Fix CVE-2025-2151
This commit is contained in:
wk333
parent
90836a5804
commit
2c542bd2a0
29
CVE-2025-2151.patch
Normal file
29
CVE-2025-2151.patch
Normal file
@ -0,0 +1,29 @@
|
||||
From d2c6e64a1122884570caf4aaa589d810f5351f28 Mon Sep 17 00:00:00 2001
|
||||
From: Kim Kulling <kimkulling@users.noreply.github.com>
|
||||
Date: Thu, 13 Mar 2025 10:17:43 +0100
|
||||
Subject: [PATCH] Fix: Avoid override in line parsing (#6048)
|
||||
|
||||
Origin: https://github.com/assimp/assimp/commit/d2c6e64a1122884570caf4aaa589d810f5351f28
|
||||
|
||||
* Fix: Avoid override in line parsing
|
||||
|
||||
- closes https://github.com/assimp/assimp/issues/6026
|
||||
|
||||
* Update ParsingUtils.h
|
||||
---
|
||||
include/assimp/ParsingUtils.h | 2 +-
|
||||
1 file changed, 1 insertion(+), 1 deletion(-)
|
||||
|
||||
diff --git a/include/assimp/ParsingUtils.h b/include/assimp/ParsingUtils.h
|
||||
index f5908ee245..9882cf1148 100644
|
||||
--- a/include/assimp/ParsingUtils.h
|
||||
+++ b/include/assimp/ParsingUtils.h
|
||||
@@ -167,7 +167,7 @@ AI_FORCE_INLINE bool GetNextLine(const char_t *&buffer, char_t out[BufferSize])
|
||||
}
|
||||
*_out = (char_t)'\0';
|
||||
|
||||
- while (IsLineEnd(*buffer) && '\0' != *buffer) {
|
||||
+ while (IsLineEnd(*buffer) && '\0' != *buffer && buffer != end) {
|
||||
++buffer;
|
||||
}
|
||||
|
||||
@ -1,6 +1,6 @@
|
||||
Name: assimp
|
||||
Version: 5.3.1
|
||||
Release: 6
|
||||
Release: 7
|
||||
Summary: Library to load and process various 3D model formats into applications.
|
||||
License: BSD and MIT and LGPL-2.1 and LGPL-2.0 and GPL-2.0 and LGPL-3.0 and GPL-3.0
|
||||
URL: http://www.assimp.org/
|
||||
@ -20,6 +20,7 @@ Patch05: CVE-2024-48423.patch
|
||||
Patch06: CVE-2024-48424.patch
|
||||
Patch07: CVE-2024-53425-pre-Fix-Add-check-for-invalid-input-argument.patch
|
||||
Patch08: CVE-2024-53425.patch
|
||||
Patch09: CVE-2025-2151.patch
|
||||
|
||||
BuildRequires: gcc-c++ boost-devel cmake dos2unix irrlicht-devel irrXML-devel
|
||||
BuildRequires: doxygen poly2tri-devel gtest-devel pkgconfig(zziplib)
|
||||
@ -99,6 +100,9 @@ install -m 0644 port/PyAssimp/pyassimp/*.py %{buildroot}%{python3_sitelib}/pyass
|
||||
%{python3_sitelib}/pyassimp
|
||||
|
||||
%changelog
|
||||
* Thu Mar 20 2025 wangkai <13474090681@163.com> - 5.3.1-7
|
||||
- Fix CVE-2025-2151
|
||||
|
||||
* Tue Feb 11 2025 yaoxin <1024769339@qq.com> - 5.3.1-6
|
||||
- Fix CVE-2024-48423,CVE-2024-48424 and CVE-2024-53425
|
||||
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user