From 451b33feb70bb34e2a81caa83e9b93fbf0025b67 Mon Sep 17 00:00:00 2001
From: wk333 <13474090681@163.com>
Date: Tue, 16 Jan 2024 09:21:09 +0800
Subject: [PATCH] Fix CVE-2023-0437

---
 CVE-2023-0437.patch | 27 +++++++++++++++++++++++++++
 mongo-c-driver.spec |  6 +++++-
 2 files changed, 32 insertions(+), 1 deletion(-)
 create mode 100644 CVE-2023-0437.patch

diff --git a/CVE-2023-0437.patch b/CVE-2023-0437.patch
new file mode 100644
index 0000000..a980dcc
--- /dev/null
+++ b/CVE-2023-0437.patch
@@ -0,0 +1,27 @@
+From be865dd759a28aa268232766f304d1bc11f1e8f7 Mon Sep 17 00:00:00 2001
+From: Kevin Albertson <kevin.albertson@mongodb.com>
+Date: Mon, 30 Oct 2023 18:01:30 +0000
+Subject: [PATCH] CDRIVER-4747 use `size_t` consistently in
+ `bson_utf8_validate` (#1458)
+
+Origin: https://github.com/mongodb/mongo-c-driver/commit/be865dd759a28aa268232766f304d1bc11f1e8f7
+
+---
+ src/libbson/src/bson/bson-utf8.c | 4 ++--
+ 1 file changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/src/libbson/src/bson/bson-utf8.c b/src/libbson/src/bson/bson-utf8.c
+index e122ac31f7..1cebd27069 100644
+--- a/src/libbson/src/bson/bson-utf8.c
++++ b/src/libbson/src/bson/bson-utf8.c
+@@ -118,8 +118,8 @@ bson_utf8_validate (const char *utf8, /* IN */
+    bson_unichar_t c;
+    uint8_t first_mask;
+    uint8_t seq_length;
+-   unsigned i;
+-   unsigned j;
++   size_t i;
++   size_t j;
+ 
+    BSON_ASSERT (utf8);
+ 
diff --git a/mongo-c-driver.spec b/mongo-c-driver.spec
index 112887a..cc42f9f 100644
--- a/mongo-c-driver.spec
+++ b/mongo-c-driver.spec
@@ -2,10 +2,11 @@
 Name:          mongo-c-driver
 Summary:       Client library written in C for MongoDB
 Version:       1.24.4
-Release:       1
+Release:       2
 License:       ASL 2.0 and ISC and MIT and zlib
 URL:           https://github.com/mongodb/mongo-c-driver
 Source0:       https://github.com/mongodb/mongo-c-driver/releases/download/1.24.4/mongo-c-driver-1.24.4.tar.gz
+Patch0:        CVE-2023-0437.patch
 BuildRequires: cmake >= 3.1 openssl-devel pkgconfig(libsasl2) pkgconfig(zlib) gcc
 BuildRequires: pkgconfig(snappy) pkgconfig(icu-uc) perl-interpreter python3 python3-sphinx
 BuildRequires: chrpath
@@ -125,6 +126,9 @@ exit $ret
 %doc NEWS
 
 %changelog
+* Tue Jan 16 2024 wangkai <13474090681@163.com> - 1.24.4-2
+- Fix CVE-2023-0437
+
 * Tue Oct 17 2023 xu_ping <707078654@qq.com> - 1.24.4-1
 - Upgrade version to 1.24.4
 
-- 
Gitee