!38 [sync] PR-37: Fix CVE-2024-58249

From: @openeuler-sync-bot 
Reviewed-by: @weidongkl 
Signed-off-by: @weidongkl

CVE-2024-58249.patch

@@ -0,0 +1,176 @@
+From f2918a9ac823074901ce27de939baa57788beb3d Mon Sep 17 00:00:00 2001
+From: Vadim Zeitlin <vadim@wxwidgets.org>
+Date: Sun, 27 Oct 2024 00:56:21 +0200
+Subject: [PATCH] Fix crash when connection is refused in wxWebRequestCURL
+
+Refer: https://github.com/wxWidgets/wxWidgets/commit/f2918a9ac823074901ce27de939baa57788beb3d
+
+Avoid deleting wxEventLoopSourceHandler which may be still in use, as is
+the case when we get write IO notification just before an error one: if
+we delete the handler while handling the former, we crash when getting
+the latter one.
+
+Use a hack to avoid deleting the handlers for which write notification
+is being processed and delete them later, when we get the error one.
+
+See #24885.
+
+(cherry picked from commit 4e0fca8ab9756989598d07b41e672af86eac7092)
+
+---
+ src/common/webrequest_curl.cpp | 80 +++++++++++++++++++++++++---------
+ 1 file changed, 60 insertions(+), 20 deletions(-)
+
+diff --git a/src/common/webrequest_curl.cpp b/src/common/webrequest_curl.cpp
+index 91a8aec..e7a0ce5 100644
+--- a/src/common/webrequest_curl.cpp
++++ b/src/common/webrequest_curl.cpp
+@@ -685,10 +685,13 @@ SocketPollerImpl* SocketPollerImpl::Create(wxEvtHandler* hndlr)
+ 
+ // SocketPollerSourceHandler - a source handler used by the SocketPoller class.
+ 
++class SourceSocketPoller;
++
+ class SocketPollerSourceHandler: public wxEventLoopSourceHandler
+ {
+ public:
+-    SocketPollerSourceHandler(wxSOCKET_T, wxEvtHandler*);
++    SocketPollerSourceHandler(wxSOCKET_T sock, SourceSocketPoller* poller)
++        : m_socket(sock), m_poller(poller) {}
+ 
+     void OnReadWaiting() wxOVERRIDE;
+     void OnWriteWaiting() wxOVERRIDE;
+@@ -697,16 +700,9 @@ public:
+ private:
+     void SendEvent(int);
+     wxSOCKET_T m_socket;
+-    wxEvtHandler* m_handler;
++    SourceSocketPoller* const m_poller;
+ };
+ 
+-SocketPollerSourceHandler::SocketPollerSourceHandler(wxSOCKET_T sock,
+-                                                     wxEvtHandler* hndlr)
+-{
+-    m_socket = sock;
+-    m_handler = hndlr;
+-}
+-
+ void SocketPollerSourceHandler::OnReadWaiting()
+ {
+     SendEvent(SocketPoller::READY_FOR_READ);
+@@ -722,14 +718,6 @@ void SocketPollerSourceHandler::OnExceptionWaiting()
+     SendEvent(SocketPoller::HAS_ERROR);
+ }
+ 
+-void SocketPollerSourceHandler::SendEvent(int result)
+-{
+-    wxThreadEvent event(wxEVT_SOCKET_POLLER_RESULT);
+-    event.SetPayload<wxSOCKET_T>(m_socket);
+-    event.SetInt(result);
+-    m_handler->ProcessEvent(event);
+-}
+-
+ // SourceSocketPoller - a SocketPollerImpl based on event loop sources.
+ 
+ class SourceSocketPoller: public SocketPollerImpl
+@@ -741,6 +729,8 @@ public:
+     void StopPolling(wxSOCKET_T) wxOVERRIDE;
+     void ResumePolling(wxSOCKET_T) wxOVERRIDE;
+ 
++    void SendEvent(curl_socket_t sock, int result);
++
+ private:
+     WX_DECLARE_HASH_MAP(wxSOCKET_T, wxEventLoopSource*, wxIntegerHash,\
+                         wxIntegerEqual, SocketDataMap);
+@@ -749,11 +739,25 @@ private:
+ 
+     SocketDataMap m_socketData;
+     wxEvtHandler* m_handler;
++
++    // The socket for which we're currently processing a write IO notification.
++    curl_socket_t m_activeWriteSocket;
++
++    // The sockets that we couldn't clean up yet but should do if/when we get
++    // an error notification for them.
++    wxVector<curl_socket_t> m_socketsToCleanUp;
+ };
+ 
++// This function must be implemented after full SourceSocketPoller declaration.
++void SocketPollerSourceHandler::SendEvent(int result)
++{
++    m_poller->SendEvent(m_socket, result);
++}
++
+ SourceSocketPoller::SourceSocketPoller(wxEvtHandler* hndlr)
+ {
+     m_handler = hndlr;
++    m_activeWriteSocket = 0;
+ }
+ 
+ SourceSocketPoller::~SourceSocketPoller()
+@@ -803,9 +807,7 @@ bool SourceSocketPoller::StartPolling(wxSOCKET_T sock, int pollAction)
+     }
+     else
+     {
+-        // Otherwise create a new source handler.
+-        srcHandler =
+-            new SocketPollerSourceHandler(sock, m_handler);
++        srcHandler = new SocketPollerSourceHandler(sock, this);
+     }
+ 
+     // Get a new source object for these polling checks.
+@@ -839,6 +841,15 @@ bool SourceSocketPoller::StartPolling(wxSOCKET_T sock, int pollAction)
+ 
+ void SourceSocketPoller::StopPolling(wxSOCKET_T sock)
+ {
++    if ( sock == m_activeWriteSocket )
++    {
++        // We can't clean up the socket while we're inside OnWriteWaiting() for
++        // it because it could be followed by OnExceptionWaiting() and we'd
++        // crash if we deleted it already.
++        m_socketsToCleanUp.push_back(sock);
++        return;
++    }
++
+     SocketDataMap::iterator it = m_socketData.find(sock);
+ 
+     if ( it != m_socketData.end() )
+@@ -852,6 +863,35 @@ void SourceSocketPoller::ResumePolling(wxSOCKET_T WXUNUSED(sock))
+ {
+ }
+ 
++void SourceSocketPoller::SendEvent(curl_socket_t sock, int result)
++{
++    if ( result == SocketPoller::READY_FOR_WRITE )
++    {
++        // Prevent the handler from this socket from being deleted in case we
++        // get a HAS_ERROR event for it immediately after this one.
++        m_activeWriteSocket = sock;
++    }
++
++    wxThreadEvent event(wxEVT_SOCKET_POLLER_RESULT);
++    event.SetPayload<curl_socket_t>(sock);
++    event.SetInt(result);
++    m_handler->ProcessEvent(event);
++
++    m_activeWriteSocket = 0;
++
++    if ( result == SocketPoller::HAS_ERROR )
++    {
++        // Check if we have any sockets to clean up and do it now, it should be
++        // safe.
++        for ( size_t n = 0; n < m_socketsToCleanUp.size(); ++n )
++        {
++            StopPolling(m_socketsToCleanUp[n]);
++        }
++
++        m_socketsToCleanUp.clear();
++    }
++}
++
+ void SourceSocketPoller::CleanUpSocketSource(wxEventLoopSource* source)
+ {
+     wxEventLoopSourceHandler* srcHandler = source->GetHandler();
+-- 
+2.48.1
+

