packages/golang
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

!93 fix CVE-2021-44717

Browse Source 
From: @hcnbxx 
Reviewed-by: @jing-rui 
Signed-off-by: @jing-rui
This commit is contained in:
openeuler-ci-bot 2022-05-16 07:54:57 +00:00 committed by Gitee
commit d4f214f4dc
No known key found for this signature in database
GPG Key ID: 173E9B9CA92EEF8F
2 changed files with 87 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

82
0063-release-branch.go1.16-syscall-fix-ForkLock-spurious-.patch Normal file
View File

@ -0,0 +1,82 @@
From 98e370069ffceeeeecb94c0b8e6c60c33994071a Mon Sep 17 00:00:00 2001
From: Russ Cox <rsc@golang.org>
Date: Wed, 8 Dec 2021 18:05:11 -0500
Subject: [PATCH] [release-branch.go1.16] syscall: fix ForkLock spurious
close(0) on pipe failure
Pipe (and therefore forkLockPipe) does not make any guarantees
about the state of p after a failed Pipe(p). Avoid that assumption
and the too-clever goto, so that we don't accidentally Close a real fd
if the failed pipe leaves p[0] or p[1] set >= 0.
Updates #50057
Fixes CVE-2021-44717
Change-Id: Iff8e19a6efbba0c73cc8b13ecfae381c87600bb4
Reviewed-on: https://team-review.git.corp.google.com/c/golang/go-private/+/1291270
Reviewed-by: Ian Lance Taylor <iant@google.com>
Reviewed-on: https://go-review.googlesource.com/c/go/+/370514
Trust: Filippo Valsorda <filippo@golang.org>
Run-TryBot: Filippo Valsorda <filippo@golang.org>
TryBot-Result: Gopher Robot <gobot@golang.org>
Reviewed-by: Alex Rakoczy <alex@golang.org>
Conflict: NA
Conference: https://go-review.googlesource.com/c/go/+/370514
---
src/syscall/exec_unix.go | 20 ++++++--------------
1 file changed, 6 insertions(+), 14 deletions(-)
diff --git a/src/syscall/exec_unix.go b/src/syscall/exec_unix.go
index cb08b7084c..3a8ef0925e 100644
--- a/src/syscall/exec_unix.go
+++ b/src/syscall/exec_unix.go
@@ -152,9 +152,6 @@ func forkExec(argv0 string, argv []string, attr *ProcAttr) (pid int, err error)
sys = &zeroSysProcAttr
}
- p[0] = -1
- p[1] = -1
-
// Convert args to C form.
argv0p, err := BytePtrFromString(argv0)
if err != nil {
@@ -204,14 +201,17 @@ func forkExec(argv0 string, argv []string, attr *ProcAttr) (pid int, err error)
// Allocate child status pipe close on exec.
if err = forkExecPipe(p[:]); err != nil {
- goto error
+ ForkLock.Unlock()
+ return 0, err
}
// Kick off child.
pid, err1 = forkAndExecInChild(argv0p, argvp, envvp, chroot, dir, attr, sys, p[1])
if err1 != 0 {
- err = Errno(err1)
- goto error
+ Close(p[0])
+ Close(p[1])
+ ForkLock.Unlock()
+ return 0, Errno(err1)
}
ForkLock.Unlock()
@@ -243,14 +243,6 @@ func forkExec(argv0 string, argv []string, attr *ProcAttr) (pid int, err error)
// Read got EOF, so pipe closed on exec, so exec succeeded.
return pid, nil
-
-error:
- if p[0] >= 0 {
- Close(p[0])
- Close(p[1])
- }
- ForkLock.Unlock()
- return 0, err
}
// Combination of fork and exec, careful to be thread safe.
--
2.30.0

6
golang.spec
View File

@ -62,7 +62,7 @@
Name: golang
Version: 1.15.7
Release: 12
Release: 13
Summary: The Go Programming Language
License: BSD and Public Domain
URL: https://golang.org/
@ -208,6 +208,7 @@ Patch6059: 0059-release-branch.go1.16-regexp-syntax-reject-very-deep.patch
Patch6060: 0060-cmd-go-internal-modfetch-do-not-short-circuit-canoni.patch
Patch6061: 0061-release-branch.go1.17-crypto-elliptic-tolerate-zero-.patch
Patch6062: 0062-release-branch.go1.17-encoding-pem-fix-stack-overflo.patch
Patch6063: 0063-release-branch.go1.16-syscall-fix-ForkLock-spurious-.patch
Patch9001: 0001-drop-hard-code-cert.patch
@ -443,6 +444,9 @@ fi
%files devel -f go-tests.list -f go-misc.list -f go-src.list
%changelog
* Thu May 12 2022 hanchao<hanchao47@huawei.com> - 1.15.7-13
- fix CVE-2021-44717
* Wed May 11 2022 hanchao<hanchao47@huawei.com> - 1.15.7-12
- fix CVE-2022-28327 CVE-2022-24675