7 changed files with 151 additions and 86 deletions
--- a/0002-Check-codepoint-validity-in-punycode_decode-and-puny.patch
+++ b/0002-Check-codepoint-validity-in-punycode_decode-and-puny.patch
@ -0,0 +1,39 @@
+From bd4d04075fa126552b31cd11aaa50dad72119e6a Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Tim=20R=C3=BChsen?= <tim.ruehsen@gmx.de>
+Date: Fri, 6 Jul 2018 13:05:56 +0200
+Subject: [PATCH 2/3] Check codepoint validity in punycode_decode() and
+ punycode_decode()
+
+These functions were able to generate invalid unicode values resp.
+invalid punycode. This is undocumented/unexpected behavior that can
+lead to security vulns.
+
+Reported-by: Mike Schiffman (Farsight Security, Inc.)
+---
+ lib/punycode.c | 4 ++++
+ 1 file changed, 4 insertions(+)
+
+diff --git a/lib/punycode.c b/lib/punycode.c
+index d475b6d..f7c63e6 100644
+--- a/lib/punycode.c
+++ b/lib/punycode.c
+@@ -228,6 +228,8 @@ punycode_encode (size_t input_length,
+ 	  output[out++] = case_flags ?
+ 	    encode_basic (input[j], case_flags[j]) : (char) input[j];
+ 	}
+      else if (input[j] > 0x10FFFF)
+	return punycode_bad_input;
+       /* else if (input[j] < n) return punycode_bad_input; */
+       /* (not needed for Punycode with unsigned code points) */
+     }
+@@ -418,6 +420,8 @@ punycode_decode (size_t input_length,
+       if (i / (out + 1) > maxint - n)
+ 	return punycode_overflow;
+       n += i / (out + 1);
+      if (n > 0x10FFFF)
+	return punycode_bad_input;
+       i %= (out + 1);
+ 
+       /* Insert n at position i of the output: */
+-- 
+1.8.3.1
--- a/0003-Fix-unlikely-memory-leak-in-idna_to_unicode_4z4z.patch
+++ b/0003-Fix-unlikely-memory-leak-in-idna_to_unicode_4z4z.patch
@ -0,0 +1,27 @@
+From c0374862fc911c88febfab36aedfceaa9e5d7d50 Mon Sep 17 00:00:00 2001
+From: Miroslav Lichvar <mlichvar@redhat.com>
+Date: Tue, 10 Jul 2018 16:09:19 +0200
+Subject: [PATCH 3/3] Fix unlikely memory leak in idna_to_unicode_4z4z
+
+---
+ lib/idna.c | 5 ++++-
+ 1 file changed, 4 insertions(+), 1 deletion(-)
+
+diff --git a/lib/idna.c b/lib/idna.c
+index 91e34f5..fae707c 100644
+--- a/lib/idna.c
+++ b/lib/idna.c
+@@ -658,7 +658,10 @@ idna_to_unicode_4z4z (const uint32_t * input, uint32_t ** output, int flags)
+       buflen = (size_t) (end - start);
+       buf = malloc (sizeof (buf[0]) * (buflen + 1));
+       if (!buf)
+-	return IDNA_MALLOC_ERROR;
+	{
+	  free (out);
+	  return IDNA_MALLOC_ERROR;
+	}
+ 
+       /* don't check return code as per specification! */
+       idna_to_unicode_44i (start, (size_t) (end - start),
+-- 
+1.8.3.1
--- a/0004-Fix-build-failure-in-csharp.patch
+++ b/0004-Fix-build-failure-in-csharp.patch
@ -0,0 +1,68 @@
+From fc03b00ddf68ef2075aa56dbaa0d1bbb19c5f7e1 Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Tim=20R=C3=BChsen?= <tim.ruehsen@gmx.de>
+Date: Fri, 24 May 2019 13:03:11 +0200
+Subject: Fix build failure in csharp/
+
+---
+ csharp/Makefile.am | 6 +++---
+ lib/punycode.c     | 7 +++++--
+ 2 files changed, 8 insertions(+), 5 deletions(-)
+
+diff --git a/csharp/Makefile.am b/csharp/Makefile.am
+index 7afdea9..4625738 100644
+--- a/csharp/Makefile.am
+++ b/csharp/Makefile.am
+@@ -59,15 +59,15 @@ GenerateTables.exe: $(SOURCES_GENERATE)
+ 		`for src in $(SOURCES_GENERATE); do echo $(srcdir)/$$src; done`
+ 	if ! test -f rfc3454.txt; then \
+ 		ln -s $(SPEC)/rfc3454.txt . \
+-		|| cp $(SPEC)/rfc3454.txt .; \
+		|| cp $(SPEC)/rfc3454.txt . || true; \
+ 	fi
+ 	if ! test -f UnicodeData.txt; then \
+ 		ln -s $(SPEC)/UnicodeData-3.2.0.txt UnicodeData.txt \
+-		|| cp $(SPEC)/UnicodeData-3.2.0.txt UnicodeData.txt; \
+		|| cp $(SPEC)/UnicodeData-3.2.0.txt UnicodeData.txt || true; \
+ 	fi
+ 	if ! test -f CompositionExclusions.txt; then \
+ 		ln -s $(SPEC)/CompositionExclusions-3.2.0.txt CompositionExclusions.txt \
+-		|| cp $(SPEC)/CompositionExclusions-3.2.0.txt CompositionExclusions.txt; \
+		|| cp $(SPEC)/CompositionExclusions-3.2.0.txt CompositionExclusions.txt || true; \
+ 	fi
+ 
+ RFC3454.cs CombiningClass.cs DecompositionKeys.cs DecompositionMappings.cs Composition.cs: $(GEN_SOURCES)
+diff --git a/lib/punycode.c b/lib/punycode.c
+index f7c63e6..bb5f34b 100644
+--- a/lib/punycode.c
+++ b/lib/punycode.c
+@@ -228,7 +228,7 @@ punycode_encode (size_t input_length,
+ 	  output[out++] = case_flags ?
+ 	    encode_basic (input[j], case_flags[j]) : (char) input[j];
+ 	}
+-      else if (input[j] > 0x10FFFF)
+      else if (input[j] > 0x10FFFF || (input[j] >= 0xD800 && input[j] <= 0xDBFF))
+ 	return punycode_bad_input;
+       /* else if (input[j] < n) return punycode_bad_input; */
+       /* (not needed for Punycode with unsigned code points) */
+@@ -378,6 +378,9 @@ punycode_decode (size_t input_length,
+ 	return punycode_bad_input;
+       output[out++] = input[j];
+     }
+  for (j = b + (b > 0);  j < input_length;  ++j)
+    if (!basic (input[j]))
+      return punycode_bad_input;
+ 
+   /* Main decoding loop:  Start just after the last delimiter if any  */
+   /* basic code points were copied; start at the beginning otherwise. */
+@@ -420,7 +423,7 @@ punycode_decode (size_t input_length,
+       if (i / (out + 1) > maxint - n)
+ 	return punycode_overflow;
+       n += i / (out + 1);
+-      if (n > 0x10FFFF)
+      if (n > 0x10FFFF  || (n >= 0xD800 && n <= 0xDBFF))
+ 	return punycode_bad_input;
+       i %= (out + 1);
+ 
+-- 
+cgit v1.0-41-gc330
+
--- a/libidn-1.33-Allow-disabling-Emacs-support.patch
+++ b/libidn-1.33-Allow-disabling-Emacs-support.patch
@ -19,7 +19,7 @@ diff --git a/configure.ac b/configure.ac
 index 649ddcd..a6dc9ff 100644
 --- a/configure.ac
 +++ b/configure.ac
-@@ -51,7 +51,6 @@ LT_INIT([win32-dll])
+@@ -50,7 +50,6 @@ AM_MISSING_PROG(HELP2MAN, help2man, $missing_dir)
 AM_GNU_GETTEXT(external)
 AM_GNU_GETTEXT_VERSION(0.19.3)
 AM_ICONV
--- a/libidn-1.35.tar.gz
+++ b/libidn-1.35.tar.gz
--- a/libidn-1.36.tar.gz
+++ b/libidn-1.36.tar.gz
--- a/libidn.spec
+++ b/libidn.spec
@ -1,30 +1,26 @@
-# Build with Emacs support
-%bcond_without libidn_enables_emacs
-%bcond_with java
-
 Name:     libidn
-Version:  1.36
-Release:  3
+Version:  1.35
+Release:  5
 Summary:  GNU IDN Library - Libidn
-License:  LGPLv2+ and GPLv3+ and GFDL-1.3-or-later
+License:  LGPLv2+ and GPLv3+ and GFDL
 URL:	  http://www.gnu.org/software/libidn/
 Source0:  http://ftp.gnu.org/gnu/libidn/libidn-%{version}.tar.gz

