packages/assimp
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

!42 [sync] PR-39: fix CVE-2024-45679

Browse Source 
From: @openeuler-sync-bot 
Reviewed-by: @wang--ge 
Signed-off-by: @wang--ge
This commit is contained in:
openeuler-ci-bot 2024-09-19 09:49:45 +00:00 committed by Gitee
commit 192ce75243
No known key found for this signature in database
GPG Key ID: 173E9B9CA92EEF8F
2 changed files with 43 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

38
CVE-2024-45679.patch Normal file
View File

@ -0,0 +1,38 @@
From e4e2c63e0c2c449cd69fb9a3269e865eb83c241d Mon Sep 17 00:00:00 2001
From: Alexandre Avenel <alexandre.avenel@ls-vr.com>
Date: Sat, 4 Nov 2023 10:28:19 +0100
Subject: [PATCH] Fix heap-buffer overflow in PLY parser
Origin: https://github.com/assimp/assimp/commit/e4e2c63e0c2c449cd69fb9a3269e865eb83c241d
---
code/AssetLib/Ply/PlyParser.cpp | 3 ++-
include/assimp/IOStreamBuffer.h | 2 +-
2 files changed, 3 insertions(+), 2 deletions(-)
diff --git a/code/AssetLib/Ply/PlyParser.cpp b/code/AssetLib/Ply/PlyParser.cpp
index 6edba71fca..662da805ea 100644
--- a/code/AssetLib/Ply/PlyParser.cpp
+++ b/code/AssetLib/Ply/PlyParser.cpp
@@ -425,7 +425,8 @@ bool PLY::DOM::ParseHeader(IOStreamBuffer<char> &streamBuffer, std::vector<char>
break;
} else {
// ignore unknown header elements
- streamBuffer.getNextLine(buffer);
+ if (!streamBuffer.getNextLine(buffer))
+ return false;
}
}
diff --git a/include/assimp/IOStreamBuffer.h b/include/assimp/IOStreamBuffer.h
index fae480e715..47db35a957 100644
--- a/include/assimp/IOStreamBuffer.h
+++ b/include/assimp/IOStreamBuffer.h
@@ -287,7 +287,7 @@ static AI_FORCE_INLINE bool isEndOfCache(size_t pos, size_t cacheSize) {
template <class T>
AI_FORCE_INLINE bool IOStreamBuffer<T>::getNextLine(std::vector<T> &buffer) {
buffer.resize(m_cacheSize);
- if (isEndOfCache(m_cachePos, m_cacheSize) || 0 == m_filePos) {
+ if (m_cachePos >= m_cacheSize || 0 == m_filePos) {
if (!readNextBlock()) {
return false;
}

6
assimp.spec
View File

@ -1,6 +1,6 @@
Name: assimp Name: assimp
Version: 5.3.1 Version: 5.3.1
Release: 3 Release: 4
Summary: Library to load and process various 3D model formats into applications. Summary: Library to load and process various 3D model formats into applications.
License: BSD and MIT and LGPL-2.1 and LGPL-2.0 and GPL-2.0 and LGPL-3.0 and GPL-3.0 License: BSD and MIT and LGPL-2.1 and LGPL-2.0 and GPL-2.0 and LGPL-3.0 and GPL-3.0
URL: http://www.assimp.org/ URL: http://www.assimp.org/
@ -13,6 +13,7 @@ URL: http://www.assimp.org/
Source0: assimp-%{version}-free.tar.xz Source0: assimp-%{version}-free.tar.xz
Patch01: CVE-2024-40724-Fix-out-of-bound-access-5651.patch Patch01: CVE-2024-40724-Fix-out-of-bound-access-5651.patch
Patch02: CVE-2024-45679.patch
BuildRequires: gcc-c++ boost-devel cmake dos2unix irrlicht-devel irrXML-devel BuildRequires: gcc-c++ boost-devel cmake dos2unix irrlicht-devel irrXML-devel
BuildRequires: doxygen poly2tri-devel gtest-devel pkgconfig(zziplib) BuildRequires: doxygen poly2tri-devel gtest-devel pkgconfig(zziplib)
@ -92,6 +93,9 @@ install -m 0644 port/PyAssimp/pyassimp/*.py %{buildroot}%{python3_sitelib}/pyass
%{python3_sitelib}/pyassimp %{python3_sitelib}/pyassimp
%changelog %changelog
* Thu Sep 19 2024 wangkai <13474090681@163.com> - 5.3.1-4
- fix CVE-2024-45679
* Mon Jul 22 2024 yinyongkang <yinyongkang@kylinos.cn> - 5.3.1-3 * Mon Jul 22 2024 yinyongkang <yinyongkang@kylinos.cn> - 5.3.1-3
- fix CVE-2024-40724 - fix CVE-2024-40724