From 4a14cb9b4e215d2af052b5a81ef76b08c7afb69c Mon Sep 17 00:00:00 2001 From: tomcruiseqi <10762123+tomcruiseqi@user.noreply.gitee.com> Date: Tue, 22 Apr 2025 20:38:31 +0800 Subject: [PATCH] [CVE] FIX multiple CVEs to #20281 add patch to fix CVE-2024-21134 CVE-2024-21130 CVE-2024-21179 CVE-2024-21177 CVE-2024-21173 CVE-2024-21171 CVE-2024-21165 CVE-2024-21163 CVE-2024-21162 CVE-2024-21142 CVE-2024-21125 CVE-2024-21129 CVE-2024-21127 CVE-2024-20996 CVE-2025-24375 CVE-2024-21198 CVE-2024-21203 Project: TC2024080204 Signed-off-by: tomcruiseqi <10762123+tomcruiseqi@user.noreply.gitee.com> --- add-loongarch64-support-for-mysql.patch | 2 +- download | 2 +- mysql-mtr.patch | 4 +- mysql.spec | 21 +- revert-be8348a7.patch | 417 ------------------------ 5 files changed, 17 insertions(+), 429 deletions(-) delete mode 100644 revert-be8348a7.patch diff --git a/add-loongarch64-support-for-mysql.patch b/add-loongarch64-support-for-mysql.patch index 15c0258..9c7315a 100644 --- a/add-loongarch64-support-for-mysql.patch +++ b/add-loongarch64-support-for-mysql.patch @@ -16,7 +16,7 @@ index d8ec63ff..040db730 100644 defined(__MIPSEL) || \ defined(__MIPSEL__) || \ defined(__riscv) || \ -+ defined(__loongarch__) || \ ++ defined(__loongarch__) || \ defined(__e2k__) # undef BOOST_ENDIAN_LITTLE_BYTE # define BOOST_ENDIAN_LITTLE_BYTE BOOST_VERSION_NUMBER_AVAILABLE diff --git a/download b/download index 7cb5494..7683452 100644 --- a/download +++ b/download @@ -1 +1 @@ -e0cb61cbf6e1144c452368c4535ae931 mysql-boost-8.0.37.tar.gz +0f9afecb6fcfc6bdbb31e192e9b9e598 mysql-boost-8.0.42.tar.gz diff --git a/mysql-mtr.patch b/mysql-mtr.patch index 1e56b93..4d7bb8d 100644 --- a/mysql-mtr.patch +++ b/mysql-mtr.patch @@ -96,7 +96,7 @@ diff --git a/mysql-test/mysql-test-run.pl b/mysql-test/mysql-test-run.pl index f50573a9..82488df1 100755 --- a/mysql-test/mysql-test-run.pl +++ b/mysql-test/mysql-test-run.pl -@@ -3551,17 +3551,6 @@ sub setup_vardir() { +@@ -3560,17 +3560,6 @@ sub setup_vardir() { mkpath("$opt_vardir/tmp"); mkpath($opt_tmpdir) if ($opt_tmpdir ne "$opt_vardir/tmp"); @@ -104,7 +104,7 @@ index f50573a9..82488df1 100755 - # UNIX domain socket's path far below PATH_MAX. Don't allow that - # to happen. - my $res = -- check_socket_path_length("$opt_tmpdir/mysqld.NN.sock", $opt_parallel); +- check_socket_path_length("$opt_tmpdir/mysqld.NN.sock", $opt_parallel, $tmpdir_path_updated); - if ($res) { - mtr_error("Socket path '$opt_tmpdir' too long, it would be ", - "truncated and thus not possible to use for connection to ", diff --git a/mysql.spec b/mysql.spec index dfb82d2..bf6952a 100644 --- a/mysql.spec +++ b/mysql.spec @@ -14,7 +14,7 @@ # The last version on which the full testsuite has been run # In case of further rebuilds of that version, don't require full testsuite to be run # run only "main" suite -%global last_tested_version 8.0.33 +%global last_tested_version 8.0.37 # Set to 1 to force run the testsuite even if it was already tested in current version %global force_run_testsuite 0 # Aditional SELinux rules @@ -75,7 +75,7 @@ %global sameevr %{?epoch:%{epoch}:}%{version}-%{release} Name: mysql -Version: 8.0.37 +Version: 8.0.42 Release: %{anolis_release}%{?dist} Summary: MySQL client programs and shared libraries URL: http://www.mysql.com @@ -116,8 +116,9 @@ Patch53: %{pkgnamepatch}-mtr.patch # Patches taken from boost 1.59 Patch111: boost-1.57.0-mpl-print.patch Patch112: boost-1.58.0-pool.patch -Patch113: revert-be8348a7.patch -Patch114: add-loongarch64-support-for-mysql.patch + +# Add support for loongarch64 +Patch113: add-loongarch64-support-for-mysql.patch BuildRequires: cmake BuildRequires: gcc-c++ @@ -141,7 +142,9 @@ BuildRequires: perl-generators BuildRequires: rpcgen BuildRequires: libtirpc-devel BuildRequires: protobuf-lite-devel +%ifnarch loongarch64 