Fix CVE-2025-0633

(cherry picked from commit f5986067df422a3df31b4d9ee4250c1578f277f2)

CVE-2025-0633.patch

@@ -0,0 +1,34 @@
+From 072a39a772a38c475e35a1be311304ca99e9de7f Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Lars=20M=C3=B6llendorf?= <lars@moellendorf.eu>
+Date: Sun, 26 Jan 2025 08:48:23 +0100
+Subject: [PATCH] Fix heap overflow in `iniparser_dumpsection_ini()`
+
+Origin: https://gitlab.com/iniparser/iniparser/-/commit/072a39a772a38c475e35a1be311304ca99e9de7f
+
+...reported in #177
+
+As suggested by the issue reporter this is fixed by returning from
+`iniparser_dumpsection_ini()` in case the length of the passed section name
+of dictionary to dump was bigger than the size of the internal buffer used
+to copy this string to.
+
+Changelog: changed
+---
+ src/iniparser.c | 1 +
+ 1 file changed, 1 insertion(+)
+
+diff --git a/src/iniparser.c b/src/iniparser.c
+index abc8b52..1086b46 100644
+--- a/src/iniparser.c
++++ b/src/iniparser.c
+@@ -327,6 +327,7 @@ void iniparser_dumpsection_ini(const dictionary * d, const char * s, FILE * f)
+ 
+     if (d==NULL || f==NULL) return ;
+     if (! iniparser_find_entry(d, s)) return ;
++    if (strlen(s) > sizeof(keym)) return;
+ 
+     seclen  = (int)strlen(s);
+     fprintf(f, "\n[%s]\n", s);
+-- 
+GitLab
+

iniparser.spec

@@ -1,11 +1,12 @@
 Name:    iniparser
 Version: 4.1
-Release: 5
+Release: 6
 Summary: ini file parser 
 License: MIT and Zlib
 URL:	 https://github.com/ndevilla/iniparser
 Source0: https://github.com/ndevilla/iniparser/archive/v%{version}.tar.gz#/%{name}-%{version}.tar.gz
 Patch0:  CVE-2023-33461.patch
+Patch2:  CVE-2025-0633.patch
 
 BuildRequires: 	gcc doxygen chrpath
 
@@ -54,6 +55,9 @@ echo "%{_libdir}" > %{buildroot}/etc/ld.so.conf.d/%{name}-%{_arch}.conf
 %config(noreplace) /etc/ld.so.conf.d/*
 
 %changelog
+* Fri Mar 07 2025 wangkai <13474090681@163.com> - 4.1-6
+- Fix CVE-2025-0633
+
 * Sun Jun 25 2023 wangkai <13474090681@163.com> - 4.1-5
 - Fix CVE-2023-33461