Security fix for CVE-2022-28041 (fix RHBZ#2077020, fix RBHZ#2077019)

Backports PR#1297 from upstream.

1236.patch

@@ -0,0 +1,37 @@
+From 5cf3af3181f7a0fb8d59ca5fe8daa011c1918d19 Mon Sep 17 00:00:00 2001
+From: Ryan Wiedemann <Ryan1729@gmail.com>
+Date: Mon, 25 Oct 2021 22:11:48 -0600
+Subject: [PATCH] Predeclare stbhw__process struct to fix warnings
+
+A subset of the warnings as produced by `clang`.
+```
+./../stb_herringbone_wang_tile.h:369:41: warning: declaration of 'struct stbhw__process' will not be visible outside of this function [-Wvisibility]
+typedef void stbhw__process_rect(struct stbhw__process *p, int xpos, int ypos,
+                                        ^
+./../stb_herringbone_wang_tile.h:401:43: warning: incompatible pointer types passing 'stbhw__process *' (aka 'struct stbhw__process *') to parameter of type 'struct stbhw__process *' [-Wincompatible-pointer-types]
+                        p->process_h_rect(p, xpos, ypos, a,b,c,d,e,f);
+                                          ^
+./../stb_herringbone_wang_tile.h:425:43: warning: incompatible pointer types passing 'stbhw__process *' (aka 'struct stbhw__process *') to parameter of type 'struct stbhw__process *' [-Wincompatible-pointer-types]
+                        p->process_v_rect(p, xpos, ypos, a,b,c,d,e,f);
+                                          ^
+./../stb_herringbone_wang_tile.h:929:21: warning: incompatible pointer types assigning to 'stbhw__process_rect *' (aka 'void (*)(struct stbhw__process *, int, int, int, int, int, int, int, int)') from 'void (stbhw__process *, int, int, int, int, int, int, int, int)' (aka 'void (struct stbhw__process *, int, int, int, int, int, int, int, int)') [-Wincompatible-pointer-types]
+   p.process_h_rect = stbhw__parse_h_rect;
+                    ^ ~~~~~~~~~~~~~~~~~~~
+```
+---
+ stb_herringbone_wang_tile.h | 2 ++
+ 1 file changed, 2 insertions(+)
+
+diff --git a/stb_herringbone_wang_tile.h b/stb_herringbone_wang_tile.h
+index 5517941f7a..92c238bb24 100644
+--- a/stb_herringbone_wang_tile.h
++++ b/stb_herringbone_wang_tile.h
+@@ -366,6 +366,8 @@ STBHW_EXTERN const char *stbhw_get_last_error(void)
+ //  need to try to do more sophisticated parsing of edge color
+ //  markup or something.
+ 
++struct stbhw__process;
++
+ typedef void stbhw__process_rect(struct stbhw__process *p, int xpos, int ypos,
+                                  int a, int b, int c, int d, int e, int f);
+ 

