From 7271a7457cc7ee3fec909e499d0d28805b8b53fe Mon Sep 17 00:00:00 2001
From: shaojiansong <shaojiansong@kylinos.cn>
Date: Mon, 21 Jul 2025 18:12:52 +0800
Subject: [PATCH] fix CVE-2024-57822

(cherry picked from commit aaea5acf9b6fde6d4a4a6322eee15522650fc21d)
---
 backport-0003-CVE-2024-57822.patch | 14 ++++++++++++++
 raptor2.spec                       |  6 +++++-
 2 files changed, 19 insertions(+), 1 deletion(-)
 create mode 100644 backport-0003-CVE-2024-57822.patch

diff --git a/backport-0003-CVE-2024-57822.patch b/backport-0003-CVE-2024-57822.patch
new file mode 100644
index 0000000..df20467
--- /dev/null
+++ b/backport-0003-CVE-2024-57822.patch
@@ -0,0 +1,14 @@
+#backport from upstream https://github.com/dajobe/raptor/commit/ece2c79df43091686a538b8231cf387d84bfa60e
+diff --git a/src/raptor_ntriples.c b/src/raptor_ntriples.c
+index 60fd3aa..c44f8c4 100644
+--- a/src/raptor_ntriples.c
++++ b/src/raptor_ntriples.c
+@@ -208,7 +208,7 @@ raptor_ntriples_parse_term_internal(raptor_world* world,
+             locator->column--;
+             locator->byte--;
+           }
+-          if(term_class == RAPTOR_TERM_CLASS_BNODEID && dest[-1] == '.') {
++          if(term_class == RAPTOR_TERM_CLASS_BNODEID && position > 0 && dest[-1] == '.') {
+             /* If bnode id ended on '.' move back one */
+             dest--;
+ 
diff --git a/raptor2.spec b/raptor2.spec
index 83a8a61..1ebbef9 100644
--- a/raptor2.spec
+++ b/raptor2.spec
@@ -1,6 +1,6 @@
 Name:          raptor2
 Version:       2.0.15
-Release:       20
+Release:       21
 Summary:       Raptor RDF parsing and serializing utility
 License:       GPLv2+ or LGPLv2+ or ASL 2.0
 URL:           http://librdf.org/raptor/
@@ -11,6 +11,7 @@ Patch0:        CVE-2020-25713.patch
 Patch1:        Remove-the-access-to-entities-checked-private-symbol-for-libxml2-2.11.0.patch
 Patch2:        backport-0001-CVE-2024-57823.patch
 Patch3:        backport-0002-CVE-2024-57823.patch
+Patch4:        backport-0003-CVE-2024-57822.patch
 BuildRequires: gcc-c++ curl-devel gtk-doc libicu-devel pkgconfig(libxslt) yajl-devel
 Conflicts:     raptor < 1.4.21-10
 
@@ -73,6 +74,9 @@ make check
 %{_mandir}/man3/libraptor2*
 
 %changelog
+* Mon July 21 2025 shaojiansong <shaojiansong@kylinos.cn> - 2.0.15-21
+- fix CVE-2024-57822
+
 * Fri Apr 18 2025 zhangliangpengkun <zhangliangpengkun@xfusion.com> - 2.0.15-20
 - fix CVE-2024-57823
 
-- 
Gitee