upgrade to 1.4.1-1

CVE-2022-33070.patch

@@ -1,73 +0,0 @@
-diff -Naru "protobuf-c-1.4.0 copy/protobuf-c/protobuf-c.c" protobuf-c-1.4.0/protobuf-c/protobuf-c.c
---- "protobuf-c-1.4.0 copy/protobuf-c/protobuf-c.c"	2022-07-04 11:35:58.920205000 +0800
-+++ protobuf-c-1.4.0/protobuf-c/protobuf-c.c	2022-07-04 11:41:59.158278000 +0800
-@@ -316,9 +316,8 @@
- static inline uint32_t
- zigzag32(int32_t v)
- {
--	// Note:  the right-shift must be arithmetic
--	// Note:  left shift must be unsigned because of overflow
--	return ((uint32_t)(v) << 1) ^ (uint32_t)(v >> 31);
-+	// Note:  Using unsigned types prevents undefined behavior
-+	return ((uint32_t)v << 1) ^ -((uint32_t)v >> 31);
- }
- 
- /**
-@@ -380,9 +379,8 @@
- static inline uint64_t
- zigzag64(int64_t v)
- {
--	// Note:  the right-shift must be arithmetic
--	// Note:  left shift must be unsigned because of overflow
--	return ((uint64_t)(v) << 1) ^ (uint64_t)(v >> 63);
-+	// Note:  Using unsigned types prevents undefined behavior
-+	return ((uint64_t)v << 1) ^ -((uint64_t)v >> 63);
- }
- 
- /**
-@@ -802,7 +800,8 @@
- }
- 
- /**
-- * Pack a signed 32-bit integer and return the number of bytes written.
-+ * Pack a signed 32-bit integer and return the number of bytes written,
-+ * passed as unsigned to avoid implementation-specific behavior.
-  * Negative numbers are encoded as two's complement 64-bit integers.
-  *
-  * \param value
-@@ -813,14 +812,14 @@
-  *      Number of bytes written to `out`.
-  */
- static inline size_t
--int32_pack(int32_t value, uint8_t *out)
-+int32_pack(uint32_t value, uint8_t *out)
- {
--	if (value < 0) {
-+	if ((int32_t)value < 0) {
- 		out[0] = value | 0x80;
- 		out[1] = (value >> 7) | 0x80;
- 		out[2] = (value >> 14) | 0x80;
- 		out[3] = (value >> 21) | 0x80;
--		out[4] = (value >> 28) | 0x80;
-+		out[4] = (value >> 28) | 0xf0;
- 		out[5] = out[6] = out[7] = out[8] = 0xff;
- 		out[9] = 0x01;
- 		return 10;
-@@ -2425,7 +2424,7 @@
- unzigzag32(uint32_t v)
- {
- 	// Note:  Using unsigned types prevents undefined behavior
--	return (int32_t)((v >> 1) ^ (~(v & 1) + 1));
-+	return (int32_t)((v >> 1) ^ -(v & 1));
- }
- 
- static inline uint32_t
-@@ -2467,7 +2466,7 @@
- unzigzag64(uint64_t v)
- {
- 	// Note:  Using unsigned types prevents undefined behavior
--	return (int64_t)((v >> 1) ^ (~(v & 1) + 1));
-+	return (int64_t)((v >> 1) ^ -(v & 1));
- }
- 
- static inline uint64_t