1297.patch

@@ -0,0 +1,244 @@
+From fa43122a169eb79ced5789f2f261cee7fd4db221 Mon Sep 17 00:00:00 2001
+From: Neil Bickford <nbickford@nvidia.com>
+Date: Tue, 22 Feb 2022 23:48:42 -0800
+Subject: [PATCH 1/4] Add checks for PNM integer read overflows, add a 1GB
+ limit on IDAT chunk sizes to fix an OOM issue, and check for a situation
+ where a sequence of bad Huffman code reads could result in a left shift by a
+ negative number.
+
+---
+ stb_image.h | 8 ++++++++
+ 1 file changed, 8 insertions(+)
+
+diff --git a/stb_image.h b/stb_image.h
+index d60371b95..6321f5e02 100644
+--- a/stb_image.h
++++ b/stb_image.h
+@@ -2283,6 +2283,7 @@ static int stbi__jpeg_decode_block_prog_ac(stbi__jpeg *j, short data[64], stbi__
+             k += (r >> 4) & 15; // run
+             s = r & 15; // combined length
+             j->code_buffer <<= s;
++            if (s > j->code_bits) return stbi__err("bad huffman code","Combined length longer than code bits available");
+             j->code_bits -= s;
+             zig = stbi__jpeg_dezigzag[k++];
+             data[zig] = (short) ((r >> 8) * (1 << shift));
+@@ -5116,6 +5117,7 @@ static int stbi__parse_png_file(stbi__png *z, int scan, int req_comp)
+             if (first) return stbi__err("first not IHDR", "Corrupt PNG");
+             if (pal_img_n && !pal_len) return stbi__err("no PLTE","Corrupt PNG");
+             if (scan == STBI__SCAN_header) { s->img_n = pal_img_n; return 1; }
++            if (c.length > (1u << 30)) return stbi__err("IDAT size limit", "IDAT section larger than 2^30 bytes");
+             if ((int)(ioff + c.length) < (int)ioff) return 0;
+             if (ioff + c.length > idata_limit) {
+                stbi__uint32 idata_limit_old = idata_limit;
+@@ -7486,6 +7488,8 @@ static int      stbi__pnm_getinteger(stbi__context *s, char *c)
+    while (!stbi__at_eof(s) && stbi__pnm_isdigit(*c)) {
+       value = value*10 + (*c - '0');
+       *c = (char) stbi__get8(s);
++      if((value > 214748364) || (value == 214748364 && *c > '7'))
++          return stbi__err("integer parse overflow", "Parsing an integer in the PPM header overflowed a 32-bit int");
+    }
+ 
+    return value;
+@@ -7516,9 +7520,13 @@ static int      stbi__pnm_info(stbi__context *s, int *x, int *y, int *comp)
+    stbi__pnm_skip_whitespace(s, &c);
+ 
+    *x = stbi__pnm_getinteger(s, &c); // read width
++   if(*x == 0)
++       return stbi__err("invalid width", "PPM image header had zero or overflowing width");
+    stbi__pnm_skip_whitespace(s, &c);
+ 
+    *y = stbi__pnm_getinteger(s, &c); // read height
++   if (*y == 0)
++       return stbi__err("invalid width", "PPM image header had zero or overflowing width");
+    stbi__pnm_skip_whitespace(s, &c);
+ 
+    maxv = stbi__pnm_getinteger(s, &c);  // read max value
+
+From 83739b31eeddaaf683948051661ece39af6795cd Mon Sep 17 00:00:00 2001
+From: Neil Bickford <nbickford@nvidia.com>
+Date: Wed, 23 Feb 2022 00:53:34 -0800
+Subject: [PATCH 2/4] Add range checks to fix a few crash issues in stb_image
+ issues 1289 and 1291
+
+---
+ stb_image.h | 10 ++++++++--
+ 1 file changed, 8 insertions(+), 2 deletions(-)
+
+diff --git a/stb_image.h b/stb_image.h
+index 6321f5e02..800c83db3 100644
+--- a/stb_image.h
++++ b/stb_image.h
+@@ -1985,9 +1985,12 @@ static int stbi__build_huffman(stbi__huffman *h, int *count)
+    int i,j,k=0;
+    unsigned int code;
+    // build size list for each symbol (from JPEG spec)
+-   for (i=0; i < 16; ++i)
+-      for (j=0; j < count[i]; ++j)
++   for (i=0; i < 16; ++i) {
++      for (j=0; j < count[i]; ++j) {
+          h->size[k++] = (stbi_uc) (i+1);
++         if(k >= 257) return stbi__err("bad size list","Corrupt JPEG");
++      }
++   }
+    h->size[k] = 0;
+ 
+    // compute actual symbols (from jpeg spec)
+@@ -2112,6 +2115,8 @@ stbi_inline static int stbi__jpeg_huff_decode(stbi__jpeg *j, stbi__huffman *h)
+ 
+    // convert the huffman code to the symbol id
+    c = ((j->code_buffer >> (32 - k)) & stbi__bmask[k]) + h->delta[k];
++   if(c < 0 || c >= 256) // symbol id out of bounds!
++       return -1;
+    STBI_ASSERT((((j->code_buffer) >> (32 - h->size[c])) & stbi__bmask[h->size[c]]) == h->code[c]);
+ 
+    // convert the id to a symbol
+@@ -3103,6 +3108,7 @@ static int stbi__process_marker(stbi__jpeg *z, int m)
+                sizes[i] = stbi__get8(z->s);
+                n += sizes[i];
+             }
++            if(n > 256) return stbi__err("bad DHT header","Corrupt JPEG"); // Loop over i < n would write past end of values!
+             L -= 17;
+             if (tc == 0) {
+                if (!stbi__build_huffman(z->huff_dc+th, sizes)) return 0;
+
+From 2cdd738fd112e11bec8d7b2ee96449741a203ee2 Mon Sep 17 00:00:00 2001
+From: Neil Bickford <nbickford@nvidia.com>
+Date: Wed, 23 Feb 2022 23:48:49 -0800
+Subject: [PATCH 3/4] Add checks for signed integer overflow; further guard
+ against cases where stbi__grow_buffer_unsafe doesn't read all bits required.
+
+---
+ stb_image.h | 27 ++++++++++++++++++++++++++-
+ 1 file changed, 26 insertions(+), 1 deletion(-)
+
+diff --git a/stb_image.h b/stb_image.h
+index 800c83db3..9d10099bb 100644
+--- a/stb_image.h
++++ b/stb_image.h
+@@ -1063,6 +1063,23 @@ static void *stbi__malloc_mad4(int a, int b, int c, int d, int add)
+ }
+ #endif
+ 
++// returns 1 if the sum of two signed ints is valid (between -2^31 and 2^31-1 inclusive), 0 on overflow.
++static int stbi__addints_valid(int a, int b)
++{
++   if ((a >= 0) != (b >= 0)) return 1; // a and b have different signs, so no overflow
++   if (a < 0 && b < 0) return a >= INT_MIN - b; // same as a + b >= INT_MIN; INT_MIN - b cannot overflow since b < 0.