add-pie-compile-option.patch

@@ -0,0 +1,12 @@
+diff -Nur a/utils/wxrc/Makefile.in b/utils/wxrc/Makefile.in
+--- a/utils/wxrc/Makefile.in	2023-09-07 15:51:55.352827569 +0800
++++ b/utils/wxrc/Makefile.in	2023-09-07 16:05:11.820373156 +0800
+@@ -114,7 +114,7 @@
+ 	rm -f config.cache config.log config.status bk-deps bk-make-pch Makefile
+ 
+ @COND_USE_XML_1@wxrc$(EXEEXT): $(WXRC_OBJECTS)
+-@COND_USE_XML_1@	$(CXX) -o $@ $(WXRC_OBJECTS)    -L$(LIBDIRNAME)  $(LDFLAGS)  $(WX_LDFLAGS) $(__WXLIB_XML_p) $(EXTRALIBS_XML) $(__WXLIB_BASE_p)  $(__WXLIB_MONO_p) $(__LIB_PNG_IF_MONO_p) $(__LIB_ZLIB_p) $(__LIB_REGEX_p) $(__LIB_EXPAT_p) $(EXTRALIBS_FOR_BASE) $(LIBS)
++@COND_USE_XML_1@	$(CXX) -fPIE -o $@ $(WXRC_OBJECTS)    -L$(LIBDIRNAME)  $(LDFLAGS)  $(WX_LDFLAGS) $(__WXLIB_XML_p) $(EXTRALIBS_XML) $(__WXLIB_BASE_p)  $(__WXLIB_MONO_p) $(__LIB_PNG_IF_MONO_p) $(__LIB_ZLIB_p) $(__LIB_REGEX_p) $(__LIB_EXPAT_p) $(EXTRALIBS_FOR_BASE) $(LIBS)
+ 
+ @COND_USE_XML_1@install_wxrc: $(__wxrc___depname)
+ @COND_USE_XML_1@	$(INSTALL_DIR) $(DESTDIR)$(bindir)

