4 changed files with 105 additions and 42 deletions
--- a/.motif.metadata
+++ b/.motif.metadata
@ -1 +0,0 @@
 49ecfe2a0939232ca78ce318d938044e7f751b6d SOURCES/motif-2.3.4-src.tgz
--- a/SOURCES/0001-Fix-CVE-2023-43788-Out-of-bounds-read-in-XpmCreateXp.patch
+++ b/SOURCES/0001-Fix-CVE-2023-43788-Out-of-bounds-read-in-XpmCreateXp.patch
@ -0,0 +1,32 @@
 From 2fa554b01ef6079a9b35df9332bdc4f139ed67e0 Mon Sep 17 00:00:00 2001
 From: Alan Coopersmith <alan.coopersmith@oracle.com>
 Date: Sat, 29 Apr 2023 17:50:39 -0700
 Subject: [PATCH] Fix CVE-2023-43788: Out of bounds read in
 XpmCreateXpmImageFromBuffer
 When the test case for CVE-2022-46285 was run with the Address Sanitizer
 enabled, it found an out-of-bounds read in ParseComment() when reading
 from a memory buffer instead of a file, as it continued to look for the
 closing comment marker past the end of the buffer.
 Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
 ---
 lib/Xm/Xpmdata.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)
 diff --git a/lib/Xm/Xpmdata.c b/lib/Xm/Xpmdata.c
 index 7524e65..0b0f1f3 100644
 --- a/lib/Xm/Xpmdata.c
 +++ b/lib/Xm/Xpmdata.c
@@ -108,7 +108,7 @@ ParseComment(xpmData *data)
 		n++;
 		s2++;
 	    } while (c == *s2 && *s2 != '\0' && c);
 -	    if (*s2 == '\0') {
 +	    if (*s2 == '\0' || c == '\0') {
 		/* this is the end of the comment */
 		notend = 0;
 		mdata->cptr--;
 -- 
 2.41.0
--- a/SOURCES/0001-Fix-CVE-2023-43789-Out-of-bounds-read-on-XPM-with-co.patch
+++ b/SOURCES/0001-Fix-CVE-2023-43789-Out-of-bounds-read-on-XPM-with-co.patch
@ -0,0 +1,36 @@
 From 7e21cb63b9a1ca760a06cc4cd9b19bbc3fcd8f51 Mon Sep 17 00:00:00 2001
 From: Alan Coopersmith <alan.coopersmith@oracle.com>
 Date: Sat, 29 Apr 2023 18:30:34 -0700
 Subject: [PATCH] Fix CVE-2023-43789: Out of bounds read on XPM with corrupted
 colormap
 Found with clang's libfuzzer
 Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
 ---
 lib/Xm/Xpmdata.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)
 diff --git a/lib/Xm/Xpmdata.c b/lib/Xm/Xpmdata.c
 index 0b0f1f3..6e87455 100644
 --- a/lib/Xm/Xpmdata.c
 +++ b/lib/Xm/Xpmdata.c
@@ -259,13 +259,13 @@ xpmNextWord(
     int c;
     if (!mdata->type || mdata->type == XPMBUFFER) {
 -	while (isspace(c = *mdata->cptr) && c != mdata->Eos)
 +	while ((c = *mdata->cptr) && isspace(c) && (c != mdata->Eos))
 	    mdata->cptr++;
 	do {
 	    c = *mdata->cptr++;
 	    *buf++ = c;
 	    n++;
 -	} while (!isspace(c) && c != mdata->Eos && n < buflen);
 +	} while (c && !isspace(c) && (c != mdata->Eos) && (n < buflen));
