Backport patch for CVE-2021-45943

CVE-2021-45943.patch

@@ -0,0 +1,25 @@
+diff -rupN gdal-3.3.2-fedora/frmts/pcidsk/sdk/segment/cpcidskbinarysegment.cpp gdal-3.3.2-fedora-new/frmts/pcidsk/sdk/segment/cpcidskbinarysegment.cpp
+--- gdal-3.3.2-fedora/frmts/pcidsk/sdk/segment/cpcidskbinarysegment.cpp	2021-09-01 11:51:01.000000000 +0200
++++ gdal-3.3.2-fedora-new/frmts/pcidsk/sdk/segment/cpcidskbinarysegment.cpp	2022-02-04 18:57:11.761058218 +0100
+@@ -31,6 +31,7 @@
+ #include "pcidsk_exception.h"
+ #include "core/pcidsk_utils.h"
+ 
++#include <limits>
+ #include <vector>
+ #include <string>
+ #include <cassert>
+@@ -73,8 +74,12 @@ void CPCIDSKBinarySegment::Load()
+     if (loaded_) {
+         return;
+     }
++    if( data_size - 1024 > static_cast<uint64_t>(std::numeric_limits<int>::max()) )
++    {
++        return ThrowPCIDSKException("too large data_size");
++    }
+ 
+-    seg_data.SetSize((int)data_size - 1024);
++    seg_data.SetSize((int)(data_size - 1024));
+ 
+     ReadFromFile(seg_data.buffer, 0, data_size - 1024);
+ 

gdal.spec

@@ -44,7 +44,7 @@
 
 Name:          gdal
 Version:       3.3.2
-Release:       1%{?dist}%{?bootstrap:.%{bootstrap}.bootstrap}
+Release:       2%{?dist}%{?bootstrap:.%{bootstrap}.bootstrap}
 Summary:       GIS file format library
 License:       MIT
 URL:           http://www.gdal.org
@@ -78,6 +78,9 @@ Patch8:        %{name}-gcc11.patch
 Patch9:        gdal_no-diag-disable.patch
 # Fix build with autoconf 2.70
 Patch10:       gdal_autoconf270.patch
+# Backport patch for CVE-2021-45943
+# https://github.com/OSGeo/gdal/pull/4944
+Patch11:       CVE-2021-45943.patch
 
 
 BuildRequires: gcc
@@ -641,6 +644,9 @@ popd
 #Or as before, using ldconfig
 
 %changelog
+* Fri Feb 04 2022 Sandro Mani <manisandro@gmail.com> - 3.3.2-2
+- Backport patch for CVE-2021-45943
+
 * Tue Sep 07 2021 Sandro Mani <manisandro@gmail.com> - 3.3.2-1
 - Update to 3.3.2