From 0a38a8b1688a85374ae850f8171743946fcee804 Mon Sep 17 00:00:00 2001 From: mgb01105731 Date: Mon, 4 Mar 2024 17:31:33 +0800 Subject: [PATCH] fix CVE-2022-48340 --- 0001-Fix-CVE-2022-48340.patch | 68 +++++++++++++++++++++++++++++++++++ glusterfs.spec | 7 +++- 2 files changed, 74 insertions(+), 1 deletion(-) create mode 100644 0001-Fix-CVE-2022-48340.patch diff --git a/0001-Fix-CVE-2022-48340.patch b/0001-Fix-CVE-2022-48340.patch new file mode 100644 index 0000000..d58b95d --- /dev/null +++ b/0001-Fix-CVE-2022-48340.patch @@ -0,0 +1,68 @@ +From b59b3815956cf7dfb1228d70c31262db2643ce14 Mon Sep 17 00:00:00 2001 +From: Chunmei Xu +Date: Mon, 4 Mar 2024 17:24:24 +0800 +Subject: [PATCH 1/1] Fix CVE-2022-48340 + +--- + xlators/cluster/dht/src/dht-common.c | 45 ++++++++++++++-------------- + 1 file changed, 23 insertions(+), 22 deletions(-) + +diff --git a/xlators/cluster/dht/src/dht-common.c b/xlators/cluster/dht/src/dht-common.c +index 50458c1..59715eb 100644 +--- a/xlators/cluster/dht/src/dht-common.c ++++ b/xlators/cluster/dht/src/dht-common.c +@@ -3963,28 +3963,29 @@ dht_setxattr_mds_cbk(call_frame_t *frame, void *cookie, xlator_t *this, + for (i = 0; i < conf->subvolume_cnt; i++) { + if (mds_subvol && (mds_subvol == conf->subvolumes[i])) + continue; +- if (local->fop == GF_FOP_SETXATTR) { +- STACK_WIND(frame, dht_setxattr_non_mds_cbk, conf->subvolumes[i], +- conf->subvolumes[i]->fops->setxattr, &local->loc, +- local->xattr, local->flags, local->xattr_req); +- } +- +- if (local->fop == GF_FOP_FSETXATTR) { +- STACK_WIND(frame, dht_setxattr_non_mds_cbk, conf->subvolumes[i], +- conf->subvolumes[i]->fops->fsetxattr, local->fd, +- local->xattr, local->flags, local->xattr_req); +- } +- +- if (local->fop == GF_FOP_REMOVEXATTR) { +- STACK_WIND(frame, dht_setxattr_non_mds_cbk, conf->subvolumes[i], +- conf->subvolumes[i]->fops->removexattr, &local->loc, +- local->key, local->xattr_req); +- } +- +- if (local->fop == GF_FOP_FREMOVEXATTR) { +- STACK_WIND(frame, dht_setxattr_non_mds_cbk, conf->subvolumes[i], +- conf->subvolumes[i]->fops->fremovexattr, local->fd, +- local->key, local->xattr_req); ++ switch (local->fop) { ++ case GF_FOP_SETXATTR: ++ STACK_WIND(frame, dht_setxattr_non_mds_cbk, conf->subvolumes[i], ++ conf->subvolumes[i]->fops->setxattr, &local->loc, ++ local->xattr, local->flags, local->xattr_req); ++ break; ++ case GF_FOP_FSETXATTR: ++ STACK_WIND(frame, dht_setxattr_non_mds_cbk, conf->subvolumes[i], ++ conf->subvolumes[i]->fops->fsetxattr, local->fd, ++ local->xattr, local->flags, local->xattr_req); ++ break; ++ case GF_FOP_REMOVEXATTR: ++ STACK_WIND(frame, dht_setxattr_non_mds_cbk, conf->subvolumes[i], ++ conf->subvolumes[i]->fops->removexattr, &local->loc, ++ local->key, local->xattr_req); ++ break; ++ case GF_FOP_FREMOVEXATTR: ++ STACK_WIND(frame, dht_setxattr_non_mds_cbk, conf->subvolumes[i], ++ conf->subvolumes[i]->fops->fremovexattr, local->fd, ++ local->key, local->xattr_req); ++ break; ++ default: ++ break; + } + } + +-- +2.41.0 + diff --git a/glusterfs.spec b/glusterfs.spec index 28c4f5d..5b4c6d2 100644 --- a/glusterfs.spec +++ b/glusterfs.spec @@ -1,4 +1,4 @@ -%define anolis_release 1 +%define anolis_release 2 %global _hardened_build 1 @@ -69,6 +69,8 @@ Source1: glusterd.sysconfig Source2: glusterfsd.sysconfig Source3: glusterfsd.service +Patch0: 0001-Fix-CVE-2022-48340.patch + Requires(pre): shadow-utils BuildRequires: systemd @@ -1262,5 +1264,8 @@ exit 0 %doc ChangeLog INSTALL README.md THANKS COMMITMENT %changelog +* Mon Mar 04 2024 mgb01105731 - 11.0-2 +- fix CVE-2022-48340 + * Thu Mar 16 2023 Chunmei Xu - 11.0-1 - init from upstream -- Gitee