wx-config

@@ -5,7 +5,7 @@
 # Usage: wx-config [--arch <arch>] <regular wx-config options>
 #
 
-version=3.0
+version=3.2
 
 if [ $# -ge 2 ]; then
     if [ $1 = "--arch" ]; then
@@ -22,7 +22,7 @@ case $arch in
     i?86|ppc|s390|sparc|arm*|ia64|mips|mipsel|riscv32)
         libdir=/usr/lib
         ;;
-    x86_64|ppc64|s390x|sparc64|aarch64|ppc64le|mips64*|riscv64|loongarch64)
+    x86_64|ppc64|s390x|sparc64|aarch64|ppc64le|mips64*|riscv64|loongarch64|sw_64)
         libdir=/usr/lib64
         ;;
     *)
@@ -46,6 +46,6 @@ fi
 if [ -x $wxconfig ]; then
     exec $wxconfig $@
 else
-    echo "wxWidgets3-devel isn't installed for architecture '$arch'"
+    echo "wxGTK-devel isn't installed for architecture '$arch'"
     exit 9
 fi

wxGTK3-3.0.3-abicheck.patch

@@ -1,14 +0,0 @@
---- wxWidgets-3.0.2/src/common/appbase.cpp.abicheck	2015-05-28 12:36:40.697163073 +0900
-+++ wxWidgets-3.0.2/src/common/appbase.cpp	2015-05-28 12:38:30.597154298 +0900
-@@ -762,10 +762,7 @@
-         msg.Printf(wxT("Mismatch between the program and library build versions detected.\nThe library used %s,\nand %s used %s."),
-                    lib.c_str(), progName.c_str(), prog.c_str());
- 
--        wxLogFatalError(msg.c_str());
--
--        // normally wxLogFatalError doesn't return
--        return false;
-+        wxLogWarning(msg.c_str());
-     }
- 
-     return true;

wxGTK3-3.1.6-abicheck.patch

@@ -0,0 +1,16 @@
+diff -up wxWidgets-3.1.6/src/common/appbase.cpp.abicheck wxWidgets-3.1.6/src/common/appbase.cpp
+--- wxWidgets-3.1.6/src/common/appbase.cpp.abicheck	2022-04-04 09:41:33.000000000 -0400
++++ wxWidgets-3.1.6/src/common/appbase.cpp	2022-04-04 19:14:33.883814729 -0400
+@@ -843,11 +843,8 @@ bool wxAppConsoleBase::CheckBuildOptions
+         wxString prog = wxString::FromAscii(optionsSignature);
+         wxString progName = wxString::FromAscii(componentName);
+ 
+-        wxLogFatalError(wxT("Mismatch between the program and library build versions detected.\nThe library used %s,\nand %s used %s."),
++        wxLogWarning(wxT("Mismatch between the program and library build versions detected.\nThe library used %s,\nand %s used %s."),
+                         lib, progName, prog);
+-
+-        // normally wxLogFatalError doesn't return
+-        return false;
+     }
+ 
+     return true;

wxGTK3.spec

@@ -1,13 +1,15 @@
 Name:           wxGTK3
-Version:        3.0.4
-Release:        8
+Version:        3.2.2.1
+Release:        4
 Summary:        C++ Library for Cross-Platform Development
 
