From 19c7bcaa13576940cee17b0b0613f95ae4e43393 Mon Sep 17 00:00:00 2001
From: duyiwei <duyiwei@kylinos.cn>
Date: Thu, 16 Jun 2022 10:33:00 +0800
Subject: [PATCH] fix CVE-2022-28506

---
 CVE-2022-28506.patch | 31 +++++++++++++++++++++++++++++++
 giflib.spec          |  6 +++++-
 2 files changed, 36 insertions(+), 1 deletion(-)
 create mode 100644 CVE-2022-28506.patch

diff --git a/CVE-2022-28506.patch b/CVE-2022-28506.patch
new file mode 100644
index 0000000..1905969
--- /dev/null
+++ b/CVE-2022-28506.patch
@@ -0,0 +1,31 @@
+From c80f2b9f12a9ed0df7a629c9da1c4a82e9e39923 Mon Sep 17 00:00:00 2001
+From: duyiwei <duyiwei@kylinos.cn>
+Date: Wed, 15 Jun 2022 14:46:24 +0800
+Subject: [PATCH] CVE-2022-28506
+
+Signed-off-by: duyiwei <duyiwei@kylinos.cn>
+---
+ gif2rgb.c | 7 ++++++-
+ 1 file changed, 6 insertions(+), 1 deletion(-)
+
+diff --git a/gif2rgb.c b/gif2rgb.c
+index ccbc0aa..87c413e 100644
+--- a/gif2rgb.c
++++ b/gif2rgb.c
+@@ -303,7 +303,12 @@ static void DumpScreen2RGB(char *FileName, int OneFileFlag,
+             GifRow = ScreenBuffer[i];
+             GifQprintf("\b\b\b\b%-4d", ScreenHeight - i);
+             for (j = 0, BufferP = Buffer; j < ScreenWidth; j++) {
+-                ColorMapEntry = &ColorMap->Colors[GifRow[j]];
++                /* Check if color is within color palete */
++                if (GifRow[j] >= ColorMap->ColorCount)
++                {
++                   GIF_EXIT(GifErrorString(D_GIF_ERR_IMAGE_DEFECT));
++                }
++	       	ColorMapEntry = &ColorMap->Colors[GifRow[j]];
+                 *BufferP++ = ColorMapEntry->Red;
+                 *BufferP++ = ColorMapEntry->Green;
+                 *BufferP++ = ColorMapEntry->Blue;
+-- 
+2.33.0
+
diff --git a/giflib.spec b/giflib.spec
index 0e9f343..22fd05b 100644
--- a/giflib.spec
+++ b/giflib.spec
@@ -1,6 +1,6 @@
 Name:          giflib
 Version:       5.2.1
-Release:       2
+Release:       3
 Summary:       A library and utilities for processing GIFs
 License:       MIT
 URL:           http://www.sourceforge.net/projects/giflib/
@@ -9,6 +9,7 @@ Source:        http://downloads.sourceforge.net/giflib/giflib-%{version}.tar.gz
 Patch6001:     giflib_quantize.patch
 Patch6002:     giflib_coverity.patch
 Patch6003:     giflib_html-docs-consistent-ids.patch
+Patch6004:     CVE-2022-28506.patch
 
 BuildRequires: make xmlto gcc
 provides:      giflib-utils = %{name}-%{version}
@@ -66,6 +67,9 @@ rm -f %{buildroot}%{_libdir}/libgif.a
 %{_bindir}/gif*
 
 %changelog
+* Thu Jun 16 2022 duyiwei <duyiwei@kylinos.cn> - 5.2.1-3
+- fix CVE-2022-28506
+
 * Thu May 20 2021 liuyumeng <liuyumeng5@huawei.com> - 5.2.1-2
 - ADD a package named utils