Patch doxygen for CVE-2025-6140 [Medium] (microsoft#14073)

suneelyadava · suneelyadava1 · Kanishk-Bansal · web-flow · commit 6b0ad68b52b3 · 2025-07-23T14:26:48.000+05:30
Co-authored-by: Suneel Yadava &lt;suneelyadava@microsoft.com&gt;
Co-authored-by: Kanishk Bansal &lt;103916909+Kanishk-Bansal@users.noreply.github.com&gt;
diff --git a/SPECS/doxygen/CVE-2025-6140.patch b/SPECS/doxygen/CVE-2025-6140.patch
@@ -0,0 +1,37 @@
+From 4bc70904d4e31b768f38c2b321c29a370c614497 Mon Sep 17 00:00:00 2001
+From: Suneel Yadava <suneelyadava@microsoft.com>
+Date: Mon, 23 Jun 2025 10:51:55 +0000
+Subject: [PATCH] Fix for CVE-2025-6140
+Upstream Patch Reference:
+https://github.com/gabime/spdlog/commit/10320184df1eb4638e253a34b1eb44ce78954094
+
+---
+ deps/spdlog/include/spdlog/pattern_formatter-inl.h | 5 ++++-
+ 1 file changed, 4 insertions(+), 1 deletion(-)
+
+diff --git a/deps/spdlog/include/spdlog/pattern_formatter-inl.h b/deps/spdlog/include/spdlog/pattern_formatter-inl.h
+index 01afbe6..ee01489 100644
+--- a/deps/spdlog/include/spdlog/pattern_formatter-inl.h
++++ b/deps/spdlog/include/spdlog/pattern_formatter-inl.h
+@@ -76,6 +76,9 @@ public:
+         else if (padinfo_.truncate_)
+         {
+             long new_size = static_cast<long>(dest_.size()) + remaining_pad_;
++            if (new_size < 0) {
++                new_size = 0;
++            }
+             dest_.resize(static_cast<size_t>(new_size));
+         }
+     }
+@@ -303,7 +306,7 @@ public:
+ 
+     void format(const details::log_msg &, const std::tm &tm_time, memory_buf_t &dest) override
+     {
+-        const size_t field_size = 10;
++        const size_t field_size = 8;
+         ScopedPadder p(field_size, padinfo_, dest);
+ 
+         fmt_helper::pad2(tm_time.tm_mon + 1, dest);
+-- 
+2.45.3
+
diff --git a/SPECS/doxygen/doxygen.spec b/SPECS/doxygen/doxygen.spec
@@ -1,13 +1,14 @@
 Name:           doxygen
 Version:        1.9.8
-Release:        1%{?dist}
+Release:        2%{?dist}
 Summary:        Automated C, C++, and Java Documentation Generator
 License:        GPLv2
 Group:          Development/Tools/Doc Generators
 Url:            https://www.doxygen.nl
 Vendor:         Microsoft Corporation
 Distribution:   Azure Linux
 Source0:        https://doxygen.nl/files/%{name}-%{version}.src.tar.gz
+Patch0:         CVE-2025-6140.patch
 
 %global debug_package %{nil}
 
@@ -29,7 +30,7 @@ developed on a Linux platform, but it runs on most other UNIX flavors
 as well.
 
 %prep
-%setup -q
+%autosetup -p1
 
 %build
 cmake -G "Unix Makefiles"     \
@@ -38,7 +39,6 @@ cmake -G "Unix Makefiles"     \
     -Wno-dev .
 make %{?_smp_mflags}
 
-
 %install
 make install DESTDIR=%{buildroot}
 mkdir -p %{buildroot}%{_mandir}/man1/
@@ -51,6 +51,9 @@ install -vm 644 doc/doxygen.1 %{buildroot}%{_mandir}/man1/
 %license LICENSE
 
 %changelog
+* Mon Jun 23 2025 Suneel Yadava <suneelyadava@microsoft.com> - 1.9.8-2
+- Patch for CVE-2025-6140
+
 * Fri Oct 27 2023 CBL-Mariner Servicing Account <cblmargh@microsoft.com> - 1.9.8-1
 - Auto-upgrade to 1.9.8 - Azure Linux 3.0 - package upgrades
 
