From 0a11b7910e9dddd92a147be611233d3dc4861855 Mon Sep 17 00:00:00 2001
From: yinyongkang <yinyongkang@kylinos.cn>
Date: Mon, 22 Jul 2024 09:33:47 +0800
Subject: [PATCH] fix CVE-2024-40724

---
 ...4-40724-Fix-out-of-bound-access-5651.patch | 27 +++++++++++++++++++
 assimp.spec                                   |  8 +++++-
 2 files changed, 34 insertions(+), 1 deletion(-)
 create mode 100644 CVE-2024-40724-Fix-out-of-bound-access-5651.patch

diff --git a/CVE-2024-40724-Fix-out-of-bound-access-5651.patch b/CVE-2024-40724-Fix-out-of-bound-access-5651.patch
new file mode 100644
index 0000000..ef009b9
--- /dev/null
+++ b/CVE-2024-40724-Fix-out-of-bound-access-5651.patch
@@ -0,0 +1,27 @@
+From ddb74c2bbdee1565dda667e85f0c82a0588c8053 Mon Sep 17 00:00:00 2001
+From: Kim Kulling <kimkulling@users.noreply.github.com>
+Date: Wed, 3 Jul 2024 21:37:24 +0200
+Subject: [PATCH] Fix out of bound access (#5651)
+
+---
+ code/AssetLib/Ply/PlyLoader.cpp | 4 ++++
+ 1 file changed, 4 insertions(+)
+
+diff --git a/code/AssetLib/Ply/PlyLoader.cpp b/code/AssetLib/Ply/PlyLoader.cpp
+index 783c7f1..e109541 100644
+--- a/code/AssetLib/Ply/PlyLoader.cpp
++++ b/code/AssetLib/Ply/PlyLoader.cpp
+@@ -567,6 +567,10 @@ void PLYImporter::LoadFace(const PLY::Element *pcElement, const PLY::ElementInst
+         if (mGeneratedMesh->mFaces == nullptr) {
+             mGeneratedMesh->mNumFaces = pcElement->NumOccur;
+             mGeneratedMesh->mFaces = new aiFace[mGeneratedMesh->mNumFaces];
++        } else {
++            if (mGeneratedMesh->mNumFaces < pcElement->NumOccur) {
++                throw DeadlyImportError("Invalid .ply file: Too many faces");
++            }
+         }
+ 
+         if (!bIsTriStrip) {
+-- 
+2.41.0
+
diff --git a/assimp.spec b/assimp.spec
index 6f03414..7425ca8 100644
--- a/assimp.spec
+++ b/assimp.spec
@@ -1,6 +1,6 @@
 Name:          assimp
 Version:       5.3.1
-Release:       1
+Release:       2
 Summary:       Library to load and process various 3D model formats into applications.
 License:       BSD and MIT and LGPL-2.1 and LGPL-2.0 and GPL-2.0 and LGPL-3.0 and GPL-3.0
 URL:           http://www.assimp.org/
@@ -11,6 +11,9 @@ URL:           http://www.assimp.org/
 #cd ..
 #tar czf assimp-%{version}-free.tar.xz assimp-%{version}
 Source0:       assimp-%{version}-free.tar.xz
+
+Patch01:       CVE-2024-40724-Fix-out-of-bound-access-5651.patch
+
 BuildRequires: gcc-c++ boost-devel cmake dos2unix irrlicht-devel irrXML-devel
 BuildRequires: doxygen poly2tri-devel gtest-devel pkgconfig(zziplib)
 BuildRequires: pkgconfig(zlib) pkgconfig(minizip) gmock-devel make
@@ -87,6 +90,9 @@ install -m 0644 port/PyAssimp/pyassimp/*.py %{buildroot}%{python3_sitelib}/pyass
 %{python3_sitelib}/pyassimp
 
 %changelog
+* Mon Jul 22 2024 yinyongkang <yinyongkang@kylinos.cn> - 5.3.1-2
+- fix CVE-2024-40724
+
 * Wed Oct 18 2023 chenyaqiang <chengyaqiang@huawei.com> - 5.3.1-1
 - update to 5.3.1
 
-- 
Gitee