From b0b266b79c8e2d1ae401837fa1238931e9bae6d9 Mon Sep 17 00:00:00 2001
From: zhangxingrong <zhangxingrong@uniontech.com>
Date: Mon, 8 Jul 2024 18:37:59 +0800
Subject: [PATCH] add some upstream patchs

---
 ...-the-jas_get_total_mem_size-function.patch | 31 +++++++++++++++++
 ...tial-integer-overflow-problem-in-the.patch | 33 +++++++++++++++++++
 jasper.spec                                   |  9 ++++-
 3 files changed, 72 insertions(+), 1 deletion(-)
 create mode 100644 backport-Fixed-a-potential-integer-overflow-problem-in-the-jas_get_total_mem_size-function.patch
 create mode 100644 backport-Fixed-a-potential-integer-overflow-problem-in-the.patch

diff --git a/backport-Fixed-a-potential-integer-overflow-problem-in-the-jas_get_total_mem_size-function.patch b/backport-Fixed-a-potential-integer-overflow-problem-in-the-jas_get_total_mem_size-function.patch
new file mode 100644
index 0000000..76ab775
--- /dev/null
+++ b/backport-Fixed-a-potential-integer-overflow-problem-in-the-jas_get_total_mem_size-function.patch
@@ -0,0 +1,31 @@
+From 175731c70e14e952ba09f7dded1486d30555ba7e Mon Sep 17 00:00:00 2001
+From: Michael Adams <mdadams@ece.uvic.ca>
+Date: Fri, 17 Nov 2023 06:42:59 -0800
+Subject: [PATCH] Fixes #363.
+
+Fixed a potential integer overflow problem in the jas_get_total_mem_size
+function (for the Windows platform).
+---
+ src/libjasper/base/jas_malloc.c | 7 ++++---
+ 1 file changed, 4 insertions(+), 3 deletions(-)
+
+diff --git a/src/libjasper/base/jas_malloc.c b/src/libjasper/base/jas_malloc.c
+index 9b540008..7233f649 100644
+--- a/src/libjasper/base/jas_malloc.c
++++ b/src/libjasper/base/jas_malloc.c
+@@ -661,11 +661,12 @@ size_t jas_get_total_mem_size()
+ 	Reference:
+ 	https://docs.microsoft.com/en-us/windows/win32/api/sysinfoapi/nf-sysinfoapi-getphysicallyinstalledsystemmemory
+ 	*/
+-	ULONGLONG size;
+-	if (!GetPhysicallyInstalledSystemMemory(&size)) {
++	ULONGLONG mem_size_in_kb;
++	if (!GetPhysicallyInstalledSystemMemory(&mem_size_in_kb)) {
+ 		return 0;
+ 	}
+-	return 1024 * size;
++	return (mem_size_in_kb < SIZE_MAX / JAS_CAST(size_t, 1024)) ?
++	  JAS_CAST(size_t, 1024) * mem_size_in_kb : SIZE_MAX;
+ #else
+ 	return 0;
+ #endif
diff --git a/backport-Fixed-a-potential-integer-overflow-problem-in-the.patch b/backport-Fixed-a-potential-integer-overflow-problem-in-the.patch
new file mode 100644
index 0000000..6495833
--- /dev/null
+++ b/backport-Fixed-a-potential-integer-overflow-problem-in-the.patch
@@ -0,0 +1,33 @@
+From 2bd1657c07e9815b89d0553c782b841d11630580 Mon Sep 17 00:00:00 2001
+From: Michael Adams <mdadams@ece.uvic.ca>
+Date: Fri, 1 Dec 2023 09:27:08 -0800
+Subject: [PATCH] Fixed a potential integer overflow problem in the
+ jas_safeui32_to_intfast32 function.
+
+---
+ src/libjasper/include/jasper/jas_math.h | 5 +++--
+ 1 file changed, 3 insertions(+), 2 deletions(-)
+
+diff --git a/src/libjasper/include/jasper/jas_math.h b/src/libjasper/include/jasper/jas_math.h
+index 17c07116..6df20412 100644
+--- a/src/libjasper/include/jasper/jas_math.h
++++ b/src/libjasper/include/jasper/jas_math.h
+@@ -407,7 +407,7 @@ inline static bool jas_safe_uint_mul(unsigned x, unsigned y, unsigned *result)
+ * Safe 32-bit unsigned integer arithmetic (i.e., with overflow checking).
+ \******************************************************************************/
+ 
+-#define JAS_SAFEUI32_MAX (0xffffffffU)
++#define JAS_SAFEUI32_MAX (0xffffffffUL)
+ 
+ typedef struct {
+ 	bool valid;
+@@ -432,7 +432,8 @@ JAS_ATTRIBUTE_PURE
+ static inline bool jas_safeui32_to_intfast32(jas_safeui32_t x,
+   int_fast32_t* y)
+ {
+-	if (x.value <= INT_FAST32_MAX) {
++	const long I32_MAX = 0x7fffffffL;
++	if (x.value <= I32_MAX) {
+ 		*y = x.value;
+ 		return true;
+ 	} else {
diff --git a/jasper.spec b/jasper.spec
index 3ea6d8e..b2f4bd4 100644
--- a/jasper.spec
+++ b/jasper.spec
@@ -1,6 +1,6 @@
 Name:                jasper
 Version:             4.1.0
-Release:             4
+Release:             5
 Summary:             Reference implementation of the codec specified in the JPEG-2000 standard, Part 1
 License:             JasPer-2.0
 URL:                 http://www.ece.uvic.ca/~frodo/jasper/
@@ -9,6 +9,8 @@ Source0:             https://github.com/jasper-software/%{name}/archive/refs/tag
 Patch0001:           jasper-4.1.0-rpath.patch
 Patch0002:           backport_CVE-2023-51257.patch
 Patch0003:           backport_CVE-2024-31744.patch
+Patch0004:           backport-Fixed-a-potential-integer-overflow-problem-in-the-jas_get_total_mem_size-function.patch
+Patch0005:           backport-Fixed-a-potential-integer-overflow-problem-in-the.patch
 
 BuildRequires:       cmake freeglut-devel libGLU-devel libjpeg-devel libXmu-devel libXi-devel
 BuildRequires:       pkgconfig doxygen mesa-libGL-devel git
@@ -87,6 +89,11 @@ make test -C builder
 %doc README.md
 
 %changelog
+* Mon Jul 8 2024 zhangxingrong-<zhangxingrong@uniontech.cn> - 4.1.0-5
+- Fixed a potential integer overflow problem in the jas_get_total_mem_size
+function (for the Windows platform).
+- Fixed a potential integer overflow problem in the
+
 * Sun Apr 28 2024 cenhuilin <cenhuilin@kylinos.cn> - 4.1.0-4
 - fix CVE-2024-31744
 
-- 
Gitee