++   return a <= INT_MAX - b;
++}
++
++// returns 1 if the product of two signed shorts is valid, 0 on overflow.
++static int stbi__mul2shorts_valid(short a, short b)
++{
++   if (b == 0 || b == -1) return 1; // multiplication by 0 is always 0; check for -1 so SHRT_MIN/b doesn't overflow
++   if ((a >= 0) == (b >= 0)) return a <= SHRT_MAX/b; // product is positive, so similar to mul2sizes_valid
++   if (b < 0) return a <= SHRT_MIN / b; // same as a * b >= SHRT_MIN
++   return a >= SHRT_MIN / b;
++}
++
+ // stbi__err - error
+ // stbi__errpf - error returning pointer to float
+ // stbi__errpuc - error returning pointer to unsigned char
+@@ -2135,6 +2152,7 @@ stbi_inline static int stbi__extend_receive(stbi__jpeg *j, int n)
+    unsigned int k;
+    int sgn;
+    if (j->code_bits < n) stbi__grow_buffer_unsafe(j);
++   if (j->code_bits < n) return 0; // ran out of bits from stream, return 0s intead of continuing
+ 
+    sgn = j->code_buffer >> 31; // sign bit always in MSB; 0 if MSB clear (positive), 1 if MSB set (negative)
+    k = stbi_lrot(j->code_buffer, n);
+@@ -2149,6 +2167,7 @@ stbi_inline static int stbi__jpeg_get_bits(stbi__jpeg *j, int n)
+ {
+    unsigned int k;
+    if (j->code_bits < n) stbi__grow_buffer_unsafe(j);
++   if (j->code_bits < n) return 0; // ran out of bits from stream, return 0s intead of continuing
+    k = stbi_lrot(j->code_buffer, n);
+    j->code_buffer = k & ~stbi__bmask[n];
+    k &= stbi__bmask[n];
+@@ -2160,6 +2179,7 @@ stbi_inline static int stbi__jpeg_get_bit(stbi__jpeg *j)
+ {
+    unsigned int k;
+    if (j->code_bits < 1) stbi__grow_buffer_unsafe(j);
++   if (j->code_bits < 1) return 0; // ran out of bits from stream, return 0s intead of continuing
+    k = j->code_buffer;
+    j->code_buffer <<= 1;
+    --j->code_bits;
+@@ -2197,8 +2217,10 @@ static int stbi__jpeg_decode_block(stbi__jpeg *j, short data[64], stbi__huffman
+    memset(data,0,64*sizeof(data[0]));
+ 
+    diff = t ? stbi__extend_receive(j, t) : 0;
++   if (!stbi__addints_valid(j->img_comp[b].dc_pred, diff)) return stbi__err("bad delta","Corrupt JPEG");
+    dc = j->img_comp[b].dc_pred + diff;
+    j->img_comp[b].dc_pred = dc;
++   if (!stbi__mul2shorts_valid(dc, dequant[0])) return stbi__err("can't merge dc and ac", "Corrupt JPEG");
+    data[0] = (short) (dc * dequant[0]);
+ 
+    // decode AC components, see JPEG spec
+@@ -2212,6 +2234,7 @@ static int stbi__jpeg_decode_block(stbi__jpeg *j, short data[64], stbi__huffman
+       if (r) { // fast-AC path
+          k += (r >> 4) & 15; // run
+          s = r & 15; // combined length
++         if (s > j->code_bits) return stbi__err("bad huffman code", "Combined length longer than code bits available");
+          j->code_buffer <<= s;
+          j->code_bits -= s;
+          // decode into unzigzag'd location
+@@ -2251,8 +2274,10 @@ static int stbi__jpeg_decode_block_prog_dc(stbi__jpeg *j, short data[64], stbi__
+       if (t < 0 || t > 15) return stbi__err("can't merge dc and ac", "Corrupt JPEG");
+       diff = t ? stbi__extend_receive(j, t) : 0;
+ 
++      if (!stbi__addints_valid(j->img_comp[b].dc_pred, diff)) return stbi__err("bad delta", "Corrupt JPEG");
+       dc = j->img_comp[b].dc_pred + diff;
+       j->img_comp[b].dc_pred = dc;
++      if (!stbi__mul2shorts_valid(dc, 1 << j->succ_low)) return stbi__err("can't merge dc and ac", "Corrupt JPEG");
+       data[0] = (short) (dc * (1 << j->succ_low));
+    } else {
+       // refinement scan for DC coefficient
+@@ -2287,8 +2312,8 @@ static int stbi__jpeg_decode_block_prog_ac(stbi__jpeg *j, short data[64], stbi__
+          if (r) { // fast-AC path
+             k += (r >> 4) & 15; // run
+             s = r & 15; // combined length
++            if (s > j->code_bits) return stbi__err("bad huffman code", "Combined length longer than code bits available");
+             j->code_buffer <<= s;
+-            if (s > j->code_bits) return stbi__err("bad huffman code","Combined length longer than code bits available");
+             j->code_bits -= s;
+             zig = stbi__jpeg_dezigzag[k++];
+             data[zig] = (short) ((r >> 8) * (1 << shift));
+
+From 51e438b04b50eb98540f6df6057004214e9cc81c Mon Sep 17 00:00:00 2001
+From: Neil Bickford <nbickford@nvidia.com>
+Date: Fri, 25 Feb 2022 14:27:31 -0800
+Subject: [PATCH 4/4] Zero-initialize stbi__jpeg to avoid intermittent errors
+ found by fuzz-testing
+
+---
+ stb_image.h | 3 +++
+ 1 file changed, 3 insertions(+)
+
+diff --git a/stb_image.h b/stb_image.h
+index 9d10099bb..631e4e51c 100644
+--- a/stb_image.h
++++ b/stb_image.h
+@@ -4008,6 +4008,7 @@ static void *stbi__jpeg_load(stbi__context *s, int *x, int *y, int *comp, int re
+    unsigned char* result;
+    stbi__jpeg* j = (stbi__jpeg*) stbi__malloc(sizeof(stbi__jpeg));
+    if (!j) return stbi__errpuc("outofmem", "Out of memory");
++   memset(j, 0, sizeof(stbi__jpeg));
+    STBI_NOTUSED(ri);
+    j->s = s;
+    stbi__setup_jpeg(j);
+@@ -4021,6 +4022,7 @@ static int stbi__jpeg_test(stbi__context *s)
+    int r;
+    stbi__jpeg* j = (stbi__jpeg*)stbi__malloc(sizeof(stbi__jpeg));
+    if (!j) return stbi__err("outofmem", "Out of memory");
++   memset(j, 0, sizeof(stbi__jpeg));
+    j->s = s;
+    stbi__setup_jpeg(j);
+    r = stbi__decode_jpeg_header(j, STBI__SCAN_type);
+@@ -4046,6 +4048,7 @@ static int stbi__jpeg_info(stbi__context *s, int *x, int *y, int *comp)
+    int result;
+    stbi__jpeg* j = (stbi__jpeg*) (stbi__malloc(sizeof(stbi__jpeg)));
+    if (!j) return stbi__err("outofmem", "Out of memory");
++   memset(j, 0, sizeof(stbi__jpeg));
+    j->s = s;
+    result = stbi__jpeg_info_raw(j, x, y, comp);
+    STBI_FREE(j);

