From 10915d66cea1dad9582277fbe37cd8387e3dc7ab Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=E5=B1=88=E4=B9=A6=E5=9D=A4?= <qushukun@cqsoftware.com.cn>
Date: Wed, 7 Aug 2024 15:16:44 +0800
Subject: [PATCH] Fix CVE-2024-31047

---
 CVE-2024-31047.patch | 23 +++++++++++++++++++++++
 OpenEXR.spec         |  8 ++++++--
 2 files changed, 29 insertions(+), 2 deletions(-)
 create mode 100644 CVE-2024-31047.patch

diff --git a/CVE-2024-31047.patch b/CVE-2024-31047.patch
new file mode 100644
index 0000000..eee9235
--- /dev/null
+++ b/CVE-2024-31047.patch
@@ -0,0 +1,23 @@
+diff --git a/exrmultipart/exrmultipart.cpp b/exrmultipart/exrmultipart.cpp
+index 8c4fa66..c3df0c5 100644
+--- a/exrmultipart/exrmultipart.cpp
++++ b/exrmultipart/exrmultipart.cpp
+@@ -355,13 +355,11 @@ convert(vector <const char*> in,
+         }
+         
+         Box2i dataWindow = infile.header(0).dataWindow();
+-        int pixel_count = (dataWindow.size().y+1)*(dataWindow.size().x+1);
+-        int pixel_width = dataWindow.size().x+1;
+-        
++        int64_t pixel_count = (static_cast<int64_t>(dataWindow.size ().y) + 1) * (static_cast<int64_t>(dataWindow.size ().x) + 1);
++	int64_t pixel_width = static_cast<int64_t>(dataWindow.size ().x) + 1;
+         
+         // offset in pixels between base of array and 0,0
+-        int pixel_base = dataWindow.min.y*pixel_width+dataWindow.min.x;
+-
++        int64_t pixel_base = static_cast<int64_t>(dataWindow.min.y) * pixel_width + static_cast<int64_t>(dataWindow.min.x);
+         vector< vector<char> > channelstore(channel_count);
+         
+         
+
+
diff --git a/OpenEXR.spec b/OpenEXR.spec
index e53c827..47a7263 100644
--- a/OpenEXR.spec
+++ b/OpenEXR.spec
@@ -1,8 +1,7 @@
-%define anolis_release .0.1
 Name:	 OpenEXR
 Summary: A high dynamic-range (HDR) image file format
 Version: 2.2.0
-Release: 12%{anolis_release}%{?dist}
+Release:     13%{?dist}
 
 License: BSD
 URL:	 http://www.openexr.com/
@@ -10,6 +9,7 @@ Source0: http://download.savannah.nongnu.org/releases/openexr/openexr-%{version}
 # fix tests for big endian arches
 # https://github.com/openexr/openexr/issues/81
 Patch0:  openexr-2.1.0-bigendian.patch
+Patch1:  CVE-2024-31047.patch
 
 Obsoletes: openexr < %{version}-%{release}
 Provides:  openexr = %{version}-%{release}
@@ -56,6 +56,7 @@ Doc pages for %{name}.
 %prep
 %setup -q -n openexr-%{version}
 %patch0 -p1 -b .bigendian
+%patch1 -p1
 
 
 %build
@@ -103,6 +104,9 @@ make %{?_smp_mflags} check ||:
 %doc AUTHORS ChangeLog LICENSE NEWS README
 
 %changelog
+* Tue Jul 30 2024 ShuKun Qu <qushukun@cqsoftware.com.cn> - 2.2.0-13
+- fix CVE-2024-31047
+
 * Fri Jul 15 2022 Weisson <wenshu.hx@alibaba-inc.com> - 2.2.0-12.0.1
 - Add doc sub package
 
-- 
Gitee