tkurbad-overlay/media-gfx/openscad/files/openscad-2021.01-CVE-2022-0497-Out-of-bounds-memory-access-in-comment.patch

From https://github.com/openscad/openscad/commit/84addf3c1efbd51d8ff424b7da276400bbfa1a4b Mon Sep 17 00:00:00 2001
From: Torsten Paul <Torsten.Paul@gmx.de>
Date: Sat, 5 Feb 2022 18:45:29 +0100
Subject: [PATCH 02/11] CVE-2022-0497 Out-of-bounds memory access in comment
 parser.

Public issue:
https://github.com/openscad/openscad/issues/4043

Fix in master branch:
https://github.com/openscad/openscad/pull/4044
--- a/src/comment.cpp
+++ b/src/comment.cpp
@@ -92,7 +92,7 @@ static std::string getComment(const std::string &fulltext, int line)
 	}
 
 	int end = start + 1;
-	while (fulltext[end] != '\n') end++;
+	while (end < fulltext.size() && fulltext[end] != '\n') end++;
 
 	std::string comment = fulltext.substr(start, end - start);
 
-- 
2.35.1
Various updates and fixes 2024-11-05 12:51:21 +01:00			`From https://github.com/openscad/openscad/commit/84addf3c1efbd51d8ff424b7da276400bbfa1a4b Mon Sep 17 00:00:00 2001`
			`From: Torsten Paul <Torsten.Paul@gmx.de>`
			`Date: Sat, 5 Feb 2022 18:45:29 +0100`
			`Subject: [PATCH 02/11] CVE-2022-0497 Out-of-bounds memory access in comment`
			`parser.`

			`Public issue:`
			`https://github.com/openscad/openscad/issues/4043`

			`Fix in master branch:`
			`https://github.com/openscad/openscad/pull/4044`
			`--- a/src/comment.cpp`
			`+++ b/src/comment.cpp`
			`@@ -92,7 +92,7 @@ static std::string getComment(const std::string &fulltext, int line)`
			`}`

			`int end = start + 1;`
			`- while (fulltext[end] != '\n') end++;`
			`+ while (end < fulltext.size() && fulltext[end] != '\n') end++;`

			`std::string comment = fulltext.substr(start, end - start);`

			`--`
			`2.35.1`