLargeMeshes.cpp
+index 508a826..6c9713a 100644
+--- a/code/PostProcessing/SplitLargeMeshes.cpp
+++ b/code/PostProcessing/SplitLargeMeshes.cpp
+@@ -109,6 +109,11 @@ void SplitLargeMeshesProcess_Triangle::SetupProperties( const Importer* pImp) {
+ // Update a node after some meshes have been split
+ void SplitLargeMeshesProcess_Triangle::UpdateNode(aiNode* pcNode,
+         const std::vector<std::pair<aiMesh*, unsigned int> >& avList) {
+    if (pcNode == nullptr) {
+        ASSIMP_LOG_WARN("UpdateNode skipped, nullptr detected.");
+        return;
+    }
+
+     // for every index in out list build a new entry
+     std::vector<unsigned int> aiEntries;
+     aiEntries.reserve(pcNode->mNumMeshes + 1);
+-- 
+2.33.0
+
--- a/assimp.spec
+++ b/assimp.spec
@ -1,6 +1,6 @@
 Name:          assimp
 Version:       5.2.4
-Release:       3
+Release:       4
 Summary:       Library to load and process various 3D model formats into applications.
 License:       BSD and MIT and LGPL-2.1 and LGPL-2.0 and GPL-2.0 and LGPL-3.0 and GPL-3.0
 URL:           http://www.assimp.org/
@ -8,6 +8,7 @@ Source0:       https://github.com/assimp/assimp/archive/v%{version}.tar.gz
 Patch0001:     0001-Fix-build-with-zlib.patch
 Patch0002:     CVE-2024-40724-Fix-out-of-bound-access-5651.patch
 Patch0003:     CVE-2024-45679.patch
+Patch0004:     CVE-2024-48425.patch

 BuildRequires: gcc-c++ boost-devel cmake dos2unix irrlicht-devel irrXML-devel
 BuildRequires: doxygen poly2tri-devel gtest-devel pkgconfig(zzip-zlib-config)
@ -86,6 +87,9 @@ install -m 0644 port/PyAssimp/pyassimp/*.py %{buildroot}%{python3_sitelib}/pyass
 %{python3_sitelib}/pyassimp

 %changelog
+* Sat Oct 26 2024 liningjie <liningjie@xfusion.com> - 5.2.4-4
+- Fix CVE-2024-48425
+
 * Thu Sep 19 2024 wangkai <13474090681@163.com> - 5.2.4-3
 - fix CVE-2024-45679