Projects
openEuler:22.03:LTS:LoongArch
freeglut
Sign Up
Log In
Username
Password
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
Expand all
Collapse all
Changes of Revision 3
View file
_service:tar_scm_kernel_repo:freeglut.spec
Changed
@@ -1,12 +1,13 @@ Name: freeglut Version: 3.0.0 -Release: 11 +Release: 12 Summary: A freely licensed alternative to the GLUT library License: MIT URL: http://freeglut.sourceforge.net Source0: https://downloads.sourceforge.net/%{name}/%{name}-%{version}.tar.gz Source1: https://downloads.sourceforge.net/openglut/openglut-0.6.3-doc.tar.gz Patch0: gcc-10.patch +Patch1: CVE-2024-24258-and-CVE-2024-24259.patch BuildRequires: gcc gcc-c++ cmake libXi-devel libICE-devel BuildRequires: pkgconfig libGLU-devel libXext-devel libXxf86vm-devel @@ -67,6 +68,9 @@ %doc README doc/*.png doc/*.html %changelog +* Sun Feb 18 2024 wangkai <13474090681@163.com> - 3.0.0-12 +- Fix CVE-2024-24258 and CVE-2024-24259 + * Fri Jul 30 2021 linjiaxin5 <linjiaxin5@huawei.com> - 3.0.0-11 - Fix failure caused by GCC upgrade to 10
View file
_service:tar_scm_kernel_repo:CVE-2024-24258-and-CVE-2024-24259.patch
Added
@@ -0,0 +1,51 @@ +From 9ad320c1ad1a25558998ddfe47674511567fec57 Mon Sep 17 00:00:00 2001 +From: Sebastian Rasmussen <sebras@gmail.com> +Date: Mon, 12 Feb 2024 14:46:22 +0800 +Subject: [PATCH] Plug memory leak that happens upon error. + +Origin: https://github.com/freeglut/freeglut/commit/9ad320c1ad1a25558998ddfe47674511567fec57 + +If fgStructure.CurrentMenu is set when glutAddMenuEntry() or +glutAddSubMenu() is called the allocated menuEntry variable will +leak. This commit postpones allocating menuEntry until after the +error checks, thereby plugging the memory leak. + +This fixes CVE-2024-24258 and CVE-2024-24259. +--- + src/fg_menu.c | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +diff --git a/src/fg_menu.c b/src/fg_menu.c +index 53112dc21..0da88901d 100644 +--- a/src/fg_menu.c ++++ b/src/fg_menu.c +@@ -864,12 +864,12 @@ void FGAPIENTRY glutAddMenuEntry( const char* label, int value ) + { + SFG_MenuEntry* menuEntry; + FREEGLUT_EXIT_IF_NOT_INITIALISED ( "glutAddMenuEntry" ); +- menuEntry = (SFG_MenuEntry *)calloc( sizeof(SFG_MenuEntry), 1 ); + + freeglut_return_if_fail( fgStructure.CurrentMenu ); + if (fgState.ActiveMenus) + fgError("Menu manipulation not allowed while menus in use."); + ++ menuEntry = (SFG_MenuEntry *)calloc( sizeof(SFG_MenuEntry), 1 ); + menuEntry->Text = strdup( label ); + menuEntry->ID = value; + +@@ -888,7 +888,6 @@ void FGAPIENTRY glutAddSubMenu( const char *label, int subMenuID ) + SFG_Menu *subMenu; + + FREEGLUT_EXIT_IF_NOT_INITIALISED ( "glutAddSubMenu" ); +- menuEntry = ( SFG_MenuEntry * )calloc( sizeof( SFG_MenuEntry ), 1 ); + subMenu = fgMenuByID( subMenuID ); + + freeglut_return_if_fail( fgStructure.CurrentMenu ); +@@ -897,6 +896,7 @@ void FGAPIENTRY glutAddSubMenu( const char *label, int subMenuID ) + + freeglut_return_if_fail( subMenu ); + ++ menuEntry = ( SFG_MenuEntry * )calloc( sizeof( SFG_MenuEntry ), 1 ); + menuEntry->Text = strdup( label ); + menuEntry->SubMenu = subMenu; + menuEntry->ID = -1;
Locations
Projects
Search
Status Monitor
Help
Open Build Service
OBS Manuals
API Documentation
OBS Portal
Reporting a Bug
Contact
Mailing List
Forums
Chat (IRC)
Twitter
Open Build Service (OBS)
is an
openSUSE project
.