!171 [sync] PR-168: golang: fix CVE-2022-41717
From: @openeuler-sync-bot Reviewed-by: @jing-rui Signed-off-by: @jing-rui
This commit is contained in:
openeuler-ci-bot
Gitee
commit
46ff905a5c
@ -0,0 +1,75 @@
|
||||
From 8d2cac9ac54ae7278bc5979a824f1278e124fc70 Mon Sep 17 00:00:00 2001
|
||||
From: Damien Neil <dneil@google.com>
|
||||
Date: Wed, 30 Nov 2022 16:37:07 -0500
|
||||
Subject: [PATCH] [release-branch.go1.18] net/http: update bundled
|
||||
golang.org/x/net/http2
|
||||
|
||||
Disable cmd/internal/moddeps test, since this update includes PRIVATE
|
||||
track fixes.
|
||||
|
||||
For #56350
|
||||
For #57008
|
||||
Fixes CVE-2022-41717
|
||||
|
||||
Change-Id: I31ebd2b9ae190ef6f7646187103ea1c8a713ff2e
|
||||
Reviewed-on: https://team-review.git.corp.google.com/c/golang/go-private/+/1663833
|
||||
Reviewed-by: Tatiana Bradley <tatianabradley@google.com>
|
||||
Reviewed-by: Julie Qiu <julieqiu@google.com>
|
||||
Reviewed-on: https://go-review.googlesource.com/c/go/+/455361
|
||||
Run-TryBot: Jenny Rakoczy <jenny@golang.org>
|
||||
Reviewed-by: Michael Pratt <mpratt@google.com>
|
||||
TryBot-Result: Gopher Robot <gobot@golang.org>
|
||||
|
||||
Conflict:NA
|
||||
Reference:https://go-review.googlesource.com/c/go/+/455361
|
||||
---
|
||||
src/net/http/h2_bundle.go | 18 +++++++++++-------
|
||||
1 file changed, 11 insertions(+), 7 deletions(-)
|
||||
|
||||
diff --git a/src/net/http/h2_bundle.go b/src/net/http/h2_bundle.go
|
||||
index dc30e077ae..d951d4f38c 100644
|
||||
--- a/src/net/http/h2_bundle.go
|
||||
+++ b/src/net/http/h2_bundle.go
|
||||
@@ -4096,6 +4096,7 @@ type http2serverConn struct {
|
||||
headerTableSize uint32
|
||||
peerMaxHeaderListSize uint32 // zero means unknown (default)
|
||||
canonHeader map[string]string // http2-lower-case -> Go-Canonical-Case
|
||||
+ canonHeaderKeysSize int // canonHeader keys size in bytes
|
||||
writingFrame bool // started writing a frame (on serve goroutine or separate)
|
||||
writingFrameAsync bool // started a frame on its own goroutine but haven't heard back on wroteFrameCh
|
||||
needsFrameFlush bool // last frame write wasn't a flush
|
||||
@@ -4275,6 +4276,13 @@ func (sc *http2serverConn) condlogf(err error, format string, args ...interface{
|
||||
}
|
||||
}
|
||||
|
||||
+// maxCachedCanonicalHeadersKeysSize is an arbitrarily-chosen limit on the size
|
||||
+// of the entries in the canonHeader cache.
|
||||
+// This should be larger than the size of unique, uncommon header keys likely to
|
||||
+// be sent by the peer, while not so high as to permit unreasonable memory usage
|
||||
+// if the peer sends an unbounded number of unique header keys.
|
||||
+const http2maxCachedCanonicalHeadersKeysSize = 2048
|
||||
+
|
||||
func (sc *http2serverConn) canonicalHeader(v string) string {
|
||||
sc.serveG.check()
|
||||
http2buildCommonHeaderMapsOnce()
|
||||
@@ -4290,14 +4298,10 @@ func (sc *http2serverConn) canonicalHeader(v string) string {
|
||||
sc.canonHeader = make(map[string]string)
|
||||
}
|
||||
cv = CanonicalHeaderKey(v)
|
||||
- // maxCachedCanonicalHeaders is an arbitrarily-chosen limit on the number of
|
||||
- // entries in the canonHeader cache. This should be larger than the number
|
||||
- // of unique, uncommon header keys likely to be sent by the peer, while not
|
||||
- // so high as to permit unreaasonable memory usage if the peer sends an unbounded
|
||||
- // number of unique header keys.
|
||||
- const maxCachedCanonicalHeaders = 32
|
||||
- if len(sc.canonHeader) < maxCachedCanonicalHeaders {
|
||||
+ size := 100 + len(v)*2 // 100 bytes of map overhead + key + value
|
||||
+ if sc.canonHeaderKeysSize+size <= http2maxCachedCanonicalHeadersKeysSize {
|
||||
sc.canonHeader[v] = cv
|
||||
+ sc.canonHeaderKeysSize += size
|
||||
}
|
||||
return cv
|
||||
}
|
||||
--
|
||||
2.33.0
|
||||
|
||||
@ -58,7 +58,7 @@
|
||||
|
||||
Name: golang
|
||||
Version: 1.15.7
|
||||
Release: 22
|
||||
Release: 23
|
||||
Summary: The Go Programming Language
|
||||
License: BSD and Public Domain
|
||||
URL: https://golang.org/
|
||||
@ -225,6 +225,7 @@ Patch6080: 0080-release-branch.go1.18-net-http-httputil-avoid-query-.patch
|
||||
Patch6081: 0081-release-branch.go1.18-archive-tar-limit-size-of-head.patch
|
||||
Patch6082: 0082-net-url-reject-query-values-with-semicolons.patch
|
||||
Patch6083: 0083-syscall-os-exec-reject-environment-variables-contain.patch
|
||||
Patch6084: 0084-release-branch.go1.18-net-http-update-bundled-golang.patch
|
||||
|
||||
Patch9001: 0001-drop-hard-code-cert.patch
|
||||
Patch9002: 0002-fix-patch-cmd-go-internal-modfetch-do-not-sho.patch
|
||||
@ -464,6 +465,12 @@ fi
|
||||
%files devel -f go-tests.list -f go-misc.list -f go-src.list
|
||||
|
||||
%changelog
|
||||
* Fri Jan 20 2023 hanchao <hanchao47@huawei.com> - 1.15.7-23
|
||||
- Type:CVE
|
||||
- CVE:CVE-2022-41717
|
||||
- SUG:NA
|
||||
- DESC:fix CVE-2022-41717
|
||||
|
||||
* Thu Nov 17 2022 hanchao<hanchao47@huawei.com> - 1.15.7-22
|
||||
- Type:CVE
|
||||
- CVE:CVE-2022-41716
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user