From 90a33611c1cade02b5bccb8f8f11a7c58f04edee Mon Sep 17 00:00:00 2001
From: wangkerong <wangkerong@h-partners.com>
Date: Wed, 31 Aug 2022 10:14:24 +0800
Subject: [PATCH] fix CVE-2021-42523

---
 backport-0001-CVE-2021-42523.patch | 31 ++++++++-------------
 backport-0002-CVE-2021-42523.patch | 44 +++++++++++++++---------------
 colord.spec                        |  5 +++-
 3 files changed, 37 insertions(+), 43 deletions(-)

diff --git a/backport-0001-CVE-2021-42523.patch b/backport-0001-CVE-2021-42523.patch
index 0c62c7d..6cc421e 100644
--- a/backport-0001-CVE-2021-42523.patch
+++ b/backport-0001-CVE-2021-42523.patch
@@ -1,29 +1,21 @@
-From 6a54706b39e41b47edb3186e5ac6151007a88626 Mon Sep 17 00:00:00 2001
-From: Zero0one1 <summerlinasity@gmail.com>
-Date: Thu, 1 Apr 2021 21:16:56 +0800
-Subject: [PATCH] Fix the potential memory leakage in issue
- https://github.com/hughsie/colord/issues/110 by setting the 5th paramerter of
- sqlite3_exec() to NULL
+From adf41f36cf7214d7d6fa8d528b74eba47c377405 Mon Sep 17 00:00:00 2001
+From: Zero0one1 <arya_lee@qq.com>
+Date: Fri, 2 Apr 2021 16:45:56 +0800
+Subject: [PATCH] Fix a small memory leak in sqlite3_exec()
+
+Fixes https://github.com/hughsie/colord/issues/110
 
 Conflict:NA
-Reference:https://github.com/hughsie/colord/pull/130/commits/6a54706b39e41b47edb3186e5ac6151007a88626
+Reference:https://github.com/hughsie/colord/commit/adf41f36cf7214d7d6fa8d528b74eba47c377405
+
 ---
- src/cd-device-db.c | 4 ++--
- 1 file changed, 2 insertions(+), 2 deletions(-)
+ src/cd-device-db.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
 
 diff --git a/src/cd-device-db.c b/src/cd-device-db.c
-index a212c83d..8da1a4a9 100644
+index a212c83d..3ae44ef2 100644
 --- a/src/cd-device-db.c
 +++ b/src/cd-device-db.c
-@@ -79,7 +79,7 @@ cd_device_db_load (CdDeviceDb *ddb,
- 
- 	/* check devices */
- 	rc = sqlite3_exec (priv->db, "SELECT * FROM devices LIMIT 1",
--			   NULL, NULL, &error_msg);
-+			   NULL, NULL, NULL);
- 	if (rc != SQLITE_OK) {
- 		g_debug ("CdDeviceDb: creating table to repair: %s", error_msg);
- 		sqlite3_free (error_msg);
 @@ -91,7 +91,7 @@ cd_device_db_load (CdDeviceDb *ddb,
  
  	/* check properties version 2 */
@@ -33,4 +25,3 @@ index a212c83d..8da1a4a9 100644
  	if (rc != SQLITE_OK) {
  		statement = "CREATE TABLE properties_v2 ("
  			    "device_id TEXT,"
-
diff --git a/backport-0002-CVE-2021-42523.patch b/backport-0002-CVE-2021-42523.patch
index 44fee9c..e4880d5 100644
--- a/backport-0002-CVE-2021-42523.patch
+++ b/backport-0002-CVE-2021-42523.patch
@@ -1,25 +1,25 @@
-From 2ca40d1732bb233a8a6da59a3413abb92aebf8e1 Mon Sep 17 00:00:00 2001
-From: Zero0one1 <summerlinasity@gmail.com>
-Date: Fri, 2 Apr 2021 13:48:17 +0800
-Subject: [PATCH] Leave the used error_msg unchanged
+From 1452a975ecae14299fb27d41522dfd32305481ce Mon Sep 17 00:00:00 2001
+From: Richard Hughes <richard@hughsie.com>
+Date: Wed, 13 Apr 2022 14:21:32 +0100
+Subject: [PATCH] trivial: Fix a small memory leak on db open failure
 
-Conflict:NA
-Reference:https://github.com/hughsie/colord/pull/130/commits/2ca40d1732bb233a8a6da59a3413abb92aebf8e1
+Conflict:Using g_autofree will make the testcase fail, so here we use sqlite3_free to free the memory
+Reference:https://github.com/hughsie/colord/commit/1452a975ecae14299fb27d41522dfd32305481ce
 ---
- src/cd-device-db.c | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/src/cd-device-db.c b/src/cd-device-db.c
-index 8da1a4a9..3ae44ef2 100644
---- a/src/cd-device-db.c
-+++ b/src/cd-device-db.c
-@@ -79,7 +79,7 @@ cd_device_db_load (CdDeviceDb *ddb,
- 
- 	/* check devices */
- 	rc = sqlite3_exec (priv->db, "SELECT * FROM devices LIMIT 1",
--			   NULL, NULL, NULL);
-+			   NULL, NULL, &error_msg);
- 	if (rc != SQLITE_OK) {
- 		g_debug ("CdDeviceDb: creating table to repair: %s", error_msg);
- 		sqlite3_free (error_msg);
+ src/cd-profile-db.c | 1 +
+ 1 file changed, 1 insertion(+)
 
+diff --git a/src/cd-profile-db.c b/src/cd-profile-db.c
+index 5661d09..d6361ac 100644
+--- a/src/cd-profile-db.c
++++ b/src/cd-profile-db.c
+@@ -87,6 +87,7 @@ cd_profile_db_load (CdProfileDb *pdb,
+ 			    "uid INTEGER,"
+ 			    "value TEXT,"
+ 			    "PRIMARY KEY (profile_id, property, uid));";
++		sqlite3_free (error_msg);
+ 		sqlite3_exec (priv->db, statement, NULL, NULL, NULL);
+ 	}
+ 	return TRUE;
+-- 
+2.33.0
diff --git a/colord.spec b/colord.spec
index f72fa61..b5f8661 100644
--- a/colord.spec
+++ b/colord.spec
@@ -1,6 +1,6 @@
 Name:           colord
 Version:        1.4.5
-Release:        3
+Release:        4
 Summary:        A system activated daemon
 License:        GPLv2+ and LGPLv2+
 URL:            https://www.freedesktop.org/software/colord/
@@ -171,6 +171,9 @@ exit 0
 %{_datadir}/man/man1/*.1.gz
 
 %changelog
+* Wed Aug 31 2022 wangkerong <wangkerong@h-partners.com> - 1.4.5-4
+- fix CVE-2021-42523
+
 * Mon Aug 29 2022 wangkerong <wangkerong@h-partners.com> - 1.4.5-3
 - fix CVE-2021-42523