Fixed CVE-2021-32280

Resolves: #2006830

0017-CVE-2021-32280.patch

@@ -0,0 +1,29 @@
+From fa5a2dced5cad973c3a9c9e83f21165942f1cd6d Mon Sep 17 00:00:00 2001
+From: Ondrej Dubaj <odubaj@redhat.com>
+Date: Thu, 23 Sep 2021 09:49:37 +0200
+Subject: [PATCH] Do not crash on incomplete, closed splines
+
+---
+ fig2dev/trans_spline.c | 6 ++++++
+ 1 file changed, 6 insertions(+)
+
+diff --git a/fig2dev/trans_spline.c b/fig2dev/trans_spline.c
+index 0905c79..60c54ad 100644
+--- a/fig2dev/trans_spline.c
++++ b/fig2dev/trans_spline.c
+@@ -226,6 +226,12 @@ compute_closed_spline(F_spline *spline, float precision)
+   if (!init_point_array(300, 200))
+       return NULL;
+ 
++  if (!(spline->points /* p0 */ && spline->controls /* s0 */ &&
++  spline->points->next /* p1 */ && spline->controls->next /* s1 */ &&
++  spline->points->next->next && spline->controls->next->next/* p2, s2 */&&
++  spline->points->next->next->next && spline->controls->next->next->next))
++       return NULL;
++
+   INIT_CONTROL_POINTS(spline, p0, s0, p1, s1, p2, s2, p3, s3);
+   COPY_CONTROL_POINT(first, s_first, p0, s0);
+ 
+-- 
+2.31.1
+

transfig.spec

@@ -1,6 +1,6 @@
 Name:		transfig
 Version:	3.2.7b
-Release:	8%{?dist}
+Release:	9%{?dist}
 Epoch:		1
 Summary:	Utility for converting FIG files (made by xfig) to other formats
 License:	MIT
@@ -23,6 +23,7 @@ Patch13:  0013-CVE-2020-21676.patch
 Patch14:  0014-CVE-2020-21529.patch
 Patch15:  0015-CVE-2020-21532.patch
 Patch16:  0016-CVE-2020-21531.patch
+Patch17:  0017-CVE-2021-32280.patch
 
 Requires:	ghostscript
 Requires:	bc
@@ -75,6 +76,9 @@ mv fig2dev.1.in.new man/fig2dev.1.in
 
 
 %changelog
+* Thu Sep 23 2021 Ondrej Dubaj <odubaj@redhat.com> - 1:3.2.7b-9
+- Fixed CVE-2021-32280 (#2006830)
+
 * Mon Sep 20 2021 Ondrej Dubaj <odubaj@redhat.com> - 1:3.2.7b-8
 - Fixed CVE-2020-21529 (#2005518)
 - Fixed CVE-2020-21532 (#2006007)