packages/freeglut
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

!7 Fix CVE-2024-24258 and CVE-2024-24259

Browse Source 
From: @wk333 
Reviewed-by: @starlet-dx 
Signed-off-by: @starlet-dx
This commit is contained in:
openeuler-ci-bot 2024-02-18 03:08:46 +00:00 committed by Gitee
commit 97b1d3c9cc
No known key found for this signature in database
GPG Key ID: 173E9B9CA92EEF8F
2 changed files with 56 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

51
CVE-2024-24258-and-CVE-2024-24259.patch Normal file
View File

@ -0,0 +1,51 @@
From 9ad320c1ad1a25558998ddfe47674511567fec57 Mon Sep 17 00:00:00 2001
From: Sebastian Rasmussen <sebras@gmail.com>
Date: Mon, 12 Feb 2024 14:46:22 +0800
Subject: [PATCH] Plug memory leak that happens upon error.
Origin: https://github.com/freeglut/freeglut/commit/9ad320c1ad1a25558998ddfe47674511567fec57
If fgStructure.CurrentMenu is set when glutAddMenuEntry() or
glutAddSubMenu() is called the allocated menuEntry variable will
leak. This commit postpones allocating menuEntry until after the
error checks, thereby plugging the memory leak.
This fixes CVE-2024-24258 and CVE-2024-24259.
---
src/fg_menu.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/src/fg_menu.c b/src/fg_menu.c
index 53112dc21..0da88901d 100644
--- a/src/fg_menu.c
+++ b/src/fg_menu.c
@@ -864,12 +864,12 @@ void FGAPIENTRY glutAddMenuEntry( const char* label, int value )
{
SFG_MenuEntry* menuEntry;
FREEGLUT_EXIT_IF_NOT_INITIALISED ( "glutAddMenuEntry" );
- menuEntry = (SFG_MenuEntry *)calloc( sizeof(SFG_MenuEntry), 1 );
freeglut_return_if_fail( fgStructure.CurrentMenu );
if (fgState.ActiveMenus)
fgError("Menu manipulation not allowed while menus in use.");
+ menuEntry = (SFG_MenuEntry *)calloc( sizeof(SFG_MenuEntry), 1 );
menuEntry->Text = strdup( label );
menuEntry->ID = value;
@@ -888,7 +888,6 @@ void FGAPIENTRY glutAddSubMenu( const char *label, int subMenuID )
SFG_Menu *subMenu;
FREEGLUT_EXIT_IF_NOT_INITIALISED ( "glutAddSubMenu" );
- menuEntry = ( SFG_MenuEntry * )calloc( sizeof( SFG_MenuEntry ), 1 );
subMenu = fgMenuByID( subMenuID );
freeglut_return_if_fail( fgStructure.CurrentMenu );
@@ -897,6 +896,7 @@ void FGAPIENTRY glutAddSubMenu( const char *label, int subMenuID )
freeglut_return_if_fail( subMenu );
+ menuEntry = ( SFG_MenuEntry * )calloc( sizeof( SFG_MenuEntry ), 1 );
menuEntry->Text = strdup( label );
menuEntry->SubMenu = subMenu;
menuEntry->ID = -1;

6
freeglut.spec
View File

@ -1,11 +1,12 @@
Name: freeglut Name: freeglut
Version: 3.4.0 Version: 3.4.0
Release: 1 Release: 2
Summary: A freely licensed alternative to the GLUT library Summary: A freely licensed alternative to the GLUT library
License: MIT License: MIT
URL: http://freeglut.sourceforge.net URL: http://freeglut.sourceforge.net
Source0: https://downloads.sourceforge.net/%{name}/%{name}-%{version}.tar.gz Source0: https://downloads.sourceforge.net/%{name}/%{name}-%{version}.tar.gz
Source1: https://downloads.sourceforge.net/openglut/openglut-0.6.3-doc.tar.gz Source1: https://downloads.sourceforge.net/openglut/openglut-0.6.3-doc.tar.gz
Patch0: CVE-2024-24258-and-CVE-2024-24259.patch
BuildRequires: gcc gcc-c++ cmake libXi-devel libICE-devel BuildRequires: gcc gcc-c++ cmake libXi-devel libICE-devel
BuildRequires: pkgconfig libGLU-devel libXext-devel libXxf86vm-devel BuildRequires: pkgconfig libGLU-devel libXext-devel libXxf86vm-devel
@ -67,6 +68,9 @@ install -p -m 644 doc/man/*.3 $RPM_BUILD_ROOT/%{_mandir}/man3
%doc README.md doc/html/*.png doc/html/*.html %doc README.md doc/html/*.png doc/html/*.html
%changelog %changelog
* Sun Feb 18 2024 wangkai <13474090681@163.com> - 3.4.0-2
- Fix CVE-2024-24258 and CVE-2024-24259
* Tue Oct 17 2023 wangkai <13474090681@163.com> - 3.4.0-1 * Tue Oct 17 2023 wangkai <13474090681@163.com> - 3.4.0-1
- Update to 3.4.0 - Update to 3.4.0