Overview

File libsoup-CVE-2025-12105.patch of Package libsoup

From 9ba1243a24e442fa5ec44684617a4480027da960 Mon Sep 17 00:00:00 2001
From: Eugene Mutavchi <Ievgen_Mutavchi@comcast.com>
Date: Fri, 10 Oct 2025 16:24:27 +0000
Subject: [PATCH] fix 'heap-use-after-free' caused by 'finishing' queue item
 twice

---
 libsoup/soup-session.c | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff -urp libsoup-3.0.4.orig/libsoup/soup-session.c libsoup-3.0.4/libsoup/soup-session.c
--- libsoup-3.0.4.orig/libsoup/soup-session.c	2025-11-18 16:13:13.880803036 -0600
+++ libsoup-3.0.4/libsoup/soup-session.c	2025-11-18 16:14:41.079811992 -0600
@@ -3103,8 +3103,10 @@ run_until_read_done (SoupMessage
 		if (soup_message_io_in_progress (msg))
 			soup_message_io_finished (msg);
 		item->paused = FALSE;
-		item->state = SOUP_MESSAGE_FINISHING;
-		soup_session_process_queue_item (item->session, item, NULL, FALSE);
+		if (item->state != SOUP_MESSAGE_FINISHED) {
+			item->state = SOUP_MESSAGE_FINISHING;
+			soup_session_process_queue_item (item->session, item, NULL, FALSE);
+		}
 	}
 	async_send_request_return_result (item, NULL, error);
 }
openSUSE Build Service is sponsored by
Places