diff options
Diffstat (limited to 'meta/recipes-devtools/ruby/ruby/CVE-2021-32066.patch')
-rw-r--r-- | meta/recipes-devtools/ruby/ruby/CVE-2021-32066.patch | 102 |
1 files changed, 0 insertions, 102 deletions
diff --git a/meta/recipes-devtools/ruby/ruby/CVE-2021-32066.patch b/meta/recipes-devtools/ruby/ruby/CVE-2021-32066.patch deleted file mode 100644 index b78a74a4b5..0000000000 --- a/meta/recipes-devtools/ruby/ruby/CVE-2021-32066.patch +++ /dev/null | |||
@@ -1,102 +0,0 @@ | |||
1 | From e2ac25d0eb66de99f098d6669cf4f06796aa6256 Mon Sep 17 00:00:00 2001 | ||
2 | From: Shugo Maeda <shugo@ruby-lang.org> | ||
3 | Date: Tue, 11 May 2021 10:31:27 +0900 | ||
4 | Subject: [PATCH] Fix StartTLS stripping vulnerability | ||
5 | |||
6 | This fixes CVE-2021-32066. | ||
7 | Reported by Alexandr Savca in <https://hackerone.com/reports/1178562>. | ||
8 | |||
9 | CVE: CVE-2021-32066 | ||
10 | |||
11 | Upstream-Status: Backport | ||
12 | [https://github.com/ruby/ruby/commit/e2ac25d0eb66de99f098d6669cf4f06796aa6256] | ||
13 | |||
14 | Signed-off-by: Yi Zhao <yi.zhao@windriver.com> | ||
15 | --- | ||
16 | lib/net/imap.rb | 8 +++++++- | ||
17 | test/net/imap/test_imap.rb | 31 +++++++++++++++++++++++++++++++ | ||
18 | 2 files changed, 38 insertions(+), 1 deletion(-) | ||
19 | |||
20 | diff --git a/lib/net/imap.rb b/lib/net/imap.rb | ||
21 | index 505b4c8950..d45304f289 100644 | ||
22 | --- a/lib/net/imap.rb | ||
23 | +++ b/lib/net/imap.rb | ||
24 | @@ -1218,12 +1218,14 @@ def get_tagged_response(tag, cmd) | ||
25 | end | ||
26 | resp = @tagged_responses.delete(tag) | ||
27 | case resp.name | ||
28 | + when /\A(?:OK)\z/ni | ||
29 | + return resp | ||
30 | when /\A(?:NO)\z/ni | ||
31 | raise NoResponseError, resp | ||
32 | when /\A(?:BAD)\z/ni | ||
33 | raise BadResponseError, resp | ||
34 | else | ||
35 | - return resp | ||
36 | + raise UnknownResponseError, resp | ||
37 | end | ||
38 | end | ||
39 | |||
40 | @@ -3719,6 +3721,10 @@ class BadResponseError < ResponseError | ||
41 | class ByeResponseError < ResponseError | ||
42 | end | ||
43 | |||
44 | + # Error raised upon an unknown response from the server. | ||
45 | + class UnknownResponseError < ResponseError | ||
46 | + end | ||
47 | + | ||
48 | RESPONSE_ERRORS = Hash.new(ResponseError) | ||
49 | RESPONSE_ERRORS["NO"] = NoResponseError | ||
50 | RESPONSE_ERRORS["BAD"] = BadResponseError | ||
51 | diff --git a/test/net/imap/test_imap.rb b/test/net/imap/test_imap.rb | ||
52 | index 8b924b524e..85fb71d440 100644 | ||
53 | --- a/test/net/imap/test_imap.rb | ||
54 | +++ b/test/net/imap/test_imap.rb | ||
55 | @@ -127,6 +127,16 @@ def test_starttls | ||
56 | imap.disconnect | ||
57 | end | ||
58 | end | ||
59 | + | ||
60 | + def test_starttls_stripping | ||
61 | + starttls_stripping_test do |port| | ||
62 | + imap = Net::IMAP.new("localhost", :port => port) | ||
63 | + assert_raise(Net::IMAP::UnknownResponseError) do | ||
64 | + imap.starttls(:ca_file => CA_FILE) | ||
65 | + end | ||
66 | + imap | ||
67 | + end | ||
68 | + end | ||
69 | end | ||
70 | |||
71 | def start_server | ||
72 | @@ -834,6 +844,27 @@ def starttls_test | ||
73 | end | ||
74 | end | ||
75 | |||
76 | + def starttls_stripping_test | ||
77 | + server = create_tcp_server | ||
78 | + port = server.addr[1] | ||
79 | + start_server do | ||
80 | + sock = server.accept | ||
81 | + begin | ||
82 | + sock.print("* OK test server\r\n") | ||
83 | + sock.gets | ||
84 | + sock.print("RUBY0001 BUG unhandled command\r\n") | ||
85 | + ensure | ||
86 | + sock.close | ||
87 | + server.close | ||
88 | + end | ||
89 | + end | ||
90 | + begin | ||
91 | + imap = yield(port) | ||
92 | + ensure | ||
93 | + imap.disconnect if imap && !imap.disconnected? | ||
94 | + end | ||
95 | + end | ||
96 | + | ||
97 | def create_tcp_server | ||
98 | return TCPServer.new(server_addr, 0) | ||
99 | end | ||
100 | -- | ||
101 | 2.25.1 | ||
102 | |||