From 2c10c1abf8ff2e88b1da04e050bb721487b73fa3 Mon Sep 17 00:00:00 2001
From: wk333 <13474090681@163.com>
Date: Tue, 17 Dec 2024 20:24:30 +0800
Subject: [PATCH] Fix heap-buffer overflow

---
 Fix-heap-buffer-overflow.patch | 30 ++++++++++++++++++++++++++++++
 giflib.spec                    |  6 +++++-
 2 files changed, 35 insertions(+), 1 deletion(-)
 create mode 100644 Fix-heap-buffer-overflow.patch

diff --git a/Fix-heap-buffer-overflow.patch b/Fix-heap-buffer-overflow.patch
new file mode 100644
index 0000000..ea8c7b7
--- /dev/null
+++ b/Fix-heap-buffer-overflow.patch
@@ -0,0 +1,30 @@
+From d132ecb1402dde84ce9851bddaa6587a90014e07 Mon Sep 17 00:00:00 2001
+From: wk333 <13474090681@163.com>
+Date: Tue, 17 Dec 2024 15:44:15 +0800
+Subject: [PATCH 1/1] Fix heap-buffer overflow
+
+Refer: https://sourceforge.net/u/mmuzila/giflib/ci/fix-cve-2022-28506/
+
+---
+ gif2rgb.c | 5 +++++
+ 1 file changed, 5 insertions(+)
+
+diff --git a/gif2rgb.c b/gif2rgb.c
+index 2b4bb23..0b2e05a 100644
+--- a/gif2rgb.c
++++ b/gif2rgb.c
+@@ -337,6 +337,11 @@ static void DumpScreen2RGB(char *FileName, int OneFileFlag,
+ 			GifRow = ScreenBuffer[i];
+ 			GifQprintf("\b\b\b\b%-4d", ScreenHeight - i);
+ 			for (j = 0; j < ScreenWidth; j++) {
++				/* Check if color is within color palete */
++				if (GifRow[j] >= ColorMap->ColorCount) {
++					GIF_EXIT(GifErrorString(
++					    D_GIF_ERR_IMAGE_DEFECT));
++				}
+ 				ColorMapEntry = &ColorMap->Colors[GifRow[j]];
+ 				Buffers[0][j] = ColorMapEntry->Red;
+ 				Buffers[1][j] = ColorMapEntry->Green;
+-- 
+2.33.0
+
diff --git a/giflib.spec b/giflib.spec
index cd95268..0e530af 100644
--- a/giflib.spec
+++ b/giflib.spec
@@ -2,7 +2,7 @@
 
 Name:          giflib
 Version:       5.2.2
-Release:       1
+Release:       2
 Summary:       A library and utilities for processing GIFs
 License:       MIT
 URL:           http://www.sourceforge.net/projects/giflib/
@@ -15,6 +15,7 @@ Patch1:giflib_coverity.patch
 # Generate HTML docs with consistent section IDs to avoid multilib difference
 Patch2:giflib_html-docs-consistent-ids.patch
 Patch3:CVE-2021-40633.patch
+Patch4:Fix-heap-buffer-overflow.patch
 
 BuildRequires: make xmlto gcc
 BuildRequires: ImageMagick
@@ -75,6 +76,9 @@ rm -f %{buildroot}/debugsourcefiles.list
 %{_bindir}/gif*
 
 %changelog
+* Tue Dec 17 2024 wangkai <13474090681@163.com> - 5.2.2-2
+- Fix heap-buffer overflow
+
 * Fri Jun 21 2024 yaoxin <yao_xin001@hoperun.com> - 5.2.2-1
 - Update to 5.2.2
   * Fixes for CVE-2023-48161 (bsc#1217390), CVE-2022-28506 (bsc#1198880)
-- 
Gitee