From 74bd180cb942657931c3b2a71a8a2a3d83f683f5 Mon Sep 17 00:00:00 2001
From: xu_lei_123 <xulei@xfusion.com>
Date: Wed, 21 Dec 2022 10:37:55 +0800
Subject: [PATCH] fix CVE-2022-41704

---
 CVE-2022-41704.patch | 30 ++++++++++++++++++++++++++++++
 batik.spec           |  6 +++++-
 2 files changed, 35 insertions(+), 1 deletion(-)
 create mode 100644 CVE-2022-41704.patch

diff --git a/CVE-2022-41704.patch b/CVE-2022-41704.patch
new file mode 100644
index 0000000..91dd58c
--- /dev/null
+++ b/CVE-2022-41704.patch
@@ -0,0 +1,30 @@
+From: Markus Koschany <apo@debian.org>
+Date: Sat, 29 Oct 2022 08:28:58 +0200
+Subject: CVE-2022-41704
+
+Origin: http://svn.apache.org/viewvc?view=revision=1904320
+---
+ .../src/main/java/org/apache/batik/bridge/DefaultScriptSecurity.java   | 3 ++-
+ 1 file changed, 2 insertions(+), 1 deletion(-)
+
+diff --git a/batik-bridge/src/main/java/org/apache/batik/bridge/DefaultScriptSecurity.java b/batik-bridge/src/main/java/org/apache/batik/bridge/DefaultScriptSecurity.java
+index cab8e0e..a3daa0d 100644
+--- a/batik-bridge/src/main/java/org/apache/batik/bridge/DefaultScriptSecurity.java
++++ b/batik-bridge/src/main/java/org/apache/batik/bridge/DefaultScriptSecurity.java
+@@ -19,6 +19,7 @@
+ package org.apache.batik.bridge;
+
+ import org.apache.batik.util.ParsedURL;
++import static org.apache.batik.util.SVGConstants.SVG_SCRIPT_TYPE_JAVA;
+
+ /**
+  * Default implementation for the <code>ScriptSecurity</code> interface.
+@@ -76,7 +77,7 @@ public class DefaultScriptSecurity implements ScriptSecurity {
+                                  ParsedURL docURL){
+         // Make sure that the archives comes from the same host
+         // as the document itself
+-        if (docURL == null) {
++        if (docURL == null || SVG_SCRIPT_TYPE_JAVA.equals(scriptType)) {
+             se = new SecurityException
+                 (Messages.formatMessage(ERROR_CANNOT_ACCESS_DOCUMENT_URL,
+                                         new Object[]{scriptURL}));
diff --git a/batik.spec b/batik.spec
index 70b98b5..8da4e82 100644
--- a/batik.spec
+++ b/batik.spec
@@ -1,7 +1,7 @@
 %global classpath batik:xml-commons-apis:xml-commons-apis-ext:xmlgraphics-commons
 Name:           batik
 Version:        1.10
-Release:        6
+Release:        7
 Summary:        Batik is an inline templating engine for CoffeeScript
 License:        Apache-2.0 and W3C and MPL-1.1 and GPL-2.0-or-later and Apache-1.1
 URL:            https://xmlgraphics.apache.org/batik/
@@ -11,6 +11,7 @@ Source1:        %{name}-security.policy
 Patch1:         0001-Fix-imageio-codec-lookup.patch
 Patch6000:      CVE-2019-17566.patch
 Patch6001:      CVE-2020-11987.patch
+Patch6002:      CVE-2022-41704.patch
 
 BuildArch:      noarch
 
@@ -122,6 +123,9 @@ cp -a samples %{buildroot}/%{_datadir}/%{name}/
 %doc CHANGES MAINTAIN README NOTICE
 
 %changelog
+* Wed Dec 21 2022 xulei <xulei@xfusion.com> - 1.10-7
+- fix CVE-2022-41704
+
 * Wed Mar 31 2021 lingsheng <lingsheng@huawei.com> - 1.10-6
 - Remove unneeded rhino and jai_imageio in classpath
 
-- 
Gitee