diff options
author | Vijay Anusuri <vanusuri@mvista.com> | 2023-09-25 14:15:46 +0530 |
---|---|---|
committer | Steve Sakoman <steve@sakoman.com> | 2023-09-29 04:29:01 -1000 |
commit | ea9b55c8588ce5d7f9d8a1aa317d3c5b9f966dd8 (patch) | |
tree | 3273bfb80942612ea35d381363f158ddbe8577e1 /meta/recipes-devtools/go/go-1.14/CVE-2022-41725-pre1.patch | |
parent | 0734868d9d9365c63cadf51ff8272fb0662e11a7 (diff) | |
download | poky-ea9b55c8588ce5d7f9d8a1aa317d3c5b9f966dd8.tar.gz |
go: Backport fix for CVE-2022-41725 and CVE-2023-24536
Upstream-commit:
https://github.com/golang/go/commit/874b3132a84cf76da6a48978826c04c380a37a50
&
https://github.com/golang/go/commit/4e5a313524da62600eb59dbf98624cfe946456f8
&
https://github.com/golang/go/commit/5246fa5e75b129a7dbd9722aa4de0cbaf7ceae43
&
https://github.com/golang/go/commit/5c55ac9bf1e5f779220294c843526536605f42ab
&
https://github.com/golang/go/commit/ef41a4e2face45e580c5836eaebd51629fc23f15
&
https://github.com/golang/go/commit/7a359a651c7ebdb29e0a1c03102fce793e9f58f0
&
https://github.com/golang/go/commit/7917b5f31204528ea72e0629f0b7d52b35b27538
(From OE-Core rev: 532eb2c57fb1817999a857fc71db4438717ccadb)
Signed-off-by: Vijay Anusuri <vanusuri@mvista.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Diffstat (limited to 'meta/recipes-devtools/go/go-1.14/CVE-2022-41725-pre1.patch')
-rw-r--r-- | meta/recipes-devtools/go/go-1.14/CVE-2022-41725-pre1.patch | 85 |
1 files changed, 85 insertions, 0 deletions
diff --git a/meta/recipes-devtools/go/go-1.14/CVE-2022-41725-pre1.patch b/meta/recipes-devtools/go/go-1.14/CVE-2022-41725-pre1.patch new file mode 100644 index 0000000000..37ebc41947 --- /dev/null +++ b/meta/recipes-devtools/go/go-1.14/CVE-2022-41725-pre1.patch | |||
@@ -0,0 +1,85 @@ | |||
1 | From 874b3132a84cf76da6a48978826c04c380a37a50 Mon Sep 17 00:00:00 2001 | ||
2 | From: avivklas <avivklas@gmail.com> | ||
3 | Date: Fri, 7 Aug 2020 21:50:12 +0300 | ||
4 | Subject: [PATCH] mime/multipart: return overflow errors in Reader.ReadForm | ||
5 | |||
6 | Updates Reader.ReadForm to check for overflow errors that may | ||
7 | result from a leeway addition of 10MiB to the input argument | ||
8 | maxMemory. | ||
9 | |||
10 | Fixes #40430 | ||
11 | |||
12 | Change-Id: I510b8966c95c51d04695ba9d08fcfe005fd11a5d | ||
13 | Reviewed-on: https://go-review.googlesource.com/c/go/+/247477 | ||
14 | Run-TryBot: Emmanuel Odeke <emm.odeke@gmail.com> | ||
15 | Trust: Cuong Manh Le <cuong.manhle.vn@gmail.com> | ||
16 | Trust: Emmanuel Odeke <emm.odeke@gmail.com> | ||
17 | TryBot-Result: Go Bot <gobot@golang.org> | ||
18 | Reviewed-by: Emmanuel Odeke <emm.odeke@gmail.com> | ||
19 | |||
20 | Upstream-Status: Backport [https://github.com/golang/go/commit/874b3132a84cf76da6a48978826c04c380a37a50] | ||
21 | CVE: CVE-2022-41725 #Dependency Patch1 | ||
22 | Signed-off-by: Vijay Anusuri <vanusuri@mvista.com> | ||
23 | --- | ||
24 | src/mime/multipart/formdata.go | 4 ++++ | ||
25 | src/mime/multipart/formdata_test.go | 18 ++++++++++++++++++ | ||
26 | 2 files changed, 22 insertions(+) | ||
27 | |||
28 | diff --git a/src/mime/multipart/formdata.go b/src/mime/multipart/formdata.go | ||
29 | index 832d0ad693666..4eb31012941ac 100644 | ||
30 | --- a/src/mime/multipart/formdata.go | ||
31 | +++ b/src/mime/multipart/formdata.go | ||
32 | @@ -7,6 +7,7 @@ package multipart | ||
33 | import ( | ||
34 | "bytes" | ||
35 | "errors" | ||
36 | + "fmt" | ||
37 | "io" | ||
38 | "io/ioutil" | ||
39 | "net/textproto" | ||
40 | @@ -41,6 +42,9 @@ func (r *Reader) readForm(maxMemory int64) (_ *Form, err error) { | ||
41 | |||
42 | // Reserve an additional 10 MB for non-file parts. | ||
43 | maxValueBytes := maxMemory + int64(10<<20) | ||
44 | + if maxValueBytes <= 0 { | ||
45 | + return nil, fmt.Errorf("multipart: integer overflow from maxMemory(%d) + 10MiB for non-file parts", maxMemory) | ||
46 | + } | ||
47 | for { | ||
48 | p, err := r.NextPart() | ||
49 | if err == io.EOF { | ||
50 | diff --git a/src/mime/multipart/formdata_test.go b/src/mime/multipart/formdata_test.go | ||
51 | index 7d756c8c244a0..7112e0d3727fe 100644 | ||
52 | --- a/src/mime/multipart/formdata_test.go | ||
53 | +++ b/src/mime/multipart/formdata_test.go | ||
54 | @@ -7,6 +7,7 @@ package multipart | ||
55 | import ( | ||
56 | "bytes" | ||
57 | "io" | ||
58 | + "math" | ||
59 | "os" | ||
60 | "strings" | ||
61 | "testing" | ||
62 | @@ -52,6 +53,23 @@ func TestReadFormWithNamelessFile(t *testing.T) { | ||
63 | } | ||
64 | } | ||
65 | |||
66 | +// Issue 40430: Ensure that we report integer overflows in additions of maxMemory, | ||
67 | +// instead of silently and subtly failing without indication. | ||
68 | +func TestReadFormMaxMemoryOverflow(t *testing.T) { | ||
69 | + b := strings.NewReader(strings.ReplaceAll(messageWithTextContentType, "\n", "\r\n")) | ||
70 | + r := NewReader(b, boundary) | ||
71 | + f, err := r.ReadForm(math.MaxInt64) | ||
72 | + if err == nil { | ||
73 | + t.Fatal("Unexpected a non-nil error") | ||
74 | + } | ||
75 | + if f != nil { | ||
76 | + t.Fatalf("Unexpected returned a non-nil form: %v\n", f) | ||
77 | + } | ||
78 | + if g, w := err.Error(), "integer overflow from maxMemory"; !strings.Contains(g, w) { | ||
79 | + t.Errorf(`Error mismatch\n%q\ndid not contain\n%q`, g, w) | ||
80 | + } | ||
81 | +} | ||
82 | + | ||
83 | func TestReadFormWithTextContentType(t *testing.T) { | ||
84 | // From https://github.com/golang/go/issues/24041 | ||
85 | b := strings.NewReader(strings.ReplaceAll(messageWithTextContentType, "\n", "\r\n")) | ||