tensorflow/CVE-2021-29549.patch

From 744009c9e5cc5d0447f0dc39d055f917e1fd9e16 Mon Sep 17 00:00:00 2001
From: Mihai Maruseac <mihaimaruseac@google.com>
Date: Fri, 23 Apr 2021 12:00:12 -0700
Subject: [PATCH] Validate work in `QuantizedAdd`, ensure at least one element.

PiperOrigin-RevId: 370127996
Change-Id: I57c6f3e01afdeada84737820a131590137463855
---
 tensorflow/core/kernels/quantized_add_op.cc | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/tensorflow/core/kernels/quantized_add_op.cc b/tensorflow/core/kernels/quantized_add_op.cc
index 55c69de7d3ea6..b186f00f15c06 100644
--- a/tensorflow/core/kernels/quantized_add_op.cc
+++ b/tensorflow/core/kernels/quantized_add_op.cc
@@ -538,6 +538,8 @@ class QuantizedAddOp : public OpKernel {
         tensor_min = min_x;
         tensor_max = max_x;
       }
+      OP_REQUIRES(context, vector_num_elements > 0,
+                  errors::InvalidArgument("Must have some elements to add"));
       VectorTensorAddition<T, Toutput>(
           vector_data, vector_min, vector_max, vector_num_elements, tensor_data,
           tensor_min, tensor_max, tensor_num_elements, min_z_value, max_z_value,
fix CVE-2021-29512 CVE-2021-29514 CVE-2021-29519 CVE-2021-29520 CVE-2021-29522 CVE-2021-29524 CVE-2021-29527-to-CVE-2021-29530 CVE-2021-29532 CVE-2021-29536 CVE-2021-29539 CVE-2021-29541-to-CVE-2021-29543 CVE-2021-29545-to-CVE-2021-29547 CVE-2021-29549 CVE-2021-29550 CVE-2021-29552-to-CVE-2021-29559 CVE-2021-29561-to-CVE-2021-29564 CVE-2021-29567-to-CVE-2021-29570 CVE-2021-29572-to-CVE-2021-29582 CVE-2021-29585-to-CVE-2021-29588 CVE-2021-29590-to-CVE-2021-29593 CVE-2021-29596-to-CVE-2021-29601 CVE-2021-29603 CVE-2021-29605-to-CVE-2021-29609 CVE-2021-29613 CVE-2021-29615-to-CVE-2021-29617 CVE-2021-29619 CVE-2021-37637-to-CVE-2021-37639 CVE-2021-37641 CVE-2021-37644 CVE-2021-37646-to-CVE-2021-37649 CVE-2021-37652 CVE-2021-37656 CVE-2021-37659 CVE-2021-37660 CVE-2021-37663 CVE-2021-37667 CVE-2021-37670-to-CVE-2021-37673 CVE-2021-37676 CVE-2021-37677 CVE-2021-37680 CVE-2021-37682 CVE-2021-37685 CVE-2021-37687-to-CVE-2021-37689 2021-08-26 16:45:57 +08:00			`From 744009c9e5cc5d0447f0dc39d055f917e1fd9e16 Mon Sep 17 00:00:00 2001`
			`From: Mihai Maruseac <mihaimaruseac@google.com>`
			`Date: Fri, 23 Apr 2021 12:00:12 -0700`
			Subject: [PATCH] Validate work in `QuantizedAdd`, ensure at least one element.

			`PiperOrigin-RevId: 370127996`
			`Change-Id: I57c6f3e01afdeada84737820a131590137463855`
			`---`
			`tensorflow/core/kernels/quantized_add_op.cc \| 2 ++`
			`1 file changed, 2 insertions(+)`

			`diff --git a/tensorflow/core/kernels/quantized_add_op.cc b/tensorflow/core/kernels/quantized_add_op.cc`
			`index 55c69de7d3ea6..b186f00f15c06 100644`
			`--- a/tensorflow/core/kernels/quantized_add_op.cc`
			`+++ b/tensorflow/core/kernels/quantized_add_op.cc`
			`@@ -538,6 +538,8 @@ class QuantizedAddOp : public OpKernel {`
			`tensor_min = min_x;`
			`tensor_max = max_x;`
			`}`
			`+ OP_REQUIRES(context, vector_num_elements > 0,`
			`+ errors::InvalidArgument("Must have some elements to add"));`
			`VectorTensorAddition<T, Toutput>(`
			`vector_data, vector_min, vector_max, vector_num_elements, tensor_data,`
			`tensor_min, tensor_max, tensor_num_elements, min_z_value, max_z_value,`