packages/SDL2
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

fix CVE-2022-4743

Browse Source 
modified:   SDL2.spec
This commit is contained in:
peng2285 2023-01-10 15:17:56 +08:00
parent 611ce9c248
commit 6edb5a5e86
2 changed files with 38 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

33
CVE-2022-4743.patch Normal file
View File

@ -0,0 +1,33 @@
From 00b67f55727bc0944c3266e2b875440da132ce4b Mon Sep 17 00:00:00 2001
From: zhailiangliang <zhailiangliang@loongson.cn>
Date: Wed, 21 Sep 2022 10:30:38 +0800
Subject: [PATCH] Fix potential memory leak in GLES_CreateTexture
---
src/render/opengles/SDL_render_gles.c | 6 ++++++
1 file changed, 6 insertions(+)
diff --git a/src/render/opengles/SDL_render_gles.c b/src/render/opengles/SDL_render_gles.c
index a5fbab309eda..ba08a46e2805 100644
--- a/src/render/opengles/SDL_render_gles.c
+++ b/src/render/opengles/SDL_render_gles.c
@@ -359,6 +359,9 @@ GLES_CreateTexture(SDL_Renderer * renderer, SDL_Texture * texture)
renderdata->glGenTextures(1, &data->texture);
result = renderdata->glGetError();
if (result != GL_NO_ERROR) {
+ if (texture->access == SDL_TEXTUREACCESS_STREAMING) {
+ SDL_free(data->pixels);
+ }
SDL_free(data);
return GLES_SetError("glGenTextures()", result);
}
@@ -387,6 +390,9 @@ GLES_CreateTexture(SDL_Renderer * renderer, SDL_Texture * texture)
result = renderdata->glGetError();
if (result != GL_NO_ERROR) {
+ if (texture->access == SDL_TEXTUREACCESS_STREAMING) {
+ SDL_free(data->pixels);
+ }
SDL_free(data);
return GLES_SetError("glTexImage2D()", result);
}

6
SDL2.spec
View File

@ -1,6 +1,6 @@
Name: SDL2
Version: 2.0.12
Release: 4
Release: 5
Summary: Cross-platform multimedia library
License: zlib and MIT
URL: http://www.libsdl.org/
@ -12,6 +12,7 @@ Patch0002: Fix-build-against-wayland-1.20.patch
#https://github.com/libsdl-org/SDL/commit/a7ff6e96155f550a5597621ebeddd03c98aa9294
Patch0003: CVE-2020-14409_CVE-2020-14410.patch
Patch6000: backport-CVE-2021-33657.patch
Patch6001: CVE-2022-4743.patch
BuildRequires: alsa-lib-devel audiofile-devel mesa-libGL-devel
BuildRequires: mesa-libGLU-devel mesa-libEGL-devel libglvnd-devel
@ -93,6 +94,9 @@ rm -vf %{buildroot}%{_libdir}/*.la
%{_libdir}/lib*.a
%changelog
* Tue Jan 10 2023 jiangpeng <jiangpeng01@ncti-gba.cn> - 2.0.12-5
- fix CVE-2022-4743
* Mon Apr 11 2022 yaoxin <yaoxin30@h-partners.com> - 2.0.12-4
- Fix CVE-2020-14409 CVE-2020-14410