BuildRequires: rapidjson-devel +%endif BuildRequires: zlib BuildRequires: zlib-devel # Tests requires time and ps and some perl modules @@ -373,11 +376,10 @@ the MySQL sources. # Patch Boost pushd boost/boost_$(echo %{boost_bundled_version}| tr . _) -%patch111 -p1 -%patch112 -p1 +%patch -P111 -p1 +%patch -P112 -p1 popd -%patch113 -p1 -#%patch114 -p1 +%patch -P113 -p1 # generate a list of tests that fail, but are not disabled by upstream cat %{SOURCE50} | tee -a mysql-test/%{skiplist} @@ -931,6 +933,9 @@ fi %endif %changelog +* Tue Apr 22 2025 tomcruiseqi <10762123+tomcruiseqi@user.noreply.gitee.com> - 8.0.42-1 +- Update to 8.0.42 to fix CVE-2024-21134 CVE-2024-21130 CVE-2024-21179 CVE-2024-21177 CVE-2024-21173 CVE-2024-21171 CVE-2024-21165 CVE-2024-21163 CVE-2024-21162 CVE-2024-21142 CVE-2024-21125 CVE-2024-21129 CVE-2024-21127 CVE-2024-20996 CVE-2025-24375 CVE-2024-21198 CVE-2024-21203 + * Fri May 31 2024 Kaiqiang Wang - 8.0.37-1 - update to 8.0.37 - fix CVE-2024-21096 diff --git a/revert-be8348a7.patch b/revert-be8348a7.patch deleted file mode 100644 index 3077f68..0000000 --- a/revert-be8348a7.patch +++ /dev/null @@ -1,417 +0,0 @@ -From 5796a0b335912734094c70e0903a9570b37142ab Mon Sep 17 00:00:00 2001 -From: wangkaiqiang -Date: Fri, 31 May 2024 10:05:30 +0800 -Subject: [PATCH] This patch reverts the following commit: - -From be8348a7c3e8510b998a063065b626a459631b32 Mon Sep 17 00:00:00 2001 -From: Slawomir Maludzinski -Date: Mon, 12 Dec 2022 15:37:29 +0100 -Subject: [PATCH] BUG#34849343 Aligned_atomic not working as intended - - aligned_alloc - -Problem -------- -The Aligned_atomic class in sql/memory/aligned_atomic.h was created with the -intention to align and pad a std::atomic object so that it starts at the -beginning of a cache line and is padded so that it fills the entire cache -line. The intended use case was to ensure that an array of Aligned_atomic -objects keeps the elements in contiguous memory but different cache lines, -eliminating false sharing. - -Aligned_atomic is implemented by constructing a new char* buffer the size of -a cache line, and then in-place-construct a std::atomic at the beginning -of the buffer. It keeps a std::atomic* as a member; this member is aligned -to the cache line size. - -This only has performance impact, no functional defect. - -Analysis / Root-cause analysis ------------------------------- -This implementation does not seem meet the intentions, AFAIU: -- There is a call to `new` for each Aligned_atomic object. So the elements -are not contiguous. -- The pointer to the buffer is aligned, but not the buffer itself. So it is -possible that the buffer begins in the middle of a cache line and extends -into the next cache line. In fact, if the alignment is smaller than the size -of the atomic type, an std::atomic may intersect with two cache lines, and if -two such objects end up adjacent to each other, there can be false sharing. -More likely, there can be false sharing between the Aligned_atomic and some -object of another type. - -The major drawback is probably that the construction of an array of -Aligned_atomic will allocate many small objects instead of one big, which -uses more memory and CPU than necessary. ---- - include/my_aligned_malloc.h | 56 ---------------- - mysys/CMakeLists.txt | 1 - - mysys/my_aligned_malloc.cc | 80 ----------------------- - sql/memory/aligned_atomic.h | 71 +++++--------------- - unittest/gunit/memory/aligned_atomic-t.cc | 34 ---------- - 5 files changed, 18 insertions(+), 224 deletions(-) - delete mode 100644 include/my_aligned_malloc.h - delete mode 100644 mysys/my_aligned_malloc.cc - -diff --git a/include/my_aligned_malloc.h b/include/my_aligned_malloc.h -deleted file mode 100644 -index 5ede856f..00000000 ---- a/include/my_aligned_malloc.h -+++ /dev/null -@@ -1,56 +0,0 @@ --/* Copyright (c) 2022, 2024, Oracle and/or its affiliates. -- -- This program is free software; you can redistribute it and/or modify -- it under the terms of the GNU General Public License, version 2.0, -- as published by the Free Software Foundation. -- -- This program is designed to work with certain software (including -- but not limited to OpenSSL) that is licensed under separate terms, -- as designated in a particular file or component or in included license -- documentation. The authors of MySQL hereby grant you an additional -- permission to link the program and your derivative works with the -- separately licensed software that they have either included with -- the program or referenced in the documentation. -- -- This program is distributed in the hope that it will be useful, -- but WITHOUT ANY WARRANTY; without even the implied warranty of -- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -- GNU General Public License, version 2.0, for more details. -- -- You should have received a copy of the GNU General Public License -- along with this program; if not, write to the Free Software -- Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA */ -- --#ifndef __MY_ALIGNED_MALLOC_H__ --#define __MY_ALIGNED_MALLOC_H__ -- --#include -- --/** -- Function allocates size bytes and returns a pointer to the allocated memory. -- Size and alignment parameters depend on platform on which the function is -- executed. Please check posix_memalign, memalign and _aligned_malloc functions -- for details. To conform with all platforms size should be multiple of aligment -- and aligment should be power of two. -- -- We can use C++17 aligned new/aligned delete on non-windows platforms once the -- minimum supported version of tcmalloc becomes >= 2.6.2. Right now TC malloc -- crashes. -- -- @param[in] size Multiple of alignment. -- @param[in] alignment Memory aligment, which must be power of two. -- -- @return Pointer to allocated memory. -- -- @see my_aligned_free --*/ --void *my_aligned_malloc(size_t size, size_t alignment); -- --/** -- Free allocated memory using my_aligned_malloc function. -- -- @param[in] ptr Pointer to allocated memory using my_aligned_malloc function. --*/ --void my_aligned_free(void *ptr); -- --#endif /* __MY_ALIGNED_MALLOC_H__ */ -diff --git a/mysys/CMakeLists.txt b/mysys/CMakeLists.txt -index bd8fc3a6..55ad8adb 100644 ---- a/mysys/CMakeLists.txt -+++ b/mysys/CMakeLists.txt -@@ -56,7 +56,6 @@ SET(MYSYS_SOURCES - mf_wcomp.cc - mulalloc.cc - my_access.cc -- my_aligned_malloc.cc - my_alloc.cc - my_bit.cc - my_bitmap.cc -diff --git a/mysys/my_aligned_malloc.cc b/mysys/my_aligned_malloc.cc -deleted file mode 100644 -index c0799fe5..00000000 ---- a/mysys/my_aligned_malloc.cc -+++ /dev/null -@@ -1,80 +0,0 @@ --/* Copyright (c) 2022, 2024, Oracle and/or its affiliates. -- -- This program is free software; you can redistribute it and/or modify -- it under the terms of the GNU General Public License, version 2.0, -- as published by the Free Software Foundation. -- -- This program is designed to work with certain software (including -- but not limited to OpenSSL) that is licensed under separate terms, -- as designated in a particular file or component or in included license -- documentation. The authors of MySQL hereby grant you an additional -- permission to link the program and your derivative works with the -- separately licensed software that they have either included with -- the program or referenced in the documentation. -- -- This program is distributed in the hope that it will be useful, -- but WITHOUT ANY WARRANTY; without even the implied warranty of -- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -- GNU General Public License, version 2.0, for more details. -- -- You should have received