 	n--;
 	mdata->cptr--;
     } else {
 -- 
 2.41.0
--- a/SPECS/motif.spec
+++ b/SPECS/motif.spec
@ -1,8 +1,9 @@
 Summary: Run-time libraries and programs
 Name: motif
 Version: 2.3.4
-Release: 27%{?dist}
+Release: 20%{?dist}
 License: LGPLv2+
 Group: System Environment/Libraries
 Source: http://downloads.sf.net/motif/motif-%{version}-src.tgz
 Source1: xmbind
 URL: http://www.motifzone.net/
@ -11,7 +12,6 @@ Provides: openmotif = %{version}-%{release}
 Requires: xorg-x11-xbitmaps
 Requires: xorg-x11-xinit
 BuildRequires: make
 BuildRequires: automake, libtool, autoconf, flex
 # flex static libs have been part of flex for RHEL <= 6 and Fedora <= 12
 %if 0%{?fedora} > 12 || 0%{?rhel} > 6
@ -29,6 +29,9 @@ Patch43: openMotif-2.3.0-rgbtxt.patch
 Patch45: motif-2.3.4-mwmrc_dir.patch
 Patch46: motif-2.3.4-bindings.patch
 Patch47: openMotif-2.3.0-no_X11R6.patch
 # FTBFS #1448819
 Patch48: motif-2.3.4-Fix-issues-with-Werror-format-security.patch
 Patch49: openmotif-2.3.1-rhbz_997241.patch
 Patch50: motif-2.3.5-motifzone_1654.patch
 Patch51: motif-2.3.4-motifzone_1564-88bdce1.patch
@ -36,10 +39,11 @@ Patch52: revert-of-motifzone_1565.patch
 Patch53: motifzone_1660.patch
 Patch54: motifzone_1612.patch
 # FTBFS #1448819
 Patch48: motif-2.3.4-Fix-issues-with-Werror-format-security.patch
 # rhbz#2125560
 Patch55: 0001-EditresCom-Fix-build-with-modern-systems.patch
 # CVE-2023-43788
 Patch56: 0001-Fix-CVE-2023-43788-Out-of-bounds-read-in-XpmCreateXp.patch
 # CVE-2023-43789
 Patch57: 0001-Fix-CVE-2023-43789-Out-of-bounds-read-on-XPM-with-co.patch
 Conflicts: lesstif <= 0.92.32-6
@ -50,6 +54,7 @@ linked against Motif and the Motif Window Manager mwm.
 %package devel
 Summary: Development libraries and header files
 Group: Development/Libraries
 Conflicts: lesstif-devel <= 0.92.32-6
 Requires: %{name}%{?_isa} = %{version}-%{release}
 Requires: libjpeg-devel%{?_isa} libpng-devel%{?_isa}
@ -64,6 +69,7 @@ header files and also static libraries necessary to build Motif applications.
 %package static
 Summary: Static libraries
 Group: Development/Libraries
 Conflicts: lesstif-devel <= 0.92.32-6
 Requires: %{name}-devel%{?_isa} = %{version}-%{release}
@ -79,6 +85,7 @@ This package contains the static Motif libraries.
 %patch46 -p1 -b .bindings
 %patch47 -p1 -b .no_X11R6
 %patch48 -p1 -b .format-security
 %patch49 -p1 -b .rhbz_997241
 %patch50 -p1 -b .motifzone_1654
 %patch51 -p1 -b .motifzone_1564-88bdce1
@ -86,10 +93,16 @@ This package contains the static Motif libraries.
