1 files changed, 36 insertions, 0 deletions

diff --git a/games-arcade/supertux/files/supertux-0.6.3-squirrel-CVE-2021-41556.patch b/games-arcade/supertux/files/supertux-0.6.3-squirrel-CVE-2021-41556.patch
new file mode 100644
index 000000000000..a63e7a6c4e69
--- /dev/null
+++ b/games-arcade/supertux/files/supertux-0.6.3-squirrel-CVE-2021-41556.patch
@@ -0,0 +1,36 @@
+From 23a0620658714b996d20da3d4dd1a0dcf9b0bd98 Mon Sep 17 00:00:00 2001
+From: albertodemichelis <alberto@qnsoftware.com>
+Date: Thu, 16 Sep 2021 22:36:53 +0800
+Subject: [PATCH] check max member count in class
+
+---
+ squirrel/sqclass.cpp | 3 +++
+ squirrel/sqclass.h   | 1 +
+ 2 files changed, 4 insertions(+)
+
+diff --git a/squirrel/sqclass.cpp b/squirrel/sqclass.cpp
+index fc619616..53a29763 100644
+--- a/external/squirrel/squirrel/sqclass.cpp
++++ b/external/squirrel/squirrel/sqclass.cpp
+@@ -61,6 +61,9 @@ bool SQClass::NewSlot(SQSharedState *ss,const SQObjectPtr &key,const SQObjectPtr
+         _defaultvalues[_member_idx(temp)].val = val;
+         return true;
+     }
++	if (_members->CountUsed() >= MEMBER_MAX_COUNT) {
++		return false;
++	}
+     if(belongs_to_static_table) {
+         SQInteger mmidx;
+         if((sq_type(val) == OT_CLOSURE || sq_type(val) == OT_NATIVECLOSURE) &&
+diff --git a/squirrel/sqclass.h b/squirrel/sqclass.h
+index 7d402172..60d3d21b 100644
+--- a/external/squirrel/squirrel/sqclass.h
++++ b/external/squirrel/squirrel/sqclass.h
+@@ -17,6 +17,7 @@ typedef sqvector<SQClassMember> SQClassMemberVec;
+ 
+ #define MEMBER_TYPE_METHOD 0x01000000
+ #define MEMBER_TYPE_FIELD 0x02000000
++#define MEMBER_MAX_COUNT 0x00FFFFFF
+ 
+ #define _ismethod(o) (_integer(o)&MEMBER_TYPE_METHOD)
+ #define _isfield(o) (_integer(o)&MEMBER_TYPE_FIELD)