protobuf: Fix CVE-2021-22570

Fix CVE-2021-22570. Link: https://koji.fedoraproject.org/koji/buildinfo?buildID=1916865 Link: https://src.fedoraproject.org/rpms/protobuf/blob/394beeacb500861f76473d47e10314e6a3600810/f/CVE-2021-22570.patch Remove first and second hunk because the second argument in InsertIfNotPresent() function is of type const char* const& but the first and second hunk makes the type of second argument as const string which is not compatible with the type of second argument in InsertIfNotPresent(). Signed-off-by: Sana Kazi <Sana.Kazi@kpit.com> Signed-off-by: Sana Kazi <sanakazisk19@gmail.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
author: Sana Kazi <sanakazisk19@gmail.com> 2022-02-23 15:50:16 +0530
committer: Armin Kuster <akuster808@gmail.com> 2022-02-23 15:48:18 -0800
commit: 0722ff6f021df91542b5efa1ff5b5f6269f66add (patch)
tree: 2c04efb482495572dced38fd708497eb3149c92b
parent: a6c1c340311caae188a9f935d993c1f12400332d (diff)
download: meta-openembedded-0722ff6f021df91542b5efa1ff5b5f6269f66add.tar.gz
2 files changed, 65 insertions, 0 deletions
diff --git a/meta-oe/recipes-devtools/protobuf/protobuf/CVE-2021-22570.patch b/meta-oe/recipes-devtools/protobuf/protobuf/CVE-2021-22570.patch
new file mode 100644
index 0000000000..be3180181a
--- /dev/null
+++ b/meta-oe/recipes-devtools/protobuf/protobuf/CVE-2021-22570.patch
@@ -0,0 +1,64 @@
+CVE: CVE-2021-22570
+Upstream-Status: Backport [https://src.fedoraproject.org/rpms/protobuf/blob/394beeacb500861f76473d47e10314e6a3600810/f/CVE-2021-22570.patch]
+Comment: Removed first and second hunk
+Signed-off-by: Sana.Kazi <Sana.Kazi@kpit.com>
+diff --git a/src/google/protobuf/descriptor.cc b/src/google/protobuf/descriptor.cc
+index 7af37c57f3..03c4e2b516 100644
+--- a/src/google/protobuf/descriptor.cc
+++ b/src/google/protobuf/descriptor.cc
+@@ -2626,6 +2626,8 @@ void Descriptor::DebugString(int depth, std::string* contents,
+       const Descriptor::ReservedRange* range = reserved_range(i);
+       if (range->end == range->start + 1) {
+         strings::SubstituteAndAppend(contents, "$0, ", range->start);
+      } else if (range->end > FieldDescriptor::kMaxNumber) {
+        strings::SubstituteAndAppend(contents, "$0 to max, ", range->start);
+       } else {
+         strings::SubstituteAndAppend(contents, "$0 to $1, ", range->start,
+                                   range->end - 1);
+@@ -2829,6 +2831,8 @@ void EnumDescriptor::DebugString(
+       const EnumDescriptor::ReservedRange* range = reserved_range(i);
+       if (range->end == range->start) {
+         strings::SubstituteAndAppend(contents, "$0, ", range->start);
+      } else if (range->end == INT_MAX) {
+        strings::SubstituteAndAppend(contents, "$0 to max, ", range->start);
+       } else {
+         strings::SubstituteAndAppend(contents, "$0 to $1, ", range->start,
+                                   range->end);
+@@ -4019,6 +4023,11 @@ bool DescriptorBuilder::AddSymbol(const std::string& full_name,
+   // Use its file as the parent instead.