 License:        GPL-2.0-or-later or LGPL-2.1-only
 URL:            https://www.wxwidgets.org/
 Source0:        https://github.com/wxWidgets/wxWidgets/releases/download/v%{version}/wxWidgets-%{version}.tar.bz2
 Source1:        wx-config
-Patch0001:      wxGTK3-3.0.3-abicheck.patch
+Patch0001:      wxGTK3-3.1.6-abicheck.patch
+Patch0002:      add-pie-compile-option.patch
+Patch0003:      CVE-2024-58249.patch
 
 BuildRequires:  gtk2-devel gtk3-devel webkit2gtk3-devel zlib-devel libpng-devel libjpeg-devel
 BuildRequires:  libtiff-devel expat-devel SDL2-devel libGLU-devel libSM-devel gstreamer1-plugins-base-devel
@@ -103,7 +105,7 @@ This package provides documentation for the wxGTK3-docs library.
 %prep
 %autosetup -n wxWidgets-%{version} -p1
 
-sed -i -e 's|aclocal)|aclocal/wxwin3.m4)|;s|wxstd.mo|wxstd3.mo|;s|wxmsw.mo|wxmsw3.mo|' Makefile.in
+sed -i -e 's|aclocal)|aclocal/wxwin32.m4)|;s|wxstd.mo|wxstd3.mo|;s|wxmsw.mo|wxmsw3.mo|' Makefile.in
 sed -i -e 's|/usr/lib\b|%{_libdir}|' wx-config.in configure
 sed -i -e 's|/lib|/%{_lib}|' src/unix/stdpaths.cpp
 sed -i -e 's|$CPPUNIT_CONFIG --version|$CPPUNIT_CONFIG --modversion|' configure
@@ -118,16 +120,16 @@ export CPPUNIT_CONFIG="/usr/bin/pkg-config cppunit"
 
 install -d bld_gtk2
 cd bld_gtk2
-%configure --with-gtk=2 --with-opengl --with-sdl --with-gnomeprint --with-libmspack --enable-intl \
-  --enable-no_deps --disable-rpath --enable-ipv6
+%configure --with-gtk=2 --with-opengl --with-sdl --with-libmspack --enable-intl \
+  --disable-rpath --disable-glcanvasegl --enable-ipv6
 
 %make_build
 cd -
 
 install -d bld_gtk3
 cd bld_gtk3
-%configure --with-gtk=3 --with-opengl --with-sdl --with-gnomeprint --with-libmspack --enable-intl \
-  --enable-no_deps --disable-rpath --enable-ipv6
+%configure --with-gtk=3 --with-opengl --with-sdl --with-libmspack --enable-intl \
+  --disable-rpath --disable-glcanvasegl --enable-ipv6
 
 %make_build
 cd -
@@ -141,29 +143,28 @@ cd -
 
 %install
 cd bld_gtk2
-%makeinstall
+%make_install
 cd -
 
 cd bld_gtk3
-%makeinstall
+%make_install
 cd -
 
 rm %{buildroot}%{_bindir}/wx-config
 install -pD -m 755 %{SOURCE1} %{buildroot}%{_libexecdir}/wxGTK3/wx-config
-ln -s ../..%{_libexecdir}/wxGTK3/wx-config %{buildroot}%{_bindir}/wx-config-3.0
+sed -i -e 's|=/usr|=%{_prefix}|' %{buildroot}%{_libexecdir}/%{name}/wx-config
+ln -s ../..%{_libexecdir}/wxGTK3/wx-config %{buildroot}%{_bindir}/wx-config-3.2
 touch %{buildroot}%{_bindir}/wx-config
 
 mv %{buildroot}%{_bindir}/wxrc* %{buildroot}%{_libexecdir}/wxGTK3
-ln -s ../..%{_libexecdir}/wxGTK3/wxrc-3.0 %{buildroot}%{_bindir}/wxrc-3.0
+ln -s ../..%{_libexecdir}/wxGTK3/wxrc-3.2 %{buildroot}%{_bindir}/wxrc-3.2
 touch %{buildroot}%{_bindir}/wxrc
 
 
-install -d %{buildroot}%{_datadir}/bakefile/presets/wx3
-mv %{buildroot}%{_datadir}/bakefile/presets/*.* %{buildroot}%{_datadir}/bakefile/presets/wx3
+install -d %{buildroot}%{_datadir}/bakefile/presets/wx32
+mv %{buildroot}%{_datadir}/bakefile/presets/*.* %{buildroot}%{_datadir}/bakefile/presets/wx32
 