stb.spec

@@ -1,5 +1,5 @@
-%global forgeurl https://github.com/nothings/stb
 %global commit af1a5bc352164740c1cc1354942b1c6b72eacb8a
+%global snapdate 20210910
 
 # We choose not to package the “stb_include” library (stb_include.h) because it
 # is so rife with old-school blithe C behavior—wanton use of strcat/strcpy into
@@ -18,8 +18,8 @@ Name:           stb
 # collection is not, and there are no releases. See:
 #   https://github.com/nothings/stb/issues/359
 #   https://github.com/nothings/stb/issues/1101
-Version:        0
-%forgemeta
+%global snapinfo ^%{snapdate}git%(echo '%{commit}' | cut -b -7)
+Version:        0%{snapinfo}
 Release:        %autorelease -p
 Summary:        Single-file public domain libraries for C/C++
 
@@ -31,28 +31,28 @@ License:        MIT or Unlicense
 # - deprecated/rrsprintf.h, tests/caveview/stb_gl.h, and
 #   tests/caveview/win32/SDL_windows_main.c are Public Domain
 # - tests/caveview/glext.h is MIT (only)
-URL:            %{forgeurl}
-Source0:        %{forgesource}
+URL:            https://github.com/nothings/stb
+Source0:        %{url}/archive/%{commit}/stb-%{commit}.tar.gz
 
 # Fix undefined behavior from array “shape-punning”
 # https://github.com/nothings/stb/pull/1194
-Patch0:         %{forgeurl}/pull/1194.patch
+Patch:          %{url}/pull/1194.patch
 
 # Fix misleading indentation in stb_divide.h
 # https://github.com/nothings/stb/pull/1195
-Patch1:         %{forgeurl}/pull/1195.patch
+Patch:          %{url}/pull/1195.patch
 
 # Trivial fix for array-in-structure initialization (missing braces warning)
 # https://github.com/nothings/stb/pull/1196
-Patch2:         %{forgeurl}/pull/1196.patch
+Patch:          %{url}/pull/1196.patch
 
 # Fix signature of dummy realloc() for STB_VORBIS_NO_CRT
 # https://github.com/nothings/stb/pull/1198
-Patch3:         %{forgeurl}/pull/1198.patch
+Patch:          %{url}/pull/1198.patch
 
 # Remove stb_perlin from tests
 # https://github.com/nothings/stb/pull/1198
-Patch4:         %{forgeurl}/pull/1204.patch
+Patch:          %{url}/pull/1204.patch
 
 # Candidate fix for:
 # https://nvd.nist.gov/vuln/detail/CVE-2021-42715
@@ -78,7 +78,32 @@ Patch4:         %{forgeurl}/pull/1204.patch
 # Fixes a crash and an infinite loop in stb_image that could occur with
 # specially constructed PGM and HDR files
 # https://github.com/nothings/stb/pull/1223
-Patch5:         %{forgeurl}/pull/1223.patch
+Patch:          %{url}/pull/1223.patch
+
+# Forward declare stbhw__process struct to fix warnings
+# https://github.com/nothings/stb/pull/1225
+#
+# We don’t see these warnings in the “compile tests”, but we can reproduce them
+# by manually compiling tests/herringbone_map.c; a real user of the
+# stb_herringbone_wang_tile library would encounter them; and inspection of the
+# patch shows it to be correct.
+Patch:          %{url}/pull/1236.patch
+
+# Candidate fix for:
+# https://nvd.nist.gov/vuln/detail/CVE-2022-28041
+#
+# stb_image.h v2.27 was discovered to contain an integer overflow via the
+# function stbi__jpeg_decode_block_prog_dc. This vulnerability allows attackers
+# to cause a Denial of Service (DoS) via unspecified vectors.
+#
+# UBSAN: integer overflow
+# https://github.com/nothings/stb/issues/1292
+#
+# ----
+#
+# Additional stb_image fixes for bugs from ossfuzz and issues 1289, 1291, 1292, and 1293
+# https://github.com/nothings/stb/pull/1297
+Patch:          %{url}/pull/1297.patch
 