backport-0001-Fix-issue-499-unsigned-integer-overflow.patch

@@ -1,35 +0,0 @@
-From 289f5c18b195aa43d46a619d1188709abbfa9c82 Mon Sep 17 00:00:00 2001
-From: 10054172 <hui.zhang@thalesgroup.com>
-Date: Fri, 18 Mar 2022 12:42:57 -0400
-Subject: [PATCH 1/2] Fix issue #499: unsigned integer overflow
-
-Signed-off-by: 10054172 <hui.zhang@thalesgroup.com>
----
- protobuf-c/protobuf-c.c | 11 +++++++----
- 1 file changed, 7 insertions(+), 4 deletions(-)
-
-diff --git a/protobuf-c/protobuf-c.c b/protobuf-c/protobuf-c.c
-index 98052cd..ec2d40a 100644
---- a/protobuf-c/protobuf-c.c
-+++ b/protobuf-c/protobuf-c.c
-@@ -2603,10 +2603,13 @@ parse_required_member(ScannedMember *scanned_member,
- 			return FALSE;
- 
- 		def_mess = scanned_member->field->default_value;
--		subm = protobuf_c_message_unpack(scanned_member->field->descriptor,
--						 allocator,
--						 len - pref_len,
--						 data + pref_len);
-+		if (len > pref_len)
-+			subm = protobuf_c_message_unpack(scanned_member->field->descriptor,
-+							 allocator,
-+							 len - pref_len,
-+							 data + pref_len);
-+		else
-+			subm = NULL;
- 
- 		if (maybe_clear &&
- 		    *pmessage != NULL &&
--- 
-2.37.3.windows.1
-

backport-0002-Fix-regression-with-zero-length-messages-introduced-.patch

@@ -1,28 +0,0 @@
-From 0d1fd124a4e0a07b524989f6e64410ff648fba61 Mon Sep 17 00:00:00 2001
-From: "Todd C. Miller" <Todd.Miller@sudo.ws>
-Date: Thu, 9 Jun 2022 07:34:55 -0600
-Subject: [PATCH 2/2] Fix regression with zero-length messages introduced in
- protobuf-c PR 500.
-
-[edmonds: Import bugfix from
-https://github.com/sudo-project/sudo/commit/b6a6451482a3ff5e30f43ef888159d4b0d39143b.patch.]
----
- protobuf-c/protobuf-c.c | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/protobuf-c/protobuf-c.c b/protobuf-c/protobuf-c.c
-index ec2d40a..448f3e8 100644
---- a/protobuf-c/protobuf-c.c
-+++ b/protobuf-c/protobuf-c.c
-@@ -2603,7 +2603,7 @@ parse_required_member(ScannedMember *scanned_member,
- 			return FALSE;
- 
- 		def_mess = scanned_member->field->default_value;
--		if (len > pref_len)
-+		if (len >= pref_len)
- 			subm = protobuf_c_message_unpack(scanned_member->field->descriptor,
- 							 allocator,
- 							 len - pref_len,
--- 
-2.37.3.windows.1
-

protobuf-c.spec

@@ -1,19 +1,15 @@
 Name:           protobuf-c
-Version:        1.4.0
+Version:        1.4.1
-Release:        4
+Release:        1
 Summary:        This is protobuf-c, a C implementation of the Google Protocol Buffers data serialization format
 License:        BSD-2-Clause
 URL:            https://github.com/protobuf-c/protobuf-c
 Source0:        %{url}/archive/refs/tags/v%{version}.tar.gz
 #https://github.com/protobuf-c/protobuf-c/pull/508/files
-Patch0001:      CVE-2022-33070.patch
 BuildRequires:  autoconf automake libtool gcc-c++ pkgconfig(protobuf)
 Provides:       %{name}-compiler = %{version}-%{release}
 Obsoletes:      %{name}-compiler < %{version}-%{release}
 
-Patch6000:      backport-0001-Fix-issue-499-unsigned-integer-overflow.patch
-Patch6001:      backport-0002-Fix-regression-with-zero-length-messages-introduced-.patch
-
 %description
 This is protobuf-c, a C implementation of the Google Protocol Buffers data serialization format.
 
@@ -53,6 +49,12 @@ make check
 %{_libdir}/{libprotobuf-c.so,pkgconfig/libprotobuf-c.pc}
 
 %changelog
+* Thu Feb 2 2023 zhoujie<zhoujie133@huawei.com> - 1.4.1-1
+- Type:upgrade
+- CVE:NA
+- SUG:NA
+- DESC:upgrade to 1.4.1-1
+
 * Sat Jan 7 2023 mengwenhua<mengwenhua@xfusion.com> - 1.4.0-4
 - Type:bugfix
 - CVE:NA