+   if (parent == nullptr) parent = file_;
+ 
+  if (full_name.find('\0') != std::string::npos) {
+    AddError(full_name, proto, DescriptorPool::ErrorCollector::NAME,
+             "\"" + full_name + "\" contains null character.");
+    return false;
+  }
+   if (tables_->AddSymbol(full_name, symbol)) {
+     if (!file_tables_->AddAliasUnderParent(parent, name, symbol)) {
+       // This is only possible if there was already an error adding something of
+@@ -4059,6 +4068,11 @@ bool DescriptorBuilder::AddSymbol(const std::string& full_name,
+ void DescriptorBuilder::AddPackage(const std::string& name,
+                                    const Message& proto,
+                                    const FileDescriptor* file) {
+  if (name.find('\0') != std::string::npos) {
+    AddError(name, proto, DescriptorPool::ErrorCollector::NAME,
+             "\"" + name + "\" contains null character.");
+    return;
+  }
+   if (tables_->AddSymbol(name, Symbol(file))) {
+     // Success.  Also add parent package, if any.
+     std::string::size_type dot_pos = name.find_last_of('.');
+@@ -4372,6 +4386,12 @@ FileDescriptor* DescriptorBuilder::BuildFileImpl(
+   }
+   result->pool_ = pool_;
+ 
+  if (result->name().find('\0') != std::string::npos) {
+    AddError(result->name(), proto, DescriptorPool::ErrorCollector::NAME,
+             "\"" + result->name() + "\" contains null character.");
+    return nullptr;
+  }
+
+   // Add to tables.
+   if (!tables_->AddFile(result)) {
+     AddError(proto.name(), proto, DescriptorPool::ErrorCollector::OTHER,
diff --git a/meta-oe/recipes-devtools/protobuf/protobuf_3.11.4.bb b/meta-oe/recipes-devtools/protobuf/protobuf_3.11.4.bb
index d2f22ba6b8..55d56ff08e 100644
--- a/meta-oe/recipes-devtools/protobuf/protobuf_3.11.4.bb
+++ b/meta-oe/recipes-devtools/protobuf/protobuf_3.11.4.bb
@@ -17,6 +17,7 @@ SRC_URI = "git://github.com/google/protobuf.git;branch=3.11.x;protocol=https \
           file://0001-protobuf-fix-configure-error.patch \
           file://0001-Makefile.am-include-descriptor.cc-when-building-libp.patch \
           file://0001-examples-Makefile-respect-CXX-LDFLAGS-variables-fix-.patch \
+           file://CVE-2021-22570.patch \
 "
 S = "${WORKDIR}/git"
author	Sana Kazi <sanakazisk19@gmail.com>	2022-02-23 15:50:16 +0530
committer	Armin Kuster <akuster808@gmail.com>	2022-02-23 15:48:18 -0800
commit	0722ff6f021df91542b5efa1ff5b5f6269f66add (patch)
tree	2c04efb482495572dced38fd708497eb3149c92b
parent	a6c1c340311caae188a9f935d993c1f12400332d (diff)
download	meta-openembedded-0722ff6f021df91542b5efa1ff5b5f6269f66add.tar.gz

diff --git a/meta-oe/recipes-devtools/protobuf/protobuf/CVE-2021-22570.patch b/meta-oe/recipes-devtools/protobuf/protobuf/CVE-2021-22570.patch new file mode 100644 index 0000000000..be3180181a --- /dev/null +++ b/meta-oe/recipes-devtools/protobuf/protobuf/CVE-2021-22570.patch
@@ -0,0 +1,64 @@
		1	CVE: CVE-2021-22570
		2	Upstream-Status: Backport [https://src.fedoraproject.org/rpms/protobuf/blob/394beeacb500861f76473d47e10314e6a3600810/f/CVE-2021-22570.patch]
		3	Comment: Removed first and second hunk
		4	Signed-off-by: Sana.Kazi <Sana.Kazi@kpit.com>
		5
		6	diff --git a/src/google/protobuf/descriptor.cc b/src/google/protobuf/descriptor.cc
		7	index 7af37c57f3..03c4e2b516 100644
		8	--- a/src/google/protobuf/descriptor.cc
		9	+++ b/src/google/protobuf/descriptor.cc
		10	@@ -2626,6 +2626,8 @@ void Descriptor::DebugString(int depth, std::string* contents,
		11	const Descriptor::ReservedRange* range = reserved_range(i);
		12	if (range->end == range->start + 1) {
		13	strings::SubstituteAndAppend(contents, "$0, ", range->start);
		14	+ } else if (range->end > FieldDescriptor::kMaxNumber) {
		15	+ strings::SubstituteAndAppend(contents, "$0 to max, ", range->start);
		16	} else {
		17	strings::SubstituteAndAppend(contents, "$0 to $1, ", range->start,
		18	range->end - 1);
		19	@@ -2829,6 +2831,8 @@ void EnumDescriptor::DebugString(
		20	const EnumDescriptor::ReservedRange* range = reserved_range(i);
		21	if (range->end == range->start) {
		22	strings::SubstituteAndAppend(contents, "$0, ", range->start);
		23	+ } else if (range->end == INT_MAX) {
		24	+ strings::SubstituteAndAppend(contents, "$0 to max, ", range->start);
		25	} else {
		26	strings::SubstituteAndAppend(contents, "$0 to $1, ", range->start,
		27	range->end);
		28	@@ -4019,6 +4023,11 @@ bool DescriptorBuilder::AddSymbol(const std::string& full_name,
		29	// Use its file as the parent instead.
