From 99724aac73edc4a3bdbaa865040a8cc0829bf25e Mon Sep 17 00:00:00 2001
From: wk333 <13474090681@163.com>
Date: Thu, 20 Mar 2025 11:11:01 +0800
Subject: [PATCH] Fix CVE-2025-2151

---
 CVE-2025-2151.patch | 32 ++++++++++++++++++++++++++++++++
 assimp.spec         |  6 +++++-
 2 files changed, 37 insertions(+), 1 deletion(-)
 create mode 100644 CVE-2025-2151.patch

diff --git a/CVE-2025-2151.patch b/CVE-2025-2151.patch
new file mode 100644
index 0000000..7644826
--- /dev/null
+++ b/CVE-2025-2151.patch
@@ -0,0 +1,32 @@
+From d2c6e64a1122884570caf4aaa589d810f5351f28 Mon Sep 17 00:00:00 2001
+From: Kim Kulling <kimkulling@users.noreply.github.com>
+Date: Thu, 13 Mar 2025 10:17:43 +0100
+Subject: [PATCH] Fix: Avoid override in line parsing (#6048)
+
+Origin: https://github.com/assimp/assimp/commit/d2c6e64a1122884570caf4aaa589d810f5351f28
+
+* Fix: Avoid override in line parsing
+
+- closes https://github.com/assimp/assimp/issues/6026
+
+* Update ParsingUtils.h
+---
+ code/ParsingUtils.h | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/code/ParsingUtils.h b/code/ParsingUtils.h
+index 2371ee6..1617112 100644
+--- a/code/ParsingUtils.h
++++ b/code/ParsingUtils.h
+@@ -184,7 +184,7 @@ AI_FORCE_INLINE bool GetNextLine( const char_t*& buffer, char_t out[ BufferSize
+     }
+     *_out = (char_t)'\0';
+ 
+-    while( IsLineEnd( *buffer ) && '\0' != *buffer ) {
++    while( IsLineEnd( *buffer ) && '\0' != *buffer && buffer != end) {
+         ++buffer;
+     }
+ 
+-- 
+2.33.0
+
diff --git a/assimp.spec b/assimp.spec
index 157b2ae..241e7bd 100644
--- a/assimp.spec
+++ b/assimp.spec
@@ -1,6 +1,6 @@
 Name:          assimp
 Version:       3.3.1
-Release:       21
+Release:       22
 Summary:       Library to load and process various 3D model formats into applications.
 License:       BSD and MIT
 URL:           http://assimp.sourceforge.net
@@ -14,6 +14,7 @@ Patch0006:     0001-Morph-animation-support-for-collada.patch
 Patch0007:     0001-Enable-doxygen-been-properly-used-from-cmake-build-a.patch
 Patch0008:     0001-Apply-mechanism-to-decide-use-for-IrrXML-external-or.patch
 Patch0009:     CVE-2024-48425.patch
+Patch0010:     CVE-2025-2151.patch
 BuildRequires: gcc-c++ boost-devel cmake dos2unix irrlicht-devel irrXML-devel
 BuildRequires: doxygen poly2tri-devel gtest-devel pkgconfig(zzip-zlib-config)
 BuildRequires: pkgconfig(zlib) pkgconfig(minizip) pkgconfig(python2) python2-rpm-macros
@@ -117,6 +118,9 @@ install -m 0644 port/PyAssimp/pyassimp/*.py %{buildroot}%{python3_sitelib}/pyass
 %{python3_sitelib}/pyassimp
 
 %changelog
+* Thu Mar 20 2025 wangkai <13474090681@163.com> - 3.3.1-22
+- Fix CVE-2025-2151
+
 * Sat Oct 26 2024 liningjie <liningjie@xfusion.com> - 3.3.1-21
 - Fix CVE-2024-48425
 
-- 
Gitee