rpms/freeglut
7
0
Fork 0
Code Issues Pull Requests Releases Activity

import CS freeglut-3.2.1-10.el9

Browse Source
This commit is contained in:
eabdullin 2024-03-28 10:08:33 +00:00
parent 9e99fb5ebd
commit dd8b5f182a
2 changed files with 61 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

52
SOURCES/0001-Plug-memory-leak-that-happens-upon-error.patch Normal file
View File

@ -0,0 +1,52 @@
From 9ad320c1ad1a25558998ddfe47674511567fec57 Mon Sep 17 00:00:00 2001
From: Sebastian Rasmussen <sebras@gmail.com>
Date: Mon, 12 Feb 2024 14:46:22 +0800
Subject: [PATCH] Plug memory leak that happens upon error.
If fgStructure.CurrentMenu is set when glutAddMenuEntry() or
glutAddSubMenu() is called the allocated menuEntry variable will
leak. This commit postpones allocating menuEntry until after the
error checks, thereby plugging the memory leak.
This fixes CVE-2024-24258 and CVE-2024-24259.
---
src/fg_menu.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/src/fg_menu.c b/src/fg_menu.c
index 53112dc2..0da88901 100644
--- a/src/fg_menu.c
+++ b/src/fg_menu.c
@@ -864,12 +864,12 @@ void FGAPIENTRY glutAddMenuEntry( const char* label, int value )
{
SFG_MenuEntry* menuEntry;
FREEGLUT_EXIT_IF_NOT_INITIALISED ( "glutAddMenuEntry" );
- menuEntry = (SFG_MenuEntry *)calloc( sizeof(SFG_MenuEntry), 1 );
freeglut_return_if_fail( fgStructure.CurrentMenu );
if (fgState.ActiveMenus)
fgError("Menu manipulation not allowed while menus in use.");
+ menuEntry = (SFG_MenuEntry *)calloc( sizeof(SFG_MenuEntry), 1 );
menuEntry->Text = strdup( label );
menuEntry->ID = value;
@@ -888,7 +888,6 @@ void FGAPIENTRY glutAddSubMenu( const char *label, int subMenuID )
SFG_Menu *subMenu;
FREEGLUT_EXIT_IF_NOT_INITIALISED ( "glutAddSubMenu" );
- menuEntry = ( SFG_MenuEntry * )calloc( sizeof( SFG_MenuEntry ), 1 );
subMenu = fgMenuByID( subMenuID );
freeglut_return_if_fail( fgStructure.CurrentMenu );
@@ -897,6 +896,7 @@ void FGAPIENTRY glutAddSubMenu( const char *label, int subMenuID )
freeglut_return_if_fail( subMenu );
+ menuEntry = ( SFG_MenuEntry * )calloc( sizeof( SFG_MenuEntry ), 1 );
menuEntry->Text = strdup( label );
menuEntry->SubMenu = subMenu;
menuEntry->ID = -1;
--
2.43.0

11
SPECS/freeglut.spec
View File

@ -2,12 +2,13 @@
Summary: A freely licensed alternative to the GLUT library Summary: A freely licensed alternative to the GLUT library
Name: freeglut Name: freeglut
Version: 3.2.1 Version: 3.2.1
Release: 9%{?dist} Release: 10%{?dist}
URL: http://freeglut.sourceforge.net URL: http://freeglut.sourceforge.net
Source0: https://downloads.sourceforge.net/%{name}/%{name}-%{version}.tar.gz Source0: https://downloads.sourceforge.net/%{name}/%{name}-%{version}.tar.gz
# For the manpages # For the manpages
Source1: https://downloads.sourceforge.net/openglut/openglut-0.6.3-doc.tar.gz Source1: https://downloads.sourceforge.net/openglut/openglut-0.6.3-doc.tar.gz
Patch0: common.patch Patch0: common.patch
Patch1: 0001-Plug-memory-leak-that-happens-upon-error.patch
License: MIT License: MIT
BuildRequires: gcc BuildRequires: gcc
@ -52,7 +53,8 @@ license.
%prep %prep
%setup -q -a 1 %setup -q -a 1
%patch0 -p0 %patch -P 0 -p0
%patch -P 1 -p1
%build %build
%{cmake} -DFREEGLUT_BUILD_STATIC_LIBS=OFF . %{cmake} -DFREEGLUT_BUILD_STATIC_LIBS=OFF .
@ -82,6 +84,11 @@ install -p -m 644 doc/man/*.3 $RPM_BUILD_ROOT/%{_mandir}/man3
%{_libdir}/cmake/FreeGLUT/* %{_libdir}/cmake/FreeGLUT/*
%changelog %changelog
* Thu Feb 15 2024 José Expósito <jexposit@redhat.com> - 3.2.1-10
- Fix CVE-2024-24258 and CVE-2024-24259
Resolves: https://issues.redhat.com/browse/RHEL-25176
Resolves: https://issues.redhat.com/browse/RHEL-25178
* Mon Aug 09 2021 Mohan Boddu <mboddu@redhat.com> - 3.2.1-9 * Mon Aug 09 2021 Mohan Boddu <mboddu@redhat.com> - 3.2.1-9
- Rebuilt for IMA sigs, glibc 2.34, aarch64 flags - Rebuilt for IMA sigs, glibc 2.34, aarch64 flags
Related: rhbz#1991688 Related: rhbz#1991688