diff --git a/bugfix-for-cve-2024-7254.patch b/bugfix-for-cve-2024-7254.patch new file mode 100644 index 0000000000000000000000000000000000000000..8eb15784bb604ecf66f079e2db468950b624808f --- /dev/null +++ b/bugfix-for-cve-2024-7254.patch @@ -0,0 +1,141 @@ +From cc8b3483a5584b3301e3d43d17eb59704857ffaa Mon Sep 17 00:00:00 2001 +From: Protobuf Team Bot +Date: Thu, 18 Jul 2024 07:41:01 -0700 +Subject: [PATCH] Internal change + +PiperOrigin-RevId: 653615736 +--- + .../core/src/main/java/com/google/protobuf/ArrayDecoders.java | 1 + + .../com/google/protobuf/InvalidProtocolBufferException.java | 2 +- + .../core/src/main/java/com/google/protobuf/MessageSchema.java | 3 +++ + .../src/main/java/com/google/protobuf/MessageSetSchema.java | 1 + + .../src/main/java/com/google/protobuf/UnknownFieldSchema.java | 3 +-- + java/lite/src/test/java/com/google/protobuf/LiteTest.java | 3 +++ + src/google/protobuf/unittest_lite.proto | 4 ++++ + 7 files changed, 13 insertions(+), 3 deletions(-) + +diff --git a/java/core/src/main/java/com/google/protobuf/ArrayDecoders.java b/java/core/src/main/java/com/google/protobuf/ArrayDecoders.java +index f3241de5095c0..9bf14396263a3 100644 +--- a/java/core/src/main/java/com/google/protobuf/ArrayDecoders.java ++++ b/java/core/src/main/java/com/google/protobuf/ArrayDecoders.java +@@ -44,6 +44,7 @@ + * crossing protobuf public API boundaries. + */ + final class ArrayDecoders { ++ private ArrayDecoders() {} + /** + * A helper used to return multiple values in a Java function. Java doesn't natively support + * returning multiple values in a function. Creating a new Object to hold the return values will +diff --git a/java/core/src/main/java/com/google/protobuf/InvalidProtocolBufferException.java b/java/core/src/main/java/com/google/protobuf/InvalidProtocolBufferException.java +index 5d10e48884c1a..dbcb9e899dbee 100644 +--- a/java/core/src/main/java/com/google/protobuf/InvalidProtocolBufferException.java ++++ b/java/core/src/main/java/com/google/protobuf/InvalidProtocolBufferException.java +@@ -132,7 +132,7 @@ public InvalidWireTypeException(String description) { + static InvalidProtocolBufferException recursionLimitExceeded() { + return new InvalidProtocolBufferException( + "Protocol message had too many levels of nesting. May be malicious. " +- + "Use CodedInputStream.setRecursionLimit() to increase the depth limit."); ++ + "Use setRecursionLimit() to increase the recursion depth limit."); + } + + static InvalidProtocolBufferException sizeLimitExceeded() { +diff --git a/java/core/src/main/java/com/google/protobuf/MessageSchema.java b/java/core/src/main/java/com/google/protobuf/MessageSchema.java +index de3890f7023aa..f8f79fcdf8b4c 100644 +--- a/java/core/src/main/java/com/google/protobuf/MessageSchema.java ++++ b/java/core/src/main/java/com/google/protobuf/MessageSchema.java +@@ -3006,6 +3006,7 @@ private > void mergeFromHelper( + unknownFields = unknownFieldSchema.getBuilderFromMessage(message); + } + // Unknown field. ++ + if (unknownFieldSchema.mergeOneFieldFrom(unknownFields, reader)) { + continue; + } +@@ -3381,6 +3382,7 @@ private > void mergeFromHelper( + if (unknownFields == null) { + unknownFields = unknownFieldSchema.getBuilderFromMessage(message); + } ++ + if (!unknownFieldSchema.mergeOneFieldFrom(unknownFields, reader)) { + return; + } +@@ -3397,6 +3399,7 @@ private > void mergeFromHelper( + if (unknownFields == null) { + unknownFields = unknownFieldSchema.getBuilderFromMessage(message); + } ++ + if (!unknownFieldSchema.mergeOneFieldFrom(unknownFields, reader)) { + return; + } +diff --git a/java/core/src/main/java/com/google/protobuf/MessageSetSchema.java b/java/core/src/main/java/com/google/protobuf/MessageSetSchema.java +index eec3acd35ca79..a17037e8efd4e 100644 +--- a/java/core/src/main/java/com/google/protobuf/MessageSetSchema.java ++++ b/java/core/src/main/java/com/google/protobuf/MessageSetSchema.java +@@ -278,6 +278,7 @@ boolean parseMessageSetItemOrUnknownField( + reader, extension, extensionRegistry, extensions); + return true; + } else { ++ + return unknownFieldSchema.mergeOneFieldFrom(unknownFields, reader); + } + } else { +diff --git a/java/core/src/main/java/com/google/protobuf/UnknownFieldSchema.java b/java/core/src/main/java/com/google/protobuf/UnknownFieldSchema.java +index c4ec645bf7fc8..a43bc2a9472d3 100644 +--- a/java/core/src/main/java/com/google/protobuf/UnknownFieldSchema.java ++++ b/java/core/src/main/java/com/google/protobuf/UnknownFieldSchema.java +@@ -55,7 +55,6 @@ abstract class UnknownFieldSchema { + /** Marks unknown fields as immutable. */ + abstract void