From 3c379265e8a2807ca91a5b68efc9f1b3e2b41b7d Mon Sep 17 00:00:00 2001
From: Thomas Sailer <t.sailer@alumni.ethz.ch>
Date: Tue, 16 Aug 2016 13:49:58 +0200
Subject: [PATCH] patch for #1367359

---
 commit-5ca71a7.patch | 19 +++++++++++++++++++
 mingw-lcms2.spec     |  9 ++++++++-
 2 files changed, 27 insertions(+), 1 deletion(-)
 create mode 100644 commit-5ca71a7.patch

diff --git a/commit-5ca71a7.patch b/commit-5ca71a7.patch
new file mode 100644
index 0000000..20e99e8
--- /dev/null
+++ b/commit-5ca71a7.patch
@@ -0,0 +1,19 @@
+From 5ca71a7bc18b6897ab21d815d15e218e204581e2 Mon Sep 17 00:00:00 2001
+From: Marti <marti.maria@tktbrainpower.com>
+Date: Mon, 15 Aug 2016 23:31:39 +0200
+Subject: Added an extra check to MLU bounds
+
+Thanks to Ibrahim el-sayed for spotting the bug
+
+diff --git a/src/cmstypes.c b/src/cmstypes.c
+index cb61860..c7328b9 100644
+--- a/src/cmstypes.c
++++ b/src/cmstypes.c
+@@ -1460,6 +1460,7 @@ void *Type_MLU_Read(struct _cms_typehandler_struct* self, cmsIOHANDLER* io, cmsU
+ 
+         // Check for overflow
+         if (Offset < (SizeOfHeader + 8)) goto Error;
++        if ((Offset + Len) > SizeOfTag + 8) goto Error;
+ 
+         // True begin of the string
+         BeginOfThisString = Offset - SizeOfHeader - 8;
diff --git a/mingw-lcms2.spec b/mingw-lcms2.spec
index 2dc0ca6..f79954a 100644
--- a/mingw-lcms2.spec
+++ b/mingw-lcms2.spec
@@ -6,13 +6,16 @@
 Name:           mingw-%{mingw_pkg_name}
 Version:        2.8
 #Release:        0.2.%{prerelease}%{?dist}
-Release:        1%{?dist}
+Release:        2%{?dist}
 Summary:        MinGW Color Management Engine
 Group:          Development/Libraries
 License:        MIT
 URL:            http://www.littlecms.com/
 #Source0:        http://www.littlecms.com/%{mingw_pkg_name}-%{version}%{prerelease}.tar.gz
 Source0:        http://www.littlecms.com/%{mingw_pkg_name}-%{version}.tar.gz
+# https://bugzilla.redhat.com/show_bug.cgi?id=1367357
+# https://bugzilla.redhat.com/show_bug.cgi?id=1367359
+Patch0:         commit-5ca71a7.patch
 
 BuildRequires:  mingw32-filesystem
 BuildRequires:  mingw64-filesystem
@@ -72,6 +75,7 @@ mingw64-%{mingw_pkg_name} development.
 %prep
 #setup -q -n %{mingw_pkg_name}-%{version}%{prerelease}
 %setup -q -n %{mingw_pkg_name}-%{version}
+%patch0 -p1
 iconv -f ISO-8859-1 -t UTF-8 AUTHORS > AUTHORS.x
 mv -f AUTHORS.x AUTHORS
 
@@ -113,6 +117,9 @@ rm -rf ${RPM_BUILD_ROOT}/%{mingw64_mandir}
 %{mingw64_libdir}/liblcms2.a
 
 %changelog
+* Tue Aug 16 2016 Thomas Sailer <t.sailer@alumni.ethz.ch> - 2.8-2
+- apply fix for #1367359
+
 * Mon Aug 08 2016 Thomas Sailer <t.sailer@alumni.ethz.ch> - 2.8-1
 - update to 2.8