 %patch53 -p1 -b .motifzone_1660
 %patch54 -p1 -b .motifzone_1612
 %patch55 -p1 -b .long_bit
 %patch56 -p1 -b .cve-2023-43788
 %patch57 -p1 -b .cve-2023-43789
 %build
-./autogen.sh
+CFLAGS="$RPM_OPT_FLAGS -D_FILE_OFFSET_BITS=64" \
-%configure --enable-static --enable-xft --enable-jpeg --enable-png
+./autogen.sh --libdir=%{_libdir} --enable-static --enable-xft --enable-jpeg \
   --enable-png
 %configure --libdir=%{_libdir} --enable-static --enable-xft --enable-jpeg \
   --enable-png
 make clean %{?_smp_mflags}
 make -C include
@ -103,7 +116,11 @@ install -m 755 %{SOURCE1} %{buildroot}/etc/X11/xinit/xinitrc.d/xmbind.sh
 rm -f %{buildroot}%{_libdir}/*.la
-%ldconfig_scriptlets
+%post -p /sbin/ldconfig
 %postun -p /sbin/ldconfig
 %clean
 rm -rf %{buildroot}
 %files
 %doc COPYING README RELEASE RELNOTES
@ -135,43 +152,22 @@ rm -f %{buildroot}%{_libdir}/*.la
 %{_libdir}/lib*.a
 %changelog
-* Mon Sep 26 2022 Olivier Fourdan <ofourdan@redhat.com> - 2.3.4-27
+* Mon Nov 27 2023 José Expósito <jexposit@redhat.com> - 2.3.4-20
- Fix LONG_BIT definition missing (rhbz#2125560)
+- Fix CVE-2023-43788: out of bounds read in XpmCreateXpmImageFromBuffer()
 - Fix CVE-2023-43789: out of bounds read on XPM with corrupted colormap
-* Thu May 12 2022 Mika Penttila <mpenttil@redhat.com> - 2.3.4-26
+* Mon Sep 26 2022 Olivier Fourdan <ofourdan@redhat.com> - 2.3.4-19
- Added patches from rhel-7
+- Fix LONG_BIT definition missing (rhbz#2124810)
-* Thu Feb 03 2022 Adam Jackson <ajax@redhat.com> - 2.3.4-25
+* Wed Sep 07 2022 Mika Penttila <mpenttil@redhat.com> - 2.3.4-18
- Fix invoking autogen/configure so the default CFLAGS actually get applied
+- Version bump
  Resolves: rhbz#2044881
-* Mon Aug 09 2021 Mohan Boddu <mboddu@redhat.com> - 2.3.4-24
+* Fri Apr 08 2022 Mika Penttila <mpenttil@redhat.com> - 2.3.4-17
- Rebuilt for IMA sigs, glibc 2.34, aarch64 flags
+- Added forgotten patches and corrected release number
  Related: rhbz#1991688
-* Fri Apr 16 2021 Mohan Boddu <mboddu@redhat.com> - 2.3.4-23
+* Tue Sep 11 2018 Carlos Soriano <csoriano@redhat.com> - 2.3.4-16
- Rebuilt for RHEL 9 BETA on Apr 15th 2021. Related: rhbz#1947937
+- Fix hardened flags, make sure to always pass LDFLAGS on the spec
-
+- Resolves: RHBZ#1624143
 * Tue Jan 26 2021 Fedora Release Engineering <releng@fedoraproject.org> - 2.3.4-22
 - Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild
 * Tue Jul 28 2020 Fedora Release Engineering <releng@fedoraproject.org> - 2.3.4-21
 - Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild
 * Wed Jan 29 2020 Fedora Release Engineering <releng@fedoraproject.org> - 2.3.4-20
 - Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild
 * Thu Jul 25 2019 Fedora Release Engineering <releng@fedoraproject.org> - 2.3.4-19
 - Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild
 * Fri Feb 01 2019 Fedora Release Engineering <releng@fedoraproject.org> - 2.3.4-18
 - Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild
 * Fri Jul 13 2018 Fedora Release Engineering <releng@fedoraproject.org> - 2.3.4-17
 - Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild
 * Thu Feb 08 2018 Fedora Release Engineering <releng@fedoraproject.org> - 2.3.4-16
 - Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild
 * Thu Aug 03 2017 Fedora Release Engineering <releng@fedoraproject.org> - 2.3.4-15
 - Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild
		`@ -1 +0,0 @@`
			`49ecfe2a0939232ca78ce318d938044e7f751b6d SOURCES/motif-2.3.4-src.tgz`