packages/thrift
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

!5 fix CVE-2019-0215 CVE-2019-0210

Browse Source 
From: @wangxiao65
Reviewed-by: @zhanghua1831,@miao_kaibo
Signed-off-by: @miao_kaibo
This commit is contained in:
openeuler-ci-bot 2021-01-12 17:25:08 +08:00 committed by Gitee
commit 55954b59d8
3 changed files with 108 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

23
CVE-2019-0205.patch Normal file
View File

@ -0,0 +1,23 @@
From 2b70c1df2bb2c1667f30dff6d4b263459fabe91a Mon Sep 17 00:00:00 2001
From: Jens Geyer <jensg@apache.org>
Date: Sat, 9 Feb 2019 11:50:03 +0100
Subject: [PATCH] THRIFT-4784 Thrift should throw when skipping over unexpected
data Client: as3 Patch: Jens Geyer
---
lib/as3/src/org/apache/thrift/protocol/TProtocolUtil.as | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/lib/as3/src/org/apache/thrift/protocol/TProtocolUtil.as b/lib/as3/src/org/apache/thrift/protocol/TProtocolUtil.as
index 513df954be..22877b75b2 100644
--- a/lib/as3/src/org/apache/thrift/protocol/TProtocolUtil.as
+++ b/lib/as3/src/org/apache/thrift/protocol/TProtocolUtil.as
@@ -141,7 +141,7 @@ package org.apache.thrift.protocol {
break;
}
default:
- break;
+ throw new TProtocolError(TProtocolError.INVALID_DATA, "invalid data");
}
}
}

79
CVE-2019-0210.patch Normal file
View File

@ -0,0 +1,79 @@
From 264a3f318ed3e9e51573f67f963c8509786bcec2 Mon Sep 17 00:00:00 2001
From: Jens Geyer <jensg@apache.org>
Date: Sat, 23 Feb 2019 13:11:40 +0100
Subject: [PATCH] additional test for TSimpleJSONProtocol
---
lib/go/thrift/json_protocol.go | 5 +----
lib/go/thrift/simple_json_protocol.go | 4 ++--
lib/go/thrift/simple_json_protocol_test.go | 22 ++++++++++++++++++++++
3 files changed, 25 insertions(+), 6 deletions(-)
diff --git a/lib/go/thrift/json_protocol.go b/lib/go/thrift/json_protocol.go
index 7be685d43f..800ac22c7b 100644
--- a/lib/go/thrift/json_protocol.go
+++ b/lib/go/thrift/json_protocol.go
@@ -31,10 +31,7 @@ const (
// for references to _ParseContext see tsimplejson_protocol.go
// JSON protocol implementation for thrift.
-//
-// This protocol produces/consumes a simple output format
-// suitable for parsing by scripting languages. It should not be
-// confused with the full-featured TJSONProtocol.
+// Utilizes Simple JSON protocol
//
type TJSONProtocol struct {
*TSimpleJSONProtocol
diff --git a/lib/go/thrift/simple_json_protocol.go b/lib/go/thrift/simple_json_protocol.go
index 2e8a71112a..f5e0c05d18 100644
--- a/lib/go/thrift/simple_json_protocol.go
+++ b/lib/go/thrift/simple_json_protocol.go
@@ -59,7 +59,7 @@ func (p _ParseContext) String() string {
return "UNKNOWN-PARSE-CONTEXT"
}
-// JSON protocol implementation for thrift.
+// Simple JSON protocol implementation for thrift.
//
// This protocol produces/consumes a simple output format
// suitable for parsing by scripting languages. It should not be
@@ -1316,7 +1316,7 @@ func (p *TSimpleJSONProtocol) readNumeric() (Numeric, error) {
func (p *TSimpleJSONProtocol) safePeekContains(b []byte) bool {
for i := 0; i < len(b); i++ {
a, _ := p.reader.Peek(i + 1)
- if len(a) == 0 || a[i] != b[i] {
+ if len(a) < (i+1) || a[i] != b[i] {
return false
}
}
diff --git a/lib/go/thrift/simple_json_protocol_test.go b/lib/go/thrift/simple_json_protocol_test.go
index 7b98082a4e..0126da0a8e 100644
--- a/lib/go/thrift/simple_json_protocol_test.go
+++ b/lib/go/thrift/simple_json_protocol_test.go
@@ -713,3 +713,25 @@ func TestWriteSimpleJSONProtocolMap(t *testing.T) {
}
trans.Close()
}
+
+func TestWriteSimpleJSONProtocolSafePeek(t *testing.T) {
+ trans := NewTMemoryBuffer()
+ p := NewTSimpleJSONProtocol(trans)
+ trans.Write([]byte{'a', 'b'})
+ trans.Flush(context.Background())
+
+ test1 := p.safePeekContains([]byte{'a', 'b'})
+ if !test1 {
+ t.Fatalf("Should match at test 1")
+ }
+
+ test2 := p.safePeekContains([]byte{'a', 'b', 'c', 'd'})
+ if test2 {
+ t.Fatalf("Should not match at test 2")
+ }
+
+ test3 := p.safePeekContains([]byte{'x', 'y'})
+ if test3 {
+ t.Fatalf("Should not match at test 3")
+ }
+}

7
thrift.spec
View File

@ -30,7 +30,7 @@
%global golang_configure --without-go %global golang_configure --without-go
Name: thrift Name: thrift
Version: 0.10.0 Version: 0.10.0
Release: 2 Release: 3
Summary: Software framework for cross-language services development Summary: Software framework for cross-language services development
License: ASL 2.0 and BSD and zlib License: ASL 2.0 and BSD and zlib
URL: https://thrift.apache.org/ URL: https://thrift.apache.org/
@ -46,6 +46,8 @@ Patch4: THRIFT-4177.patch
Patch5: python3.patch Patch5: python3.patch
Patch6: CVE-2018-11798.patch Patch6: CVE-2018-11798.patch
Patch7: CVE-2018-1320.patch Patch7: CVE-2018-1320.patch
Patch8: CVE-2019-0205.patch
Patch9: CVE-2019-0210.patch
BuildRequires: ant >= 1.7 autoconf automake bison boost-devel flex flex-devel gcc-c++ BuildRequires: ant >= 1.7 autoconf automake bison boost-devel flex flex-devel gcc-c++
BuildRequires: glib2-devel libevent-devel libstdc++-devel libtool openssl-devel qt-devel BuildRequires: glib2-devel libevent-devel libstdc++-devel libtool openssl-devel qt-devel
@ -364,6 +366,9 @@ find %{buildroot} -name \*.py -exec grep -q /usr/bin/env {} \; -print | xargs -r
%doc LICENSE NOTICE %doc LICENSE NOTICE
%changelog %changelog
* Tue Nov 12 2020 wangxiao <wangxiao65@huawei.com> - 0.10.0-3
- Fix CVE-2019-0205 and CVE-2019-0210
* Thu Nov 05 2020 wangyue <wangyue92@huawei.com> - 0.10.0-2 * Thu Nov 05 2020 wangyue <wangyue92@huawei.com> - 0.10.0-2
- Fix CVE-2018-11798 and CVE-2018-1320. - Fix CVE-2018-11798 and CVE-2018-1320.