From: Mathieu Malaterre <malat@debian.org>
Date: Wed, 4 Jan 2023 10:13:03 +0000 (+0100)
Subject: d/patches: Fix CVE-2022-43272. Closes: #1027165
X-Git-Tag: archive/raspbian/3.6.9-4+rpi1^2~28^2~19
X-Git-Url: https://dgit.raspbian.org/%22http://www.example.com/cgi/%22/%22http:/www.example.com/cgi/%22?a=commitdiff_plain;h=5246f1f103c8cd940a2555ad2544e61dd252c036;p=dcmtk.git

d/patches: Fix CVE-2022-43272. Closes: #1027165
---

diff --git a/debian/patches/c34f4e46e672ad21accf04da0dc085e43be6f5e1.patch b/debian/patches/c34f4e46e672ad21accf04da0dc085e43be6f5e1.patch
new file mode 100644
index 00000000..975b9714
--- /dev/null
+++ b/debian/patches/c34f4e46e672ad21accf04da0dc085e43be6f5e1.patch
@@ -0,0 +1,55 @@
+From c34f4e46e672ad21accf04da0dc085e43be6f5e1 Mon Sep 17 00:00:00 2001
+From: Marco Eichelberg <dicom@offis.de>
+Date: Thu, 9 Jun 2022 10:03:38 +0200
+Subject: [PATCH] Fixed memory leak in single process mode.
+
+Fixed a memory leak in dcmqrscp's single process mode.
+
+Thanks to <songxiangpu@mail.sdu.edu.cn> for the bug report and test data.
+---
+ dcmqrdb/libsrc/dcmqrsrv.cc | 24 ++++++++++--------------
+ 1 file changed, 10 insertions(+), 14 deletions(-)
+
+diff --git a/dcmqrdb/libsrc/dcmqrsrv.cc b/dcmqrdb/libsrc/dcmqrsrv.cc
+index 157e6c022..f5f9df661 100644
+--- a/dcmqrdb/libsrc/dcmqrsrv.cc
++++ b/dcmqrdb/libsrc/dcmqrsrv.cc
+@@ -1,6 +1,6 @@
+ /*
+  *
+- *  Copyright (C) 1993-2021, OFFIS e.V.
++ *  Copyright (C) 1993-2022, OFFIS e.V.
+  *  All rights reserved.  See COPYRIGHT file for details.
+  *
+  *  This software and supporting documentation were developed by
+@@ -1126,21 +1126,17 @@ OFCondition DcmQueryRetrieveSCP::waitForAssociation(T_ASC_Network * theNet)
+ #endif
+     }
+ 
+-    // cleanup code
++    // clean-up association
+     OFCondition oldcond = cond;    /* store condition flag for later use */
+-    if (!options_.singleProcess_ && (cond != ASC_SHUTDOWNAPPLICATION))
++    cond = ASC_dropAssociation(assoc);
++    if (cond.bad())
+     {
+-        /* the child will handle the association, we can drop it */
+-        cond = ASC_dropAssociation(assoc);
+-        if (cond.bad())
+-        {
+-            DCMQRDB_ERROR("Cannot Drop Association: " << DimseCondition::dump(temp_str, cond));
+-        }
+-        cond = ASC_destroyAssociation(&assoc);
+-        if (cond.bad())
+-        {
+-            DCMQRDB_ERROR("Cannot Destroy Association: " << DimseCondition::dump(temp_str, cond));
+-        }
++        DCMQRDB_ERROR("Cannot Drop Association: " << DimseCondition::dump(temp_str, cond));
++    }
++    cond = ASC_destroyAssociation(&assoc);
++    if (cond.bad())
++    {
++        DCMQRDB_ERROR("Cannot Destroy Association: " << DimseCondition::dump(temp_str, cond));
+     }
+ 
+     if (oldcond == ASC_SHUTDOWNAPPLICATION) cond = oldcond; /* abort flag is reported to top-level wait loop */
diff --git a/debian/patches/series b/debian/patches/series
index 020d58e2..f058fe85 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -9,3 +9,4 @@
 #ab61e8577ff0974efcfae2907c48baf6023c1160.patch
 #1c8cca4bf6f7c92fc16f9e66faf49409c891a2b0.patch
 f06a867513524664a1b03dfcf812d8b60fdd02cc.patch
+c34f4e46e672ad21accf04da0dc085e43be6f5e1.patch