backport some upstream patches

backport-icalcomponent.c-avoid-crashing-in-icalcomponent_normalize.patch

@@ -0,0 +1,28 @@
+From d8345bffcbf5a7e550388c7354818caed4a1e8ad Mon Sep 17 00:00:00 2001
+From: Allen Winter <winter@kde.org>
+Date: Sun, 2 Jun 2024 10:35:02 -0400
+Subject: [PATCH] icalcomponent.c - avoid crashing in icalcomponent_normalize
+
+Avoid a crash in icalcomponent_normalize() by returning
+immediately if the specified component in NULL.
+
+Should fix fuzzer issues 52787 and 56539.
+---
+ src/libical/icalcomponent.c | 4 ++++
+ 1 file changed, 4 insertions(+)
+
+diff --git a/src/libical/icalcomponent.c b/src/libical/icalcomponent.c
+index 8fc61a330..be524767d 100644
+--- a/src/libical/icalcomponent.c
++++ b/src/libical/icalcomponent.c
+@@ -2628,6 +2628,10 @@ void icalcomponent_normalize(icalcomponent *comp)
+     icalproperty *prop;
+     icalcomponent *sub;
+ 
++    icalerror_check_arg(comp != 0, "comp");
++    if (!comp)
++        return;
++
+     /* Normalize properties into sorted list */
+     while ((prop = pvl_pop(comp->properties)) != 0) {
+         int nparams, remove = 0;

backport-icalcomponent.c-fix-a-memleak-in-icalcomponent_normalize.patch

@@ -0,0 +1,37 @@
+From 14294634579557fee136128d410211ea53635c5c Mon Sep 17 00:00:00 2001
+From: Allen Winter <winter@kde.org>
+Date: Sun, 2 Jun 2024 11:03:33 -0400
+Subject: [PATCH] icalcomponent.c - fix a memleak in icalcomponent_normalize()
+
+Fix a memleak introduced in the previous commit.
+Make sure to return on NULL specified component *before*
+the pvl_lists are created;.
+---
+ src/libical/icalcomponent.c | 7 +++++--
+ 1 file changed, 5 insertions(+), 2 deletions(-)
+
+diff --git a/src/libical/icalcomponent.c b/src/libical/icalcomponent.c
+index be524767d..9c2db5299 100644
+--- a/src/libical/icalcomponent.c
++++ b/src/libical/icalcomponent.c
+@@ -2623,15 +2623,18 @@ static int comp_compare(void *a, void *b)
+ 
+ void icalcomponent_normalize(icalcomponent *comp)
+ {
+-    pvl_list sorted_props = pvl_newlist();
+-    pvl_list sorted_comps = pvl_newlist();
+     icalproperty *prop;
+     icalcomponent *sub;
++    pvl_list sorted_props;
++    pvl_list sorted_comps;
+ 
+     icalerror_check_arg(comp != 0, "comp");
+     if (!comp)
+         return;
+ 
++    sorted_props = pvl_newlist();
++    sorted_comps = pvl_newlist();
++
+     /* Normalize properties into sorted list */
+     while ((prop = pvl_pop(comp->properties)) != 0) {
+         int nparams, remove = 0;

libical.spec

@@ -1,6 +1,6 @@
 Name:           libical
 Version:        3.0.17
-Release:        1
+Release:        2
 Summary:        An Open Source implementation of the iCalendar protocols and protocol data formats.
 License:        LGPL-2.0-only or MPL-2.0
 URL:            https://libical.github.io/libical/
@@ -14,6 +14,8 @@ Provides:       libical-glib = %{version}-%{release}
 Obsoletes:      libical-glib < %{version}-%{release}
 
 Patch0: 	libical-bugfix-timeout-found-by-fuzzer.patch
+Patch1:         backport-icalcomponent.c-avoid-crashing-in-icalcomponent_normalize.patch
+Patch2:         backport-icalcomponent.c-fix-a-memleak-in-icalcomponent_normalize.patch
 
 %description
 Libical is an open source implementation of the IETF's iCalendar calendaring
@@ -79,6 +81,13 @@ make test ARGS="-V" -C %{_target_platform}
 %{_datadir}/gtk-doc/html/%{name}-glib
 
 %changelog
+* Wed Aug 28 2024 yanglu <yanglu72@h-partners.com> - 3.0.17-2
+- Type:bugfix
+- Id:NA
+- SUG:NA
+- DESC:avoid crashing in icalcomponent_normalize
+       fix a memleak in icalcomponent_normalize
+
 * Thu Dec 28 2023 yanglu <yanglu72@h-partners.com> - 3.0.17-1
 - Type:requirements
 - Id:NA