Sync from SUSE:ALP:Source:Standard:1.0 glib2 revision 750be625573cbac86a63af0da5960dd7

glib2-CVE-2025-3360.patch

@@ -0,0 +1,56 @@
+From 8d60d7dc168aee73a15eb5edeb2deaf196d96114 Mon Sep 17 00:00:00 2001
+From: Philip Withnall <pwithnall@gnome.org>
+Date: Tue, 18 Feb 2025 16:44:58 +0000
+Subject: [PATCH] gdatetime: Fix integer overflow when parsing very long
+ ISO8601 inputs
+
+This will only happen with invalid (or maliciously invalid) potential
+ISO8601 strings, but `g_date_time_new_from_iso8601()` needs to be robust
+against that.
+
+Prevent `length` overflowing by correctly defining it as a `size_t`.
+Similarly for `date_length`, but additionally track its validity in a
+boolean rather than as its sign.
+
+Spotted by chamalsl as #YWH-PGM9867-43.
+
+Signed-off-by: Philip Withnall <pwithnall@gnome.org>
+---
+ glib/gdatetime.c | 12 ++++++++----
+ 1 file changed, 8 insertions(+), 4 deletions(-)
+
+diff --git a/glib/gdatetime.c b/glib/gdatetime.c
+index 5c5638234..efa072982 100644
+--- a/glib/gdatetime.c
++++ b/glib/gdatetime.c
+@@ -1540,7 +1540,8 @@ parse_iso8601_time (const gchar *text, gsize length,
+ GDateTime *
+ g_date_time_new_from_iso8601 (const gchar *text, GTimeZone *default_tz)
+ {
+-  gint length, date_length = -1;
++  size_t length, date_length = 0;
++  gboolean date_length_set = FALSE;
+   gint hour = 0, minute = 0;
+   gdouble seconds = 0.0;
+   GTimeZone *tz = NULL;
+@@ -1551,11 +1552,14 @@ g_date_time_new_from_iso8601 (const gchar *text, GTimeZone *default_tz)
+   /* Count length of string and find date / time separator ('T', 't', or ' ') */
+   for (length = 0; text[length] != '\0'; length++)
+     {
+-      if (date_length < 0 && (text[length] == 'T' || text[length] == 't' || text[length] == ' '))
+-        date_length = length;
++      if (!date_length_set && (text[length] == 'T' || text[length] == 't' || text[length] == ' '))
++        {
++          date_length = length;
++          date_length_set = TRUE;
++        }
+     }
+ 
+-  if (date_length < 0)
++  if (!date_length_set)
+     return NULL;
+ 
+   if (!parse_iso8601_time (text + date_length + 1, length - (date_length + 1),
+-- 
+2.41.0
+

glib2.changes

@@ -1,3 +1,14 @@
+-------------------------------------------------------------------
+Tue Apr 08 05:58:04 UTC 2025 - Cliff Zhao <qzhao@suse.com>
+
+- Add glib2-CVE-2025-3360.patch:
+  Backport 8d60d7dc from upstream, Fix integer overflow when
+  parsing very long ISO8601 inputs. This will only happen with
+  invalid (or maliciously invalid) potential ISO8601 strings,
+  but `g_date_time_new_from_iso8601()` needs to be robust against
+  that.
+  (CVE-2025-3360, bsc#1240897)
+
 -------------------------------------------------------------------
 Tue Nov 26 15:45:58 UTC 2024 - Michael Gorse <mgorse@suse.com>
 

glib2.spec

@@ -60,9 +60,10 @@ Patch4:         glib2-gdbus-codegen-version.patch
 Patch5:         glib2-CVE-2024-34397.patch
 # PATCH-FIX-UPSTREAM glib2-fix-ibus-regression.patch boo#1124044 mgorse@suse.com -- allow name owners to have the syntax of a well-known name.
 Patch6:         glib2-fix-ibus-regression.patch
-# PATCH-FIX-UPSTREAM glib2-CVE-2024-52533.patch boo#1233282 mgorse@suse.com -- fix a single byte buffer overflow.
+# PATCH-FIX-UPSTREAM glib2-CVE-2024-52533.patch CVE-2024-52533 boo#1233282 mgorse@suse.com -- fix a single byte buffer overflow.
 Patch7:         glib2-CVE-2024-52533.patch
-
+# PATCH-FIX-UPSTREAM glib2-CVE-2025-3360.patch CVE-2025-3360 bsc#1240897 qzhao@suse.com -- Fix integer overflow when parsing very long.
+Patch8:         glib2-CVE-2025-3360.patch
 BuildRequires:  docbook-xsl-stylesheets
 BuildRequires:  fdupes
 BuildRequires:  gcc-c++
@@ -267,6 +268,7 @@ the functionality of the installed glib2 package.
 %patch5 -p1
 %patch6 -p1
 %patch7 -p1
+%patch8 -p1
 
 cp -a %{SOURCE1} %{SOURCE2} %{SOURCE5} .
 cp -a %{SOURCE4} gnome_defaults.conf