From 2b898ead1e65a3003009efe00e8a5b184ea6e842 Mon Sep 17 00:00:00 2001
From: zhaosai <zhaosaisai@kylinos.cn>
Date: Mon, 1 Sep 2025 09:46:14 +0800
Subject: [PATCH] Fix CVE-2020-10232

---
 CVE-2020-10232.patch | 23 +++++++++++++++++++++++
 sleuthkit.spec       |  6 +++++-
 2 files changed, 28 insertions(+), 1 deletion(-)
 create mode 100644 CVE-2020-10232.patch

diff --git a/CVE-2020-10232.patch b/CVE-2020-10232.patch
new file mode 100644
index 0000000..733ab95
--- /dev/null
+++ b/CVE-2020-10232.patch
@@ -0,0 +1,23 @@
+From 459ae818fc8dae717549810150de4d191ce158f1 Mon Sep 17 00:00:00 2001
+From: micrictor <mic.ric.tor@gmail.com>
+Date: Sat, 22 Feb 2020 12:17:25 -0800
+Subject: [PATCH] Fix stack buffer overflow in yaffsfs_istat
+
+Prevent a stack buffer overflow in yaffsfs_istat by increasing the buffer size to the size required by tsk_fs_time_to_str.
+---
+ tsk/fs/yaffs.cpp | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/tsk/fs/yaffs.cpp b/tsk/fs/yaffs.cpp
+index 68d8b0219b..f5ec30a09d 100755
+--- a/tsk/fs/yaffs.cpp
++++ b/tsk/fs/yaffs.cpp
+@@ -2439,7 +2439,7 @@ static uint8_t
+     YAFFSFS_INFO *yfs = (YAFFSFS_INFO *)fs;
+     char ls[12];
+     YAFFSFS_PRINT_ADDR print;
+-    char timeBuf[32];
++    char timeBuf[128];
+     YaffsCacheObject * obj = NULL;
+     YaffsCacheVersion * version = NULL;
+     YaffsHeader * header = NULL;
diff --git a/sleuthkit.spec b/sleuthkit.spec
index 892be84..4485bf7 100644
--- a/sleuthkit.spec
+++ b/sleuthkit.spec
@@ -1,6 +1,6 @@
 Name:           sleuthkit
 Version:        4.6.7
-Release:        11
+Release:        12
 Summary:        Tools for file system and volume forensic analysis
 License:        CPL and IBM and GPLv2+
 URL:            http://www.sleuthkit.org
@@ -23,6 +23,7 @@ Patch0012:      0012-fix_oob_read8.patch
 Patch0013:      0013-fix_oob_read13.patch
 #https://github.com/sleuthkit/sleuthkit/pull/2453/commits/beb68f543261a28ee25b945bb79d39213decd2cd
 Patch0014:      0014-Fixed-OOB-reads-in-hfs_dir_open_meta_cb.patch
+Patch0015:		CVE-2020-10232.patch
 
 BuildRequires:  gcc-c++ afflib-devel >= 3.3.4 libewf-devel perl-generators sqlite-devel
 
@@ -97,6 +98,9 @@ sed -i.rpath 's|^runpath_var=LD_RUN_PATH|runpath_var=DIE_RPATH_DIE|g' libtool
 %{_mandir}/man1/*
 
 %changelog
+* Mon Sep 01 2025 Saisai Zhao <zhaosaisai@kylinos.cn> - 4.6.7-12
+- Fix CVE-2020-10232
+
 * Thu Mar 10 2022 xuping <xuping33@huawei.com> - 4.6.7-11
 - Fixed OOB read in hfs_dir_open_meta_cb
 
-- 
Gitee