-# Allow disabling Emacs support
-Patch0:   libidn-emacsopt.patch
+#patch from RedHat add --disable-emacs
+Patch0:    libidn-1.33-Allow-disabling-Emacs-support.patch
+Patch6000: 0002-Check-codepoint-validity-in-punycode_decode-and-puny.patch
+#patch from RedHat fix memory leak
+Patch6001: 0003-Fix-unlikely-memory-leak-in-idna_to_unicode_4z4z.patch
+
+Patch6002: 0004-Fix-build-failure-in-csharp.patch

 BuildRequires: autoconf autoconf-archive automake libtool texinfo
-BuildRequires: gcc gettext gettext-devel pkgconfig help2man
-%if %{with libidn_enables_emacs}
-BuildRequires: emacs
-%endif
+BuildRequires: gcc gettext gettext-devel pkgconfig help2man emacs

 Provides:  bundled(gnulib)
-%if %{with libidn_enables_emacs}
 Obsoletes: emacs-libidn < 1.30-4
 Provides:  emacs-libidn < 1.30-4
 Requires:  emacs-filesystem >= %{_emacs_version}
-%endif

 %description
 GNU Libidn is a fully documented implementation of the Stringprep, Punycode and IDNA 2003 specifications.
@ -39,7 +35,6 @@ Requires: pkgconfig
 This package includes header files and libraries necessary for
 developing programs which use the GNU libidn library.