-%find_lang wxstd3
-%find_lang wxmsw3
-cat wxmsw3.lang >> wxstd3.lang
+%find_lang wxstd-3.2
 
 %check
 cd bld_gtk2/tests
@@ -177,9 +178,9 @@ cd -
 %post -n wxBase3-devel
 if [ -f %{_bindir}/wx-config ] && [ ! -h %{_bindir}/wx-config ] ; then rm %{_bindir}/wx-config; fi;
 
-%{_sbindir}/update-alternatives --install %{_bindir}/wx-config wx-config %{_libexecdir}/%{name}/wx-config 3
+%{_sbindir}/update-alternatives --install %{_bindir}/wx-config wx-config %{_libexecdir}/%{name}/wx-config 25
 
-%{_sbindir}/update-alternatives --install %{_bindir}/wxrc wxrc %{_libexecdir}/%{name}/wxrc 3
+%{_sbindir}/update-alternatives --install %{_bindir}/wxrc wxrc %{_libexecdir}/%{name}/wxrc 25
 
 %postun -n wxBase3-devel
 if [ $1 -eq 0 ] ; then
@@ -190,33 +191,31 @@ fi
 %files
 %{_libdir}/libwx_gtk3u_*.so.*
 %dir %{_libdir}/wx
-%{_libdir}/wx/3.0
+%{_libdir}/wx/3.2
 
 %files -n compat-wxGTK3-gtk2
 %{_libdir}/libwx_gtk2u_*.so.*
 
 %files -n wxBase3-devel
 %ghost %{_bindir}/{wx-config,wxrc}
-%{_bindir}/{wxrc-3.0,wx-config-3.0}
-%{_includedir}/wx-3.0
+%{_bindir}/{wxrc-3.2,wx-config-3.2}
+%{_includedir}/wx-3.2
 %{_libdir}/libwx_baseu*.so
 %dir %{_libdir}/wx
 %dir %{_libdir}/wx/config
 %dir %{_libdir}/wx/include
-%{_datadir}/{aclocal/wxwin3.m4,bakefile/presets/wx3}
-%exclude %{_datadir}/bakefile/presets/wx3/*.pyc
-%exclude %{_datadir}/bakefile/presets/wx3/*.pyo
+%{_datadir}/{aclocal/wxwin32.m4,bakefile/presets/wx32}
 %{_libexecdir}/wxGTK3
 
 %files devel
 %{_libdir}/libwx_gtk3u_*.so
-%{_libdir}/wx/{config/gtk3-unicode-3.0,include/gtk3-unicode-3.0}
+%{_libdir}/wx/{config/gtk3-unicode-3.2,include/gtk3-unicode-3.2}
 
 %files -n compat-wxGTK3-gtk2-devel
 %{_libdir}/libwx_gtk2u_*.so
-%{_libdir}/wx/{config/gtk2-unicode-3.0,include/gtk2-unicode-3.0}
+%{_libdir}/wx/{config/gtk2-unicode-3.2,include/gtk2-unicode-3.2}
 
-%files i18n -f wxstd3.lang
+%files i18n -f wxstd-3.2.lang
 
 %files -n wxBase3
 %{_libdir}/libwx_baseu*.so.*
@@ -227,6 +226,21 @@ fi
 
 
 %changelog
+* Mon Apr 28 2025 wangkai <13474090681@163.com> - 3.2.2.1-4
+- Fix CVE-2024-58249
+
+* Fri Mar 07 2025 mahailiang <mahailiang@uniontech.com> - 3.2.2.1-3
+- adjust libdir at wx-config on sw_64
+
+* Tue Sep 26 2023 lvgenggeng <lvgenggeng@uniontech.com> - 3.2.2.1-2
+- support sw_64
+
+* Wed Sep 06 2023 wulei <wu_lei@hoperun.com> - 3.2.2.1-1
+- Update to 3.2.2.1
+
+* Wed Jun 07 2023 xu_ping <707078654@qq.com> - 3.0.4-9
+- Add pie compile option
+
 * Mon Nov 28 2022 huajingyun <huajingyun@loongson.cn> - 3.0.4-8
 - modify wx-config to support loongarch64