From 8d182902cca6bc387b3e93a63d1c6900cc9d5add Mon Sep 17 00:00:00 2001
From: Debarshi Ray <debarshir@gnome.org>
Date: Mon, 23 Oct 2023 18:33:41 +0200
Subject: [PATCH] Backport fix for CVE-2021-32142 from upstream

This is backported from the upstream commit [1] to fit the
0.19-stable branch.

[1] Commit fa329f37dca4a2c9
    https://github.com/LibRaw/LibRaw/commit/fa329f37dca4a2c9
    https://github.com/LibRaw/LibRaw/issues/400
    https://github.com/LibRaw/LibRaw/pull/611

Resolves: RHEL-9523
---
 LibRaw-CVE-2021-32142.patch | 41 +++++++++++++++++++++++++++++++++++++
 LibRaw.spec                 |  8 +++++++-
 2 files changed, 48 insertions(+), 1 deletion(-)
 create mode 100644 LibRaw-CVE-2021-32142.patch

diff --git a/LibRaw-CVE-2021-32142.patch b/LibRaw-CVE-2021-32142.patch
new file mode 100644
index 0000000..c09a47e
--- /dev/null
+++ b/LibRaw-CVE-2021-32142.patch
@@ -0,0 +1,41 @@
+From 85e018cbca5eb3743eddca91d3d40c3123fa9777 Mon Sep 17 00:00:00 2001
+From: Debarshi Ray <debarshir@gnome.org>
+Date: Tue, 19 Sep 2023 19:52:40 +0200
+Subject: [PATCH] check for input buffer size on datastream::gets
+
+(backported from commit fa329f37dca4a2c938f8abb50ee4a7ef93e64fbb)
+---
+ src/libraw_datastream.cpp | 3 +++
+ 1 file changed, 3 insertions(+)
+
+diff --git a/src/libraw_datastream.cpp b/src/libraw_datastream.cpp
+index bd9cf5ee55d7..aecd3997a707 100644
+--- a/src/libraw_datastream.cpp
++++ b/src/libraw_datastream.cpp
+@@ -175,6 +175,7 @@ INT64 LibRaw_file_datastream::tell()
+ 
+ char *LibRaw_file_datastream::gets(char *str, int sz)
+ {
++  if(sz<1) return NULL;
+   if (substream)
+     return substream->gets(str, sz);
+   LR_STREAM_CHK();
+@@ -398,6 +399,7 @@ INT64 LibRaw_buffer_datastream::tell()
+ 
+ char *LibRaw_buffer_datastream::gets(char *s, int sz)
+ {
++  if(sz<1) return NULL;
+   if (substream)
+     return substream->gets(s, sz);
+   unsigned char *psrc, *pdest, *str;
+@@ -594,6 +596,7 @@ INT64 LibRaw_bigfile_datastream::tell()
+ 
+ char *LibRaw_bigfile_datastream::gets(char *str, int sz)
+ {
++  if(sz<1) return NULL;
+   LR_BF_CHK();
+   return substream ? substream->gets(str, sz) : fgets(str, sz, f);
+ }
+-- 
+2.41.0
+
diff --git a/LibRaw.spec b/LibRaw.spec
index c31a25b..49961cc 100644
--- a/LibRaw.spec
+++ b/LibRaw.spec
@@ -1,7 +1,7 @@
 Summary: Library for reading RAW files obtained from digital photo cameras
 Name: LibRaw
 Version: 0.19.5
-Release: 3%{?dist}
+Release: 4%{?dist}
 License: BSD and (CDDL or LGPLv2)
 URL: http://www.libraw.org
 
@@ -15,6 +15,7 @@ Source0: http://www.libraw.org/data/%{name}-%{version}.tar.gz
 Patch0:  LibRaw-0.6.0-pkgconfig.patch
 Patch1:  LibRaw-CVE-2020-15503.patch
 Patch2:  LibRaw-CVE-2020-24870.patch
+Patch3:  LibRaw-CVE-2021-32142.patch
 Provides: bundled(dcraw) = 9.25
 
 %description
@@ -56,6 +57,7 @@ LibRaw sample programs
 %patch0 -p0 -b .pkgconfig
 %patch1 -p1 -b .cve-2020-15503
 %patch2 -p1 -b .cve-2020-24870
+%patch3 -p1 -b .cve-2021-32142
 
 %build
 autoreconf -if
@@ -119,6 +121,10 @@ rm -fv %{buildroot}%{_libdir}/lib*.la
 
 
 %changelog
+* Mon Oct 23 2023 Debarshi Ray <rishi@fedoraproject.org> - 0.19.5-4
+- Backport fix for CVE-2021-32142 from upstream
+Resolves: RHEL-9523
+
 * Tue Apr 27 2021 Debarshi Ray <rishi@fedoraproject.org> - 0.19.5-3
 - Backport fix for CVE-2020-24870 from upstream
 Resolves: #1931841