 %global stb_c_lexer_version 0.12
 %global stb_connected_components_version 0.96
@@ -121,48 +146,48 @@ Summary:        Development files for stb
 # specific stb libraries they use.
 Provides:       stb-static = %{version}-%{release}
 
-Requires:       stb_c_lexer-devel%{?_isa} = %{stb_c_lexer_version}-%{release}
-Requires:       stb_c_lexer-static = %{stb_c_lexer_version}-%{release}
-Requires:       stb_connected_components-devel%{?_isa} = %{stb_connected_components_version}-%{release}
-Requires:       stb_connected_components-static = %{stb_connected_components_version}-%{release}
-Requires:       stb_divide-devel%{?_isa} = %{stb_divide_version}-%{release}
-Requires:       stb_divide-static = %{stb_divide_version}-%{release}
-Requires:       stb_ds-devel%{?_isa} = %{stb_ds_version}-%{release}
-Requires:       stb_ds-static = %{stb_ds_version}-%{release}
-Requires:       stb_dxt-devel%{?_isa} = %{stb_dxt_version}-%{release}
-Requires:       stb_dxt-static = %{stb_dxt_version}-%{release}
-Requires:       stb_easy_font-devel%{?_isa} = %{stb_easy_font_version}-%{release}
-Requires:       stb_easy_font-static = %{stb_easy_font_version}-%{release}
-Requires:       stb_herringbone_wang_tile-devel%{?_isa} = %{stb_herringbone_wang_tile_version}-%{release}
-Requires:       stb_herringbone_wang_tile-static = %{stb_herringbone_wang_tile_version}-%{release}
-Requires:       stb_hexwave-devel%{?_isa} = %{stb_hexwave_version}-%{release}
-Requires:       stb_hexwave-static = %{stb_hexwave_version}-%{release}
-Requires:       stb_image-devel%{?_isa} = %{stb_image_version}-%{release}
-Requires:       stb_image-static = %{stb_image_version}-%{release}
-Requires:       stb_image_resize-devel%{?_isa} = %{stb_image_resize_version}-%{release}
-Requires:       stb_image_resize-static = %{stb_image_resize_version}-%{release}
-Requires:       stb_image_write-devel%{?_isa} = %{stb_image_write_version}-%{release}
-Requires:       stb_image_write-static = %{stb_image_write_version}-%{release}
+Requires:       stb_c_lexer-devel%{?_isa} = %{stb_c_lexer_version}%{snapinfo}-%{release}
+Requires:       stb_c_lexer-static = %{stb_c_lexer_version}%{snapinfo}-%{release}
+Requires:       stb_connected_components-devel%{?_isa} = %{stb_connected_components_version}%{snapinfo}-%{release}
+Requires:       stb_connected_components-static = %{stb_connected_components_version}%{snapinfo}-%{release}
+Requires:       stb_divide-devel%{?_isa} = %{stb_divide_version}%{snapinfo}-%{release}
+Requires:       stb_divide-static = %{stb_divide_version}%{snapinfo}-%{release}
+Requires:       stb_ds-devel%{?_isa} = %{stb_ds_version}%{snapinfo}-%{release}
+Requires:       stb_ds-static = %{stb_ds_version}%{snapinfo}-%{release}
+Requires:       stb_dxt-devel%{?_isa} = %{stb_dxt_version}%{snapinfo}-%{release}
+Requires:       stb_dxt-static = %{stb_dxt_version}%{snapinfo}-%{release}
+Requires:       stb_easy_font-devel%{?_isa} = %{stb_easy_font_version}%{snapinfo}-%{release}
+Requires:       stb_easy_font-static = %{stb_easy_font_version}%{snapinfo}-%{release}
+Requires:       stb_herringbone_wang_tile-devel%{?_isa} = %{stb_herringbone_wang_tile_version}%{snapinfo}-%{release}
+Requires:       stb_herringbone_wang_tile-static = %{stb_herringbone_wang_tile_version}%{snapinfo}-%{release}
+Requires:       stb_hexwave-devel%{?_isa} = %{stb_hexwave_version}%{snapinfo}-%{release}
+Requires:       stb_hexwave-static = %{stb_hexwave_version}%{snapinfo}-%{release}
+Requires:       stb_image-devel%{?_isa} = %{stb_image_version}%{snapinfo}-%{release}
+Requires:       stb_image-static = %{stb_image_version}%{snapinfo}-%{release}
+Requires:       stb_image_resize-devel%{?_isa} = %{stb_image_resize_version}%{snapinfo}-%{release}
+Requires:       stb_image_resize-static = %{stb_image_resize_version}%{snapinfo}-%{release}
+Requires:       stb_image_write-devel%{?_isa} = %{stb_image_write_version}%{snapinfo}-%{release}
+Requires:       stb_image_write-static = %{stb_image_write_version}%{snapinfo}-%{release}
 %if %{with stb_include}
-Requires:       stb_include-devel%{?_isa} = %{stb_include_version}-%{release}
-Requires:       stb_include-static = %{stb_include_version}-%{release}
+Requires:       stb_include-devel%{?_isa} = %{stb_include_version}%{snapinfo}-%{release}
+Requires:       stb_include-static = %{stb_include_version}%{snapinfo}-%{release}
 %endif
-Requires:       stb_leakcheck-devel%{?_isa} = %{stb_leakcheck_version}-%{release}
-Requires:       stb_leakcheck-static = %{stb_leakcheck_version}-%{release}
-Requires:       stb_rect_pack-devel%{?_isa} = %{stb_rect_pack_version}-%{release}
-Requires:       stb_rect_pack-static = %{stb_rect_pack_version}-%{release}
-Requires:       stb_sprintf-devel%{?_isa} = %{stb_sprintf_version}-%{release}
-Requires:       stb_sprintf-static = %{stb_sprintf_version}-%{release}
-Requires:       stb_textedit-devel%{?_isa} = %{stb_textedit_version}-%{release}
-Requires:       stb_textedit-static = %{stb_textedit_version}-%{release}
-Requires:       stb_tilemap_editor-devel%{?_isa} = %{stb_tilemap_editor_version}-%{release}
-Requires:       stb_tilemap_editor-static = %{stb_tilemap_editor_version}-%{release}
-Requires:       stb_truetype-devel%{?_isa} = %{stb_truetype_version}-%{release}
-Requires:       stb_truetype-static = %{stb_truetype_version}-%{release}
-Requires:       stb_vorbis-devel%{?_isa} = %{stb_vorbis_version}-%{release}
-Requires:       stb_vorbis-static = %{stb_vorbis_version}-%{release}
-Requires:       stb_voxel_render-devel%{?_isa} = %{stb_voxel_render_version}-%{release}
-Requires:       stb_voxel_render-static = %{stb_voxel_render_version}-%{release}
+Requires:       stb_leakcheck-devel%{?_isa} = %{stb_leakcheck_version}%{snapinfo}-%{release}
+Requires:       stb_leakcheck-static = %{stb_leakcheck_version}%{snapinfo}-%{release}
+Requires:       stb_rect_pack-devel%{?_isa} = %{stb_rect_pack_version}%{snapinfo}-%{release}
+Requires:       stb_rect_pack-static = %{stb_rect_pack_version}%{snapinfo}-%{release}
+Requires:       stb_sprintf-devel%{?_isa} = %{stb_sprintf_version}%{snapinfo}-%{release}
+Requires:       stb_sprintf-static = %{stb_sprintf_version}%{snapinfo}-%{release}
+Requires:       stb_textedit-devel%{?_isa} = %{stb_textedit_version}%{snapinfo}-%{release}
+Requires:       stb_textedit-static = %{stb_textedit_version}%{snapinfo}-%{release}
+Requires:       stb_tilemap_editor-devel%{?_isa} = %{stb_tilemap_editor_version}%{snapinfo}-%{release}
+Requires:       stb_tilemap_editor-static = %{stb_tilemap_editor_version}%{snapinfo}-%{release}
+Requires:       stb_truetype-devel%{?_isa} = %{stb_truetype_version}%{snapinfo}-%{release}
+Requires:       stb_truetype-static = %{stb_truetype_version}%{snapinfo}-%{release}
+Requires:       stb_vorbis-devel%{?_isa} = %{stb_vorbis_version}%{snapinfo}-%{release}
+Requires:       stb_vorbis-static = %{stb_vorbis_version}%{snapinfo}-%{release}
+Requires:       stb_voxel_render-devel%{?_isa} = %{stb_voxel_render_version}%{snapinfo}-%{release}
+Requires:       stb_voxel_render-static = %{stb_voxel_render_version}%{snapinfo}-%{release}
 
