From 49031bee4dbfbe1f9931254077c2cd772a5042df Mon Sep 17 00:00:00 2001
From: Sandro Mani <manisandro@gmail.com>
Date: Oct 30 2019 09:27:01 +0000
Subject: Add libkml_test_strcmp.patch


---

diff --git a/libkml.spec b/libkml.spec
index 854cf9a..0ba525a 100644
--- a/libkml.spec
+++ b/libkml.spec
@@ -2,7 +2,7 @@
 
 Name:           libkml
 Version:        1.3.0
-Release:        23%{?dist}
+Release:        24%{?dist}
 Summary:        Reference implementation of OGC KML 2.2
 
 License:        BSD
@@ -25,6 +25,8 @@ Patch5:         libkml_dont-bytecompile.patch
 Patch6:         libkml_crypth.patch
 # Use local file for bundled minizip
 Patch7:         libkml-bundle-minizip.patch
+# Fix possible OOB array access in strcmp due to undersized array
+Patch8:         libkml_test_strcmp.patch
 
 BuildRequires:  cmake
 BuildRequires:  curl-devel
@@ -135,6 +137,9 @@ ctest -V
 %{_libdir}/cmake/%{name}/
 
 %changelog
+* Wed Oct 30 2019 Sandro Mani <manisandro@gmail.com> - 1.3.0-24
+- Fix possible OOB array access in strcmp due to undersized array
+
 * Thu Oct 03 2019 Miro Hrončok <mhroncok@redhat.com> - 1.3.0-23
 - Rebuilt for Python 3.8.0rc1 (#1748018)
 
diff --git a/libkml_test_strcmp.patch b/libkml_test_strcmp.patch
new file mode 100644
index 0000000..01a2a5c
--- /dev/null
+++ b/libkml_test_strcmp.patch
@@ -0,0 +1,12 @@
+diff -rupN libkml-1.3.0/tests/kml/base/string_util_test.cc libkml-1.3.0-new/tests/kml/base/string_util_test.cc
+--- libkml-1.3.0/tests/kml/base/string_util_test.cc	2015-12-21 18:23:05.000000000 +0100
++++ libkml-1.3.0-new/tests/kml/base/string_util_test.cc	2019-10-30 09:40:53.040877025 +0100
+@@ -33,7 +33,7 @@ TEST(StringUtilTest, Testb2a_hex) {
+   const uint32_t kff = 0xff;
+ 
+   const char* e = "00";
+-  static char a[2];
++  static char a[3];
+ 
+   b2a_hex(k00, a);
+   ASSERT_EQ(0, strcmp(e, a));