rpms/freeglut
7
0
Fork 0
Code Issues Pull Requests Releases Activity

Import from AlmaLinux stable repository

Browse Source
This commit is contained in:
eabdullin 2024-05-31 16:37:36 +00:00
parent 61e68b13a0
commit 9a5c982ed8
3 changed files with 60 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
.freeglut.metadata
View File

@ -1,2 +0,0 @@
fca52242f9344627a30f11487ee42002e6b0dacd SOURCES/freeglut-3.0.0.tar.gz
9df57d26b2cd0448fd83141009729317ff2ea4e7 SOURCES/openglut-0.6.3-doc.tar.gz

52
SOURCES/0001-Plug-memory-leak-that-happens-upon-error.patch Normal file
View File

@ -0,0 +1,52 @@
From e9caa2e14eda732d718691a6c4e61d2623adc068 Mon Sep 17 00:00:00 2001
From: Sebastian Rasmussen <sebras@gmail.com>
Date: Mon, 12 Feb 2024 14:46:22 +0800
Subject: [PATCH] Plug memory leak that happens upon error.
If fgStructure.CurrentMenu is set when glutAddMenuEntry() or
glutAddSubMenu() is called the allocated menuEntry variable will
leak. This commit postpones allocating menuEntry until after the
error checks, thereby plugging the memory leak.
This fixes CVE-2024-24258 and CVE-2024-24259.
---
src/fg_menu.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/src/fg_menu.c b/src/fg_menu.c
index 36b24ce6..da7d9010 100644
--- a/src/fg_menu.c
+++ b/src/fg_menu.c
@@ -843,12 +843,12 @@ void FGAPIENTRY glutAddMenuEntry( const char* label, int value )
{
SFG_MenuEntry* menuEntry;
FREEGLUT_EXIT_IF_NOT_INITIALISED ( "glutAddMenuEntry" );
- menuEntry = (SFG_MenuEntry *)calloc( sizeof(SFG_MenuEntry), 1 );
freeglut_return_if_fail( fgStructure.CurrentMenu );
if (fgState.ActiveMenus)
fgError("Menu manipulation not allowed while menus in use.");
+ menuEntry = (SFG_MenuEntry *)calloc( sizeof(SFG_MenuEntry), 1 );
menuEntry->Text = strdup( label );
menuEntry->ID = value;
@@ -867,7 +867,6 @@ void FGAPIENTRY glutAddSubMenu( const char *label, int subMenuID )
SFG_Menu *subMenu;
FREEGLUT_EXIT_IF_NOT_INITIALISED ( "glutAddSubMenu" );
- menuEntry = ( SFG_MenuEntry * )calloc( sizeof( SFG_MenuEntry ), 1 );
subMenu = fgMenuByID( subMenuID );
freeglut_return_if_fail( fgStructure.CurrentMenu );
@@ -876,6 +875,7 @@ void FGAPIENTRY glutAddSubMenu( const char *label, int subMenuID )
freeglut_return_if_fail( subMenu );
+ menuEntry = ( SFG_MenuEntry * )calloc( sizeof( SFG_MenuEntry ), 1 );
menuEntry->Text = strdup( label );
menuEntry->SubMenu = subMenu;
menuEntry->ID = -1;
--
2.43.1

9
SPECS/freeglut.spec
View File

@ -1,11 +1,12 @@
Summary: A freely licensed alternative to the GLUT library Summary: A freely licensed alternative to the GLUT library
Name: freeglut Name: freeglut
Version: 3.0.0 Version: 3.0.0
Release: 8%{?dist} Release: 9%{?dist}
URL: http://freeglut.sourceforge.net URL: http://freeglut.sourceforge.net
Source0: https://downloads.sourceforge.net/%{name}/%{name}-%{version}.tar.gz Source0: https://downloads.sourceforge.net/%{name}/%{name}-%{version}.tar.gz
# For the manpages # For the manpages
Source1: https://downloads.sourceforge.net/openglut/openglut-0.6.3-doc.tar.gz Source1: https://downloads.sourceforge.net/openglut/openglut-0.6.3-doc.tar.gz
Patch0: 0001-Plug-memory-leak-that-happens-upon-error.patch
License: MIT License: MIT
Group: System Environment/Libraries Group: System Environment/Libraries
@ -49,6 +50,7 @@ license.
%prep %prep
%setup -q -a 1 %setup -q -a 1
%patch -P 0 -p1
%build %build
%{cmake} -DFREEGLUT_BUILD_STATIC_LIBS=OFF . %{cmake} -DFREEGLUT_BUILD_STATIC_LIBS=OFF .
@ -81,6 +83,11 @@ install -p -m 644 doc/man/*.3 $RPM_BUILD_ROOT/%{_mandir}/man3
%changelog %changelog
* Thu Feb 15 2024 José Expósito <jexposit@redhat.com> - 3.0.0-9
- Fix CVE-2024-24258 and CVE-2024-24259
Resolves: https://issues.redhat.com/browse/RHEL-25175
Resolves: https://issues.redhat.com/browse/RHEL-25177
* Tue May 01 2018 Adam Jackson <ajax@redhat.com> - 3.0.0-8 * Tue May 01 2018 Adam Jackson <ajax@redhat.com> - 3.0.0-8
- HTTPS URLs - HTTPS URLs
- Pin soname to libglut.so.3 in the %%files glob - Pin soname to libglut.so.3 in the %%files glob