 # Upstream removed the stb_perlin library in commit
 # 59e7dec3e8bb0a8d4050d03c2dc32cf71ffa87c6, asserting it was covered by
@@ -179,9 +204,9 @@ This is a metapackage that requires the -devel packages for all stb libraries.
 
 %package -n stb_c_lexer-devel
 Summary:        Lexer for making little C-like languages with recursive-descent parsers
-Version:        %{stb_c_lexer_version}
+Version:        %{stb_c_lexer_version}%{snapinfo}
 
-Provides:       stb_c_lexer-static = %{stb_c_lexer_version}-%{release}
+Provides:       stb_c_lexer-static = %{stb_c_lexer_version}%{snapinfo}-%{release}
 
 %description -n stb_c_lexer-devel
 Lexer for making little C-like languages with recursive-descent parsers.
@@ -189,9 +214,9 @@ Lexer for making little C-like languages with recursive-descent parsers.
 
 %package -n stb_connected_components-devel
 Summary:        Connected components on grids
-Version:        %{stb_connected_components_version}
+Version:        %{stb_connected_components_version}%{snapinfo}
 
-Provides:       stb_connected_components-static = %{stb_connected_components_version}-%{release}
+Provides:       stb_connected_components-static = %{stb_connected_components_version}%{snapinfo}-%{release}
 
 %description -n stb_connected_components-devel
 Finds connected components on 2D grids for testing reachability between two
@@ -203,9 +228,9 @@ their orthogonal neighbors, not diagonally.
 