-%if %{with java}
 %package java
 Summary:       Java port of the GNU Libidn library
 BuildRequires: java-devel javapackages-local
@ -57,7 +52,6 @@ BuildArch:     noarch

 %description javadoc
 This package contains javadoc for %{name}-java.
-%endif

 %package_help

@ -68,28 +62,10 @@ autoreconf -vif
 touch src/idn_cmd.c src/idn_cmd.h

 %build
-%configure --disable-csharp \
-%if %{with libidn_enables_emacs}
-    --enable-emacs \
-    --with-lispdir=%{_emacs_sitelispdir}/%{name} \
-%else
-    --disable-emacs \
-%endif
-%if %{with java}
-    --enable-java
-%else
-    --disable-java
-%endif
-
-%disable_rpath
-export LD_LIBRARY_PATH=$(pwd)/lib/.libs
+%configure --disable-csharp --enable-java --enable-emacs

 %make_build

-%check
-# without RPATH this needs to be set to test the compiled library
-export LD_LIBRARY_PATH=$(pwd)/lib/.libs
-%make_build -C tests check VALGRIND=env

 %install
 %make_install
@ -98,18 +74,12 @@ rm -rf %{buildroot}%{_datadir}/info/dir
 rm -rf %{buildroot}%{_libdir}/*.la \
       %{buildroot}%{_datadir}/info/*.png

-%if %{with libidn_enables_emacs}
-%{_emacs_bytecompile} $RPM_BUILD_ROOT%{_emacs_sitelispdir}/%{name}/*.el
-%endif
-
-%if %{with java}
 rm -rf doc/java/*
 %javadoc -source 1.6 -d doc/java $(find java/src/main/java -name "*.java")
 rm -rf $RPM_BUILD_ROOT%{_javadir}/libidn*.jar
 %mvn_artifact java/pom.xml java/libidn-%{version}.jar
 %mvn_file org.gnu.inet:libidn libidn
 %mvn_install -J doc/java
-%endif

 %find_lang %{name}

@ -120,9 +90,8 @@ rm -rf $RPM_BUILD_ROOT%{_javadir}/libidn*.jar
 %doc AUTHORS NEWS FAQ THANKS README
 %{_bindir}/idn
 %{_libdir}/libidn.so.12*
-%if %{with libidn_enables_emacs}
-%{_emacs_sitelispdir}/%{name}
-%endif
+%{_datadir}/emacs/site-lisp/*.el
+

 %files devel
 %{_libdir}/libidn.so
@ -130,13 +99,11 @@ rm -rf $RPM_BUILD_ROOT%{_javadir}/libidn*.jar
 %{_includedir}/*.h
 %{_libdir}/pkgconfig/*.pc

-%if %{with java}
 %files java -f .mfiles
 %license COPYING* java/LICENSE-2.0.txt

 %files javadoc -f .mfiles-javadoc
 %license COPYING* java/LICENSE-2.0.txt
-%endif

 %files help
 %{_mandir}/man1/idn.1*
@ -144,48 +111,12 @@ rm -rf $RPM_BUILD_ROOT%{_javadir}/libidn*.jar
 %{_infodir}/%{name}.info.gz

 %changelog
-* Sat May 27 2023 yanglongkang <yanglongkang@h-partners.com> - 1.36-3
- enable check and correct the license
-
-* Tue Feb 15 2022 fuanan <fuanan3@h-partners.com> - 1.36-2
- Add build-conditions disabling Emacs
-
-* Thu Aug 6 2020 yangzhuangzhuang <yangzhuangzhuang1@huawei.com> - 1.36-1
- Type:enhancement
- ID:NA
- SUG:NA
- DESC:update version to 1.36
-
-* Wed Jan 8 2020 chengquan <chengquan3@huawei.com> - 1.35-9
- Type:NA
- ID:NA
- SUG:NA
- DESC:remove useless patch
-
-* Mon Dec 23 2019 openEuler Buildteam <buildteam@openeuler.org> - 1.35-8
- Type:NA
- ID:NA
- SUG:NA
- DESC:change the directory of lispdir and remove rpath
-
-* Thu Oct 17 2019 openEuler Buildteam <buildteam@openeuler.org> - 1.35-7
- Type:bugfix
- ID:NA
- SUG:NA
- DESC:add bcondwith java 
-
-* Thu Oct 17 2019 openEuler Buildteam <buildteam@openeuler.org> - 1.35-6
- Type:bugfix
- ID:NA
- SUG:NA
- DESC:add libidn_enables_java
-
-* Mon Sep 23 2019 openEuler Buildteam <buildteam@openeuler.org> - 1.35-3
+* Mon Sep 23 2019 openEuler Buildteam <buildteam@openeuler.org> - 1.35-5
 - Type:bugfix
 - ID:NA
 - SUG:NA
 - DESC: Fix build failure in csharp

-* Mon Sep 2 2019 openEuler Buildteam <buildteam@openeuler.org> - 1.35-1
+* Mon Sep 2 2019 openEuler Buildteam <buildteam@openeuler.org> - 1.35-4
 - Package init