fix CVE-2021-41089

fix #I5CA8X
2022-06-29 09:54:58 +08:00 · 2022-06-29 09:54:58 +08:00 · 9d4f69f055
commit 9d4f69f055
parent 2b2be77fce
5 changed files with 63 additions and 3 deletions
--- a/2
+++ b/2
@ -1 +1 @@
-18.09.0.303
+18.09.0.304
--- a/docker.spec
+++ b/docker.spec
@ -1,6 +1,6 @@
 Name: docker-engine
 Version: 18.09.0
-Release: 303
+Release: 304
 Summary: The open-source application container engine
 Group: Tools/Docker

@ -212,6 +212,12 @@ fi
 %endif

 %changelog
+* Wed Jun 29 2022 zjw<zhongjiawei1@huawei.com> - 18.09.0-304
+- Type:CVE
+- CVE:CVE-2021-41089
+- SUG:NA
+- DESC:fix CVE-2021-41089
+
 * Wed Jun 29 2022 zjw<zhongjiawei1@huawei.com> - 18.09.0-303
 - Type:bugfix
 - CVE:NA
--- a/2
+++ b/2
@ -1 +1 @@
-7e7815ae0b96872d235f46c6624cc4b695d04dfa
+3dc987a07f741fc5043f8bc5ee3dc326418e9437
--- a/patch/0226-docker-chrootarchive-don-t-create-parent-dirs-outside-of-ch.patch
+++ b/patch/0226-docker-chrootarchive-don-t-create-parent-dirs-outside-of-ch.patch
@ -0,0 +1,53 @@
+From 80f1169eca587305759829e626cebd2a434664f6 Mon Sep 17 00:00:00 2001 
+From: Tonis Tiigi <tonistiigi@gmail.com>
+Date: Wed, 19 May 2021 16:51:35 -0700
+Subject: [PATCH] chrootarchive: don't create parent dirsoutside of chroot
+
+If chroot is used with a special root directory then create
+destination directory within chroot. This works automatically
+already due to extractor creating parent paths and is only
+used currently with cp where parent paths are actually required
+and error will be shown to user before reaching this point.
+
+Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
+(cherry picked from commit 52d285184068998c22632bfb869f6294b5613a58)
+Signed-off-by: Brian Goff <cpuguy83@gmail.com>
+
+Conflict:NA
+Reference:https://github.com/moby/moby/commit/bce32e5c93be4caf1a592582155b9cb837fc129a
+
+---
+ components/engine/pkg/chrootarchive/archive.go | 16 ++++++++++------
+ 1 file changed, 10 insertions(+), 6 deletions(-)
+
+diff --git a/components/engine/pkg/chrootarchive/archive.go b/components/engine/pkg/chrootarchive/archive.go
+index 6ff61e6a7..9926b63b8 100644
+--- a/components/engine/pkg/chrootarchive/archive.go
+++ b/components/engine/pkg/chrootarchive/archive.go
+@@ -65,13 +65,17 @@ func untarHandler(tarArchive io.Reader, dest string, options *archive.TarOptions
+ 		options.ExcludePatterns = []string{}
+ 	}
+ 
+-	idMapping := idtools.NewIDMappingsFromMaps(options.UIDMaps, options.GIDMaps)
+-	rootIDs := idMapping.RootPair()
+	// If dest is inside a root then directory is created within chroot by extractor.
+	// This case is only currently used by cp.
+	if dest == root {
+		idMapping := idtools.NewIDMappingsFromMaps(options.UIDMaps, options.GIDMaps)
+		rootIDs := idMapping.RootPair()
+ 
+-	dest = filepath.Clean(dest)
+-	if _, err := os.Stat(dest); os.IsNotExist(err) {
+-		if err := idtools.MkdirAllAndChownNew(dest, 0755, rootIDs); err != nil {
+-			return err
+		dest = filepath.Clean(dest)
+		if _, err := os.Stat(dest); os.IsNotExist(err) {
+			if err := idtools.MkdirAllAndChownNew(dest, 0755, rootIDs); err != nil {
+				return err
+			}
+ 		}
+ 	}
+ 
+-- 
+2.30.0
+
--- a/series.conf
+++ b/series.conf
@ -223,4 +223,5 @@ patch/0222-docker-Use-original-process-spec-for-execs.patch
 patch/0223-docker-fix-CVE-2022-24769.patch
 patch/0224-fix-rwlayer-umountd-after-container-restart.patch
 patch/0225-docker-close-channel-in-write-side-to-avoid-panic-in.patch
+patch/0226-docker-chrootarchive-don-t-create-parent-dirs-outside-of-ch.patch
 #end