a copy of the GNU General Public License -- along with this program; if not, write to the Free Software -- Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA */ --#include "my_aligned_malloc.h" -- --#include "config.h" -- --#if defined(HAVE_POSIX_MEMALIGN) --#include --#elif defined(HAVE_MEMALIGN) --#include --#elif defined(HAVE_ALIGNED_MALLOC) --#include --#include --#else --#error "Missing implementation for posix_memalign, memalign or _aligned_malloc" --#endif -- --void *my_aligned_malloc(size_t size, size_t alignment) { -- void *ptr = nullptr; --#if defined(HAVE_POSIX_MEMALIGN) -- /* Linux */ -- if (posix_memalign(&ptr, alignment, size)) { -- return nullptr; -- } --#elif defined(HAVE_MEMALIGN) -- /* Solaris */ -- ptr = memalign(alignment, size); -- if (ptr == NULL) { -- return NULL; -- } --#elif defined(HAVE_ALIGNED_MALLOC) -- /* Windows */ -- ptr = _aligned_malloc(size, alignment); -- if (ptr == NULL) { -- return NULL; -- } --#else --#error "Missing implementation for posix_memalign, memalign or _aligned_malloc" --#endif -- return ptr; --} -- --void my_aligned_free(void *ptr) { -- if (ptr == nullptr) { -- return; -- } --#if defined(HAVE_POSIX_MEMALIGN) -- /* Allocated with posix_memalign() */ -- free(ptr); --#elif defined(HAVE_MEMALIGN) -- /* Allocated with memalign() */ -- free(ptr); --#elif defined(HAVE_ALIGNED_MALLOC) -- /* Allocated with _aligned_malloc() */ -- _aligned_free(ptr); --#else -- /* Allocated with malloc() */ -- free(ptr); --#endif --} -diff --git a/sql/memory/aligned_atomic.h b/sql/memory/aligned_atomic.h -index 3eaa398b..4f01a1e8 100644 ---- a/sql/memory/aligned_atomic.h -+++ b/sql/memory/aligned_atomic.h -@@ -39,9 +39,8 @@ - #include - #endif - --#include "my_aligned_malloc.h" -- - namespace memory { -+ - /** - Calculates and returns the size of the CPU cache line. - -@@ -261,28 +260,14 @@ class Aligned_atomic { - - @return The pointer to the underlying `std::atomic` object. - */ -- std::atomic *operator->(); -- /* -- Pointer operator that allows the access to the underlying `std::atomic` -- object. -- -- @return The const pointer to the underlying `std::atomic` object. -- */ -- const std::atomic *operator->() const; -+ std::atomic *operator->() const; - /* - Dereference operator that allows the access to the underlying - `std::atomic` object. - - @return The reference to the underlying `std::atomic` object. - */ -- std::atomic &operator*(); -- /* -- Dereference operator that allows the access to the underlying -- `std::atomic` object. -- -- @return The const reference to the underlying `std::atomic` object. -- */ -- const std::atomic &operator*() const; -+ std::atomic &operator*() const; - /* - The size of `std::atomic`, as returned by `sizeof std::atomic`. - -@@ -300,7 +285,7 @@ class Aligned_atomic { - /** The size of the byte buffer. */ - size_t m_storage_size{0}; - /** The byte buffer to use as underlying storage. */ -- void *m_storage{nullptr}; -+ alignas(std::max_align_t) unsigned char *m_storage{nullptr}; - /** The pointer to the underlying `std::atomic` object. */ - std::atomic *m_underlying{nullptr}; - }; -@@ -308,10 +293,9 @@ class Aligned_atomic { - - template - memory::Aligned_atomic::Aligned_atomic() -- : m_storage_size{memory::minimum_cacheline_for>()} { -- m_storage = my_aligned_malloc(m_storage_size, cache_line_size()); -- m_underlying = new (this->m_storage) std::atomic(); --} -+ : m_storage_size{memory::minimum_cacheline_for>()}, -+ m_storage{new unsigned char[m_storage_size]}, -+ m_underlying{new (this->m_storage) std::atomic()} {} - - template - memory::Aligned_atomic::Aligned_atomic(T value) -@@ -320,16 +304,12 @@ memory::Aligned_atomic::Aligned_atomic(T value) - } - - template --memory::Aligned_atomic::Aligned_atomic(Aligned_atomic &&rhs) { -- if (this->m_underlying != nullptr) { -- this->m_underlying->~atomic(); -- } -- my_aligned_free(this->m_storage); -+memory::Aligned_atomic::Aligned_atomic(Aligned_atomic &&rhs) -+ : m_storage_size{rhs.m_storage_size}, m_underlying{rhs.m_underlying} { -+ delete[] this->m_storage; - this->m_storage = rhs.m_storage; -- this->m_storage_size = rhs.m_storage_size; -- this->m_underlying = rhs.m_underlying; -- rhs.m_storage = nullptr; - rhs.m_storage_size = 0; -+ rhs.m_storage = nullptr; - rhs.m_underlying = nullptr; - } - -@@ -337,25 +317,22 @@ template - memory::Aligned_atomic::~Aligned_atomic() { - if (this->m_underlying != nullptr) { - this->m_underlying->~atomic(); -+ this->m_underlying = nullptr; - } -- my_aligned_free(this->m_storage); -+ delete[] this->m_storage; - this->m_storage = nullptr; - this->m_storage_size = 0; -- this->m_underlying = nullptr; - } - - template - memory::Aligned_atomic &memory::Aligned_atomic::operator=( - Aligned_atomic &&rhs) { -- if (this->m_underlying != nullptr) { -- this->m_underlying->~atomic(); -- } -- my_aligned_free(this->m_storage); -- this->m_storage = rhs.m_storage; -+ delete[] this->m_storage; - this->m_storage_size = rhs.m_storage_size; -+ this->m_storage = rhs.m_storage; - this->m_underlying = rhs.m_underlying; -- rhs.m_storage = nullptr; - rhs.m_storage_size = 0; -+ rhs.m_storage = nullptr; - rhs.m_underlying = nullptr; - return (*this); - } -@@ -395,25 +372,13 @@ bool memory::Aligned_atomic::operator!=(T rhs) const { - } - - template --std::atomic *memory::Aligned_atomic::operator->() { -- assert(this->m_underlying != nullptr); -- return this->m_underlying; --} -- --template --const std::atomic *memory::Aligned_atomic::operator->() const { -+std::atomic *memory::Aligned_atomic::operator->() const { - assert(this->m_underlying != nullptr); - return this->m_underlying; - } - - template --std::atomic &memory::Aligned_atomic::operator*() { -- assert(this->m_underlying != nullptr); -- return *this->m_underlying; --} -- --template --const std::atomic &memory::Aligned_atomic::operator*() const { -+std::atomic &memory::Aligned_atomic::operator*() const { - assert(this->m_underlying != nullptr); - return *this->m_underlying; - } -diff --git a/unittest/gunit/memory/aligned_atomic-t.cc b/unittest/gunit/memory/aligned_atomic-t.cc -index 71a67498..7f6c710c 100644 ---- a/unittest/gunit/memory/aligned_atomic-t.cc -+++ b/unittest/gunit/memory/aligned_atomic-t.cc -@@ -26,9 +26,7 @@ - #include - #include - --#define private public - #include "sql/memory/aligned_atomic.h" --#undef private - - #include - #include -@@ -60,37 +58,5 @@ TEST_F(Aligned_atomic_test, Class_template_test) { - EXPECT_EQ(atm3->load(), 2); - } - --TEST_F(Aligned_atomic_test, minimum_cacheline_for) { -- EXPECT_EQ(memory::minimum_cacheline_for(), memory::cache_line_size()); -- EXPECT_EQ(memory::minimum_cacheline_for(), memory::cache_line_size()); -- EXPECT_EQ(memory::minimum_cacheline_for>(), -- memory::cache_line_size()); -- EXPECT_EQ(memory::minimum_cacheline_for>(), -- memory::cache_line_size()); --} -- --TEST_F(Aligned_atomic_test, aligned_allocation) { -- memory::Aligned_atomic atm1{1}; -- EXPECT_EQ((unsigned long long)atm1.m_underlying % memory::cache_line_size(), -- 0); -- -- memory::Aligned_atomic atm2{true}; -- EXPECT_EQ((unsigned long long)atm2.m_underlying % memory::cache_line_size(), -- 0); -- -- memory::Aligned_atomic atm3{0}; -- EXPECT_EQ((unsigned long long)atm3.m_underlying % memory::cache_line_size(), -- 0); --} -- --TEST_F(Aligned_atomic_test, aligned_allocation_array) { -- static const int array_size = 10; -- memory::Aligned_atomic atm[array_size]; -- -- for (int i = 0; i < array_size; i++) -- EXPECT_EQ( -- (unsigned long long)atm[i].m_underlying % memory::cache_line_size(), 0); --} -- - } // namespace unittests - } // namespace memory --- -2.31.1 - -- Gitee