		30	if (parent == nullptr) parent = file_;
		31
		32	+ if (full_name.find('\0') != std::string::npos) {
		33	+ AddError(full_name, proto, DescriptorPool::ErrorCollector::NAME,
		34	+ "\"" + full_name + "\" contains null character.");
		35	+ return false;
		36	+ }
		37	if (tables_->AddSymbol(full_name, symbol)) {
		38	if (!file_tables_->AddAliasUnderParent(parent, name, symbol)) {
		39	// This is only possible if there was already an error adding something of
		40	@@ -4059,6 +4068,11 @@ bool DescriptorBuilder::AddSymbol(const std::string& full_name,
		41	void DescriptorBuilder::AddPackage(const std::string& name,
		42	const Message& proto,
		43	const FileDescriptor* file) {
		44	+ if (name.find('\0') != std::string::npos) {
		45	+ AddError(name, proto, DescriptorPool::ErrorCollector::NAME,
		46	+ "\"" + name + "\" contains null character.");
		47	+ return;
		48	+ }
		49	if (tables_->AddSymbol(name, Symbol(file))) {
		50	// Success. Also add parent package, if any.
		51	std::string::size_type dot_pos = name.find_last_of('.');
		52	@@ -4372,6 +4386,12 @@ FileDescriptor* DescriptorBuilder::BuildFileImpl(
		53	}
		54	result->pool_ = pool_;
		55
		56	+ if (result->name().find('\0') != std::string::npos) {
		57	+ AddError(result->name(), proto, DescriptorPool::ErrorCollector::NAME,
		58	+ "\"" + result->name() + "\" contains null character.");
		59	+ return nullptr;
		60	+ }
		61	+
		62	// Add to tables.
		63	if (!tables_->AddFile(result)) {
		64	AddError(proto.name(), proto, DescriptorPool::ErrorCollector::OTHER,


diff --git a/meta-oe/recipes-devtools/protobuf/protobuf_3.11.4.bb b/meta-oe/recipes-devtools/protobuf/protobuf_3.11.4.bb index d2f22ba6b8..55d56ff08e 100644 --- a/meta-oe/recipes-devtools/protobuf/protobuf_3.11.4.bb +++ b/meta-oe/recipes-devtools/protobuf/protobuf_3.11.4.bb
@@ -17,6 +17,7 @@ SRC_URI = "git://github.com/google/protobuf.git;branch=3.11.x;protocol=https \
17	file://0001-protobuf-fix-configure-error.patch \	17	file://0001-protobuf-fix-configure-error.patch \
18	file://0001-Makefile.am-include-descriptor.cc-when-building-libp.patch \	18	file://0001-Makefile.am-include-descriptor.cc-when-building-libp.patch \
19	file://0001-examples-Makefile-respect-CXX-LDFLAGS-variables-fix-.patch \	19	file://0001-examples-Makefile-respect-CXX-LDFLAGS-variables-fix-.patch \
		20	file://CVE-2021-22570.patch \
20	"	21	"
21	S = "${WORKDIR}/git"	22	S = "${WORKDIR}/git"
22		23