From b17e9784bbd88facde3180cb182e4505da7b79da Mon Sep 17 00:00:00 2001
From: Parag Nemade <pnemade@fedoraproject.org>
Date: Sat, 1 May 2021 08:29:20 +0530
Subject: [PATCH] Add missing patch files

---
 autotrace-0.31.1-CVE-2019-19004.patch | 17 +++++++++++++
 autotrace-0.31.1-CVE-2019-19005.patch | 35 +++++++++++++++++++++++++++
 2 files changed, 52 insertions(+)
 create mode 100644 autotrace-0.31.1-CVE-2019-19004.patch
 create mode 100644 autotrace-0.31.1-CVE-2019-19005.patch

diff --git a/autotrace-0.31.1-CVE-2019-19004.patch b/autotrace-0.31.1-CVE-2019-19004.patch
new file mode 100644
index 0000000..7121b94
--- /dev/null
+++ b/autotrace-0.31.1-CVE-2019-19004.patch
@@ -0,0 +1,17 @@
+diff -urN autotrace-0.31.1.old/input-bmp.c autotrace-0.31.1/input-bmp.c
+--- autotrace-0.31.1.old/input-bmp.c	2021-04-30 15:03:16.264446518 +0530
++++ autotrace-0.31.1/input-bmp.c	2021-04-30 15:06:14.682051209 +0530
+@@ -220,6 +220,13 @@
+    * word length (32 bits == 4 bytes)
+    */
+ 
++  unsigned long overflowTest = Bitmap_Head.biWidth * Bitmap_Head.biBitCnt;
++  if (overflowTest / Bitmap_Head.biWidth != Bitmap_Head.biBitCnt) {
++    LOG("Error reading BMP file header. Width is too large\n");
++    at_exception_fatal(&exp, "Error reading BMP file header. Width is too large");
++    goto cleanup;
++  }
++
+   rowbytes= ( (Bitmap_Head.biWidth * Bitmap_Head.biBitCnt - 1) / 32) * 4 + 4;  
+ 
+ #ifdef DEBUG
diff --git a/autotrace-0.31.1-CVE-2019-19005.patch b/autotrace-0.31.1-CVE-2019-19005.patch
new file mode 100644
index 0000000..cb0ffc7
--- /dev/null
+++ b/autotrace-0.31.1-CVE-2019-19005.patch
@@ -0,0 +1,35 @@
+diff -urN autotrace-0.31.1.old/xstd.h autotrace-0.31.1/xstd.h
+--- autotrace-0.31.1.old/xstd.h	2002-10-11 02:14:17.000000000 +0530
++++ autotrace-0.31.1/xstd.h	2021-04-30 15:22:25.853589944 +0530
+@@ -20,6 +20,7 @@
+ #define XMALLOC(new_mem, size)			\
+ do						\
+   {						\
++    assert(size);                              \
+     new_mem = (at_address) malloc (size);	\
+     assert(new_mem);				\
+   } while (0)
+@@ -28,6 +29,7 @@
+ #define XCALLOC(new_mem, size)			\
+ do						\
+   {						\
++    assert(size);                              \
+     new_mem = (at_address) calloc (size, 1);	\
+     assert(new_mem);				\
+   } while (0)
+@@ -55,6 +57,7 @@
+ #define XMALLOC(new_mem, size)					\
+ do								\
+   {								\
++    assert(size);                                              \
+     (at_address&)(new_mem) = (at_address) malloc (size);	\
+      assert(new_mem);						\
+   } while (0) 
+@@ -63,6 +66,7 @@
+ #define XCALLOC(new_mem, sizex)					\
+ do								\
+   {								\
++    assert(size);                                              \
+     (at_address&)(new_mem) = (void *) calloc (sizex, 1);	\
+     assert(new_mem);						\
+   } while (0)