 %package -n stb_divide-devel
 Summary:        Three kinds of divide/modulus of signed integers
-Version:        %{stb_divide_version}
+Version:        %{stb_divide_version}%{snapinfo}
 
-Provides:       stb_divide-static = %{stb_divide_version}-%{release}
+Provides:       stb_divide-static = %{stb_divide_version}%{snapinfo}-%{release}
 
 %description -n stb_divide-devel
 Three kinds of divide/modulus of signed integers.
@@ -213,9 +238,9 @@ Three kinds of divide/modulus of signed integers.
 
 %package -n stb_ds-devel
 Summary:        Data structures
-Version:        %{stb_ds_version}
+Version:        %{stb_ds_version}%{snapinfo}
 
-Provides:       stb_ds-static = %{stb_ds_version}-%{release}
+Provides:       stb_ds-static = %{stb_ds_version}%{snapinfo}-%{release}
 
 %description -n stb_ds-devel
 This is a single-header-file library that provides easy-to-use dynamic arrays
@@ -227,9 +252,9 @@ For a gentle introduction:
 
 %package -n stb_dxt-devel
 Summary:        DXT1/DXT5 compressor
-Version:        %{stb_dxt_version}
+Version:        %{stb_dxt_version}%{snapinfo}
 
-Provides:       stb_dxt-static = %{stb_dxt_version}-%{release}
+Provides:       stb_dxt-static = %{stb_dxt_version}%{snapinfo}-%{release}
 
 %description -n stb_dxt-devel
 DXT1/DXT5 compressor.
@@ -238,9 +263,9 @@ DXT1/DXT5 compressor.
 
 %package -n stb_easy_font-devel
 Summary:        Bitmap font for 3D rendering
-Version:        %{stb_easy_font_version}
+Version:        %{stb_easy_font_version}%{snapinfo}
 
-Provides:       stb_easy_font-static = %{stb_easy_font_version}-%{release}
+Provides:       stb_easy_font-static = %{stb_easy_font_version}%{snapinfo}-%{release}
 
 %description -n stb_easy_font-devel
    Easy-to-deploy,
@@ -258,9 +283,9 @@ Doesn’t use any textures, instead builds characters out of quads.
 
 %package -n stb_herringbone_wang_tile-devel
 Summary:        Herringbone Wang Tile Generator
-Version:        %{stb_herringbone_wang_tile_version}
+Version:        %{stb_herringbone_wang_tile_version}%{snapinfo}
 
-Provides:       stb_herringbone_wang_tile-static = %{stb_herringbone_wang_tile_version}-%{release}
+Provides:       stb_herringbone_wang_tile-static = %{stb_herringbone_wang_tile_version}%{snapinfo}-%{release}
 
 %description -n stb_herringbone_wang_tile-devel
 This library is an SDK for Herringbone Wang Tile generation:
@@ -283,9 +308,9 @@ loading the tile set and specifying the constraints explicitly yourself.
 
 %package -n stb_hexwave-devel
 Summary:        A flexible anti-aliased (bandlimited) digital audio oscillator
-Version:        %{stb_hexwave_version}
+Version:        %{stb_hexwave_version}%{snapinfo}
 
-Provides:       stb_hexwave-static = %{stb_hexwave_version}-%{release}
+Provides:       stb_hexwave-static = %{stb_hexwave_version}%{snapinfo}-%{release}
 
 %description -n stb_hexwave-devel
 A flexible anti-aliased (bandlimited) digital audio oscillator.
@@ -299,9 +324,9 @@ multiple voices, etc.
 
 %package -n stb_image-devel
 Summary:        Image loader
-Version:        %{stb_image_version}
+Version:        %{stb_image_version}%{snapinfo}
 
-Provides:       stb_image-static = %{stb_image_version}-%{release}
+Provides:       stb_image-static = %{stb_image_version}%{snapinfo}-%{release}
 
 %description -n stb_image-devel
 Image loader.
@@ -309,9 +334,9 @@ Image loader.
 
 %package -n stb_image_resize-devel
 Summary:        Image resizing
-Version:        %{stb_image_resize_version}
+Version:        %{stb_image_resize_version}%{snapinfo}
 
-Provides:       stb_image_resize-static = %{stb_image_resize_version}-%{release}
+Provides:       stb_image_resize-static = %{stb_image_resize_version}%{snapinfo}-%{release}
 
 %description -n stb_image_resize-devel
 Image resizing.
@@ -324,9 +349,9 @@ w/Mitchell filter, upsamples w/cubic interpolation.
 
 %package -n stb_image_write-devel
 Summary:        Writes out PNG/BMP/TGA/JPEG/HDR images to C stdio
-Version:        %{stb_image_write_version}
+Version:        %{stb_image_write_version}%{snapinfo}
 
-Provides:       stb_image_write-static = %{stb_image_write_version}-%{release}
+Provides:       stb_image_write-static = %{stb_image_write_version}%{snapinfo}-%{release}
 
 %description -n stb_image_write-devel
 This header file is a library for writing images to C stdio or a callback.
@@ -341,9 +366,9 @@ run-time performance.
 %if %{with stb_include}
 %package -n stb_include-devel
 Summary:        Parse and process #include directives
-Version:        %{stb_include_version}
+Version:        %{stb_include_version}%{snapinfo}
 
-Provides:       stb_include-static = %{stb_include_version}-%{release}
+Provides:       stb_include-static = %{stb_include_version}%{snapinfo}-%{release}
 
 %description -n stb_include-devel
 This program parses a string and replaces lines of the form
@@ -361,9 +386,9 @@ API.
 
