diff options
Diffstat (limited to 'meta/recipes-devtools/go/go-1.14/CVE-2021-44717.patch')
-rw-r--r-- | meta/recipes-devtools/go/go-1.14/CVE-2021-44717.patch | 83 |
1 files changed, 83 insertions, 0 deletions
diff --git a/meta/recipes-devtools/go/go-1.14/CVE-2021-44717.patch b/meta/recipes-devtools/go/go-1.14/CVE-2021-44717.patch new file mode 100644 index 0000000000..17cac7a5ba --- /dev/null +++ b/meta/recipes-devtools/go/go-1.14/CVE-2021-44717.patch | |||
@@ -0,0 +1,83 @@ | |||
1 | From 9171c664e7af479aa26bc72f2e7cf4e69d8e0a6f Mon Sep 17 00:00:00 2001 | ||
2 | From: Hitendra Prajapati <hprajapati@mvista.com> | ||
3 | Date: Fri, 17 Jun 2022 10:22:47 +0530 | ||
4 | Subject: [PATCH] CVE-2021-44717 | ||
5 | |||
6 | Upstream-Status: Backport [https://github.com/golang/go/commit/44a3fb49] | ||
7 | CVE: CVE-2021-44717 | ||
8 | Signed-off-by: Hitendra Prajapati <hprajapati@mvista.com> | ||
9 | |||
10 | syscall: fix ForkLock spurious close(0) on pipe failure | ||
11 | Pipe (and therefore forkLockPipe) does not make any guarantees | ||
12 | about the state of p after a failed Pipe(p). Avoid that assumption | ||
13 | and the too-clever goto, so that we don't accidentally Close a real fd | ||
14 | if the failed pipe leaves p[0] or p[1] set >= 0. | ||
15 | |||
16 | Updates #50057 | ||
17 | Fixes CVE-2021-44717 | ||
18 | |||
19 | Change-Id: Iff8e19a6efbba0c73cc8b13ecfae381c87600bb4 | ||
20 | Reviewed-on: https://team-review.git.corp.google.com/c/golang/go-private/+/1291270 | ||
21 | Reviewed-by: Ian Lance Taylor <iant@google.com> | ||
22 | Reviewed-on: https://go-review.googlesource.com/c/go/+/370514 | ||
23 | Trust: Filippo Valsorda <filippo@golang.org> | ||
24 | Run-TryBot: Filippo Valsorda <filippo@golang.org> | ||
25 | TryBot-Result: Gopher Robot <gobot@golang.org> | ||
26 | Reviewed-by: Alex Rakoczy <alex@golang.org> | ||
27 | --- | ||
28 | src/syscall/exec_unix.go | 20 ++++++-------------- | ||
29 | 1 file changed, 6 insertions(+), 14 deletions(-) | ||
30 | |||
31 | diff --git a/src/syscall/exec_unix.go b/src/syscall/exec_unix.go | ||
32 | index b3798b6..b73782c 100644 | ||
33 | --- a/src/syscall/exec_unix.go | ||
34 | +++ b/src/syscall/exec_unix.go | ||
35 | @@ -151,9 +151,6 @@ func forkExec(argv0 string, argv []string, attr *ProcAttr) (pid int, err error) | ||
36 | sys = &zeroSysProcAttr | ||
37 | } | ||
38 | |||
39 | - p[0] = -1 | ||
40 | - p[1] = -1 | ||
41 | - | ||
42 | // Convert args to C form. | ||
43 | argv0p, err := BytePtrFromString(argv0) | ||
44 | if err != nil { | ||
45 | @@ -194,14 +191,17 @@ func forkExec(argv0 string, argv []string, attr *ProcAttr) (pid int, err error) | ||
46 | |||
47 | // Allocate child status pipe close on exec. | ||
48 | if err = forkExecPipe(p[:]); err != nil { | ||
49 | - goto error | ||
50 | + ForkLock.Unlock() | ||
51 | + return 0, err | ||
52 | } | ||
53 | |||
54 | // Kick off child. | ||
55 | pid, err1 = forkAndExecInChild(argv0p, argvp, envvp, chroot, dir, attr, sys, p[1]) | ||
56 | if err1 != 0 { | ||
57 | - err = Errno(err1) | ||
58 | - goto error | ||
59 | + Close(p[0]) | ||
60 | + Close(p[1]) | ||
61 | + ForkLock.Unlock() | ||
62 | + return 0, Errno(err1) | ||
63 | } | ||
64 | ForkLock.Unlock() | ||
65 | |||
66 | @@ -228,14 +228,6 @@ func forkExec(argv0 string, argv []string, attr *ProcAttr) (pid int, err error) | ||
67 | |||
68 | // Read got EOF, so pipe closed on exec, so exec succeeded. | ||
69 | return pid, nil | ||
70 | - | ||
71 | -error: | ||
72 | - if p[0] >= 0 { | ||
73 | - Close(p[0]) | ||
74 | - Close(p[1]) | ||
75 | - } | ||
76 | - ForkLock.Unlock() | ||
77 | - return 0, err | ||
78 | } | ||
79 | |||
80 | // Combination of fork and exec, careful to be thread safe. | ||
81 | -- | ||
82 | 2.25.1 | ||
83 | |||