From 18dee6462da310761cbc5b4ed8909b87567a38b4 Mon Sep 17 00:00:00 2001
From: CentOS Sources <bugs@centos.org>
Date: Fri, 23 Sep 2022 16:12:05 +0000
Subject: [PATCH] import autotrace-0.31.1-55.el8

---
 SOURCES/autotrace-0.31.1-CVE-2022-32323.patch | 44 +++++++++++++++++++
 SPECS/autotrace.spec                          | 13 +++++-
 2 files changed, 56 insertions(+), 1 deletion(-)
 create mode 100644 SOURCES/autotrace-0.31.1-CVE-2022-32323.patch

diff --git a/SOURCES/autotrace-0.31.1-CVE-2022-32323.patch b/SOURCES/autotrace-0.31.1-CVE-2022-32323.patch
new file mode 100644
index 0000000..a13a352
--- /dev/null
+++ b/SOURCES/autotrace-0.31.1-CVE-2022-32323.patch
@@ -0,0 +1,44 @@
+--- autotrace-0.31.1.old/input-bmp.c	2022-09-05 14:41:15.694254375 +0530
++++ autotrace-0.31.1/input-bmp.c	2022-09-08 17:11:28.131973020 +0530
+@@ -88,7 +88,7 @@
+ 		  at_address msg_data)
+ {
+   FILE *fd;
+-  unsigned char buffer[64];
++  unsigned char buffer[128];
+   int ColormapSize, rowbytes, Maps, Grey;
+   unsigned char ColorMap[256][3];
+   at_bitmap_type image = at_bitmap_init(0, 0, 0, 1);
+@@ -345,6 +345,10 @@
+                *(temp++)= buffer[xpos * 4 + 1];
+                *(temp++)= buffer[xpos * 4];
+             }
++
++          if (ypos == 0)
++	    break;
++
+           --ypos; /* next line */
+         }
+     }
+@@ -361,6 +365,10 @@
+                *(temp++)= buffer[xpos * 3 + 1];
+                *(temp++)= buffer[xpos * 3];
+             }
++            
++          if (ypos == 0)
++	    break;
++
+           --ypos; /* next line */
+         }
+ 	}
+@@ -378,6 +386,10 @@
+                *(temp++)= (unsigned char)(((rgb >> 5)  & 0x1f) * 8);
+                *(temp++)= (unsigned char)(((rgb)       & 0x1f) * 8);
+             }
++
++          if (ypos == 0)
++	    break;
++
+           --ypos; /* next line */
+         }
+     }
diff --git a/SPECS/autotrace.spec b/SPECS/autotrace.spec
index ecf7ae1..263566a 100644
--- a/SPECS/autotrace.spec
+++ b/SPECS/autotrace.spec
@@ -1,6 +1,6 @@
 Name:           autotrace
 Version:        0.31.1
-Release:        53%{?dist}
+Release:        55%{?dist}
 Summary:        Utility for converting bitmaps to vector graphics
 License:        GPLv2+ and LGPLv2+
 URL:            http://autotrace.sourceforge.net/
@@ -15,6 +15,8 @@ Patch6:         autotrace-0.31.1-pstoedit-detection-fix.patch
 Patch7:         autotrace-0.31.1-CVE-2016-7392.patch
 Patch8:         autotrace-0.31.1-CVE-2019-19004.patch
 Patch9:         autotrace-0.31.1-CVE-2019-19005.patch
+# Upstream patch
+Patch10:        autotrace-0.31.1-CVE-2022-32323.patch
 
 BuildRequires:  libpng-devel > 2:1.2
 BuildRequires:  libexif-devel
@@ -61,6 +63,7 @@ This package contains header files and development libraries for autotrace.
 %patch7 -p1 -b .CVE-2016-7392
 %patch8 -p1 -b .CVE-2019-19004
 %patch9 -p1 -b .CVE-2019-19005
+%patch10 -p1 -b .CVE-2022-32323
 autoreconf -ivf
 
 %build
@@ -100,6 +103,14 @@ find $RPM_BUILD_ROOT -type f -name "*.a" -exec rm -f {} ';'
 
 
 %changelog
+* Tue Sep 13 2022 Parag Nemade <pnemade AT redhat DOT com> - 0.31.1-55
+- Resolves: rhbz#2121827 Fix the gating tests by using only local test
+  Upstream testsuite will not work as this package code is very old
+
+* Mon Sep 12 2022 Parag Nemade <pnemade AT redhat DOT com> - 0.31.1-54
+- Resolves: rhbz#2121827
+  CVE-2022-32323 - heap-buffer overflow via the ReadImage() at input-bmp.c
+
 * Fri Apr 30 2021 Parag Nemade <pnemade AT redhat DOT com> - 0.31.1-53
 - Resolves: CVE-2019-19004 : integer overflow in input-bmp.c
 - Resolves: CVE-2019-19005 : fix bitmap double free in main.c