From 96adc87c7f1efcb8f0e3a50a1d9ba61d8049f509dc5f7a72366229ac3dbaa989 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Adrian=20Schr=C3=B6ter?= <adrian@suse.de>
Date: Tue, 27 Aug 2024 10:42:50 +0200
Subject: [PATCH] Sync from SUSE:SLFO:Main assimp revision
 e3c75e4ebdda5b5ce2c35be95c28c75b

---
 0001-Fix-out-of-bound-access.patch | 24 ++++++++++++++++++++++++
 _constraints                       |  2 ++
 assimp.changes                     |  9 +++++++++
 assimp.spec                        |  2 ++
 4 files changed, 37 insertions(+)
 create mode 100644 0001-Fix-out-of-bound-access.patch

diff --git a/0001-Fix-out-of-bound-access.patch b/0001-Fix-out-of-bound-access.patch
new file mode 100644
index 0000000..895ff6d
--- /dev/null
+++ b/0001-Fix-out-of-bound-access.patch
@@ -0,0 +1,24 @@
+From 614911bb3b1bfc3a1799ae2b3cca306270f3fb97 Mon Sep 17 00:00:00 2001
+From: Kim Kulling <kim.kulling@googlemail.com>
+Date: Wed, 3 Jul 2024 21:05:53 +0200
+Subject: [PATCH] Fix out of bound access
+
+---
+ code/AssetLib/Ply/PlyLoader.cpp | 4 ++++
+ 1 file changed, 4 insertions(+)
+
+diff --git a/code/AssetLib/Ply/PlyLoader.cpp b/code/AssetLib/Ply/PlyLoader.cpp
+index 3e92339fb4..0c2463f240 100644
+--- a/code/AssetLib/Ply/PlyLoader.cpp
++++ b/code/AssetLib/Ply/PlyLoader.cpp
+@@ -564,6 +564,10 @@ void PLYImporter::LoadFace(const PLY::Element *pcElement, const PLY::ElementInst
+         if (mGeneratedMesh->mFaces == nullptr) {
+             mGeneratedMesh->mNumFaces = pcElement->NumOccur;
+             mGeneratedMesh->mFaces = new aiFace[mGeneratedMesh->mNumFaces];
++        } else {
++            if (mGeneratedMesh->mNumFaces < pcElement->NumOccur) {
++                throw DeadlyImportError("Invalid .ply file: Too many faces");
++            }
+         }
+ 
+         if (!bIsTriStrip) {
diff --git a/_constraints b/_constraints
index d64b3d5..cf59e03 100644
--- a/_constraints
+++ b/_constraints
@@ -3,6 +3,7 @@
   <overwrite>
     <conditions>
       <arch>ppc64</arch>
+      <arch>s390x</arch>
     </conditions>
     <hardware>
       <memory>
@@ -13,6 +14,7 @@
   <overwrite>
     <conditions>
       <arch>ppc64</arch>
+      <arch>s390x</arch>
     </conditions>
     <hardware>
       <memory>
diff --git a/assimp.changes b/assimp.changes
index 45be32f..c7f4c13 100644
--- a/assimp.changes
+++ b/assimp.changes
@@ -1,3 +1,12 @@
+-------------------------------------------------------------------
+Fri Aug 23 11:52:21 UTC 2024 - Antonio Larrosa <alarrosa@suse.com>
+
+- Add patch from upstream to fix a heap-based buffer overflow in
+  the PLY importer class (bsc#1228142, CVE-2024-40724):
+  * 0001-Fix-out-of-bound-access.patch
+- Set memory and disk constraints for s390x to fix tests failing
+  to build due to out-of-memory errors.
+
 -------------------------------------------------------------------
 Wed Oct  4 14:14:08 UTC 2023 - Christophe Marin <christophe@krop.fr>
 
diff --git a/assimp.spec b/assimp.spec
index cb7fe00..357d180 100644
--- a/assimp.spec
+++ b/assimp.spec
@@ -27,6 +27,8 @@ URL:            https://www.assimp.org/
 Source0:        %{name}-%{version}.tar.xz
 # PATCH-FIX-OPENSUSE
 Patch0:         0001-Don-t-build-the-collada-importer-exporter-tests.patch
+# PATCH-FIX-UPSTREAM 0001-Fix-out-of-bound-access.patch bsc#1228142 CVE-2024-40724 -- Fix heap-based buffer overflow in the PLY importer class
+Patch1:         0001-Fix-out-of-bound-access.patch
 BuildRequires:  cmake
 BuildRequires:  dos2unix
 BuildRequires:  gcc-c++