 %package -n stb_leakcheck-devel
 Summary:        Quick and dirty malloc leak-checking
-Version:        %{stb_leakcheck_version}
+Version:        %{stb_leakcheck_version}%{snapinfo}
 
-Provides:       stb_leakcheck-static = %{stb_leakcheck_version}-%{release}
+Provides:       stb_leakcheck-static = %{stb_leakcheck_version}%{snapinfo}-%{release}
 
 %description -n stb_leakcheck-devel
 Quick and dirty malloc leak-checking.
@@ -371,9 +396,9 @@ Quick and dirty malloc leak-checking.
 
 %package -n stb_rect_pack-devel
 Summary:        Rectangle packing
-Version:        %{stb_rect_pack_version}
+Version:        %{stb_rect_pack_version}%{snapinfo}
 
-Provides:       stb_rect_pack-static = %{stb_rect_pack_version}-%{release}
+Provides:       stb_rect_pack-static = %{stb_rect_pack_version}%{snapinfo}-%{release}
 
 %description -n stb_rect_pack-devel
 Useful for e.g. packing rectangular textures into an atlas. Does not do
@@ -393,9 +418,9 @@ same API, but with a different init function.
 
 %package -n stb_sprintf-devel
 Summary:        Implementation of snprintf()
-Version:        %{stb_sprintf_version}
+Version:        %{stb_sprintf_version}%{snapinfo}
 
-Provides:       stb_sprintf-static = %{stb_sprintf_version}-%{release}
+Provides:       stb_sprintf-static = %{stb_sprintf_version}%{snapinfo}-%{release}
 
 %description -n stb_sprintf-devel
 This is a full sprintf replacement that supports everything that the C runtime
@@ -424,9 +449,9 @@ when using MSVC static libs, calling sprintf drags in 16K.
 
 %package -n stb_textedit-devel
 Summary:        Guts of a multi-line text-editing widget
-Version:        %{stb_textedit_version}
+Version:        %{stb_textedit_version}%{snapinfo}
 
-Provides:       stb_textedit-static = %{stb_textedit_version}-%{release}
+Provides:       stb_textedit-static = %{stb_textedit_version}%{snapinfo}-%{release}
 
 %description -n stb_textedit-devel
 This C header file implements the guts of a multi-line text-editing widget; you
@@ -444,9 +469,9 @@ Non-trivial behaviors are modelled after Windows text controls.
 
 %package -n stb_tilemap_editor-devel
 Summary:        Embeddable tilemap editor for C/C++
-Version:        %{stb_tilemap_editor_version}
+Version:        %{stb_tilemap_editor_version}%{snapinfo}
 
-Provides:       stb_tilemap_editor-static = %{stb_tilemap_editor_version}-%{release}
+Provides:       stb_tilemap_editor-static = %{stb_tilemap_editor_version}%{snapinfo}-%{release}
 
 %description -n stb_tilemap_editor-devel
 Embeddable tilemap editor for C/C++.
@@ -454,9 +479,9 @@ Embeddable tilemap editor for C/C++.
 
 %package -n stb_truetype-devel
 Summary:        Processes TrueType Files
-Version:        %{stb_truetype_version}
+Version:        %{stb_truetype_version}%{snapinfo}
 
-Provides:       stb_truetype-static = %{stb_truetype_version}-%{release}
+Provides:       stb_truetype-static = %{stb_truetype_version}%{snapinfo}-%{release}
 
 %description -n stb_truetype-devel
 %{summary}.
@@ -479,9 +504,9 @@ This library processes TrueType files:
 
 %package -n stb_vorbis-devel
 Summary:        Ogg Vorbis audio decoder
-Version:        %{stb_vorbis_version}
+Version:        %{stb_vorbis_version}%{snapinfo}
 
-Provides:       stb_vorbis-static = %{stb_vorbis_version}-%{release}
+Provides:       stb_vorbis-static = %{stb_vorbis_version}%{snapinfo}-%{release}
 
 %description -n stb_vorbis-devel
 Ogg Vorbis audio decoder.
@@ -489,9 +514,9 @@ Ogg Vorbis audio decoder.
 
 %package -n stb_voxel_render-devel
 Summary:        Helps render large-scale “voxel” worlds for games
-Version:        %{stb_voxel_render_version}
+Version:        %{stb_voxel_render_version}%{snapinfo}
 
-Provides:       stb_voxel_render-static = %{stb_voxel_render_version}-%{release}
+Provides:       stb_voxel_render-static = %{stb_voxel_render_version}%{snapinfo}-%{release}
 
 %description -n stb_voxel_render-devel
 This library helps render large-scale “voxel” worlds for games, in this case,
@@ -531,7 +556,7 @@ Documentation for stb.
 
 
 %prep
-%forgeautosetup -p1
+%autosetup -n stb-%{commit} -p1
 
 # Append to OS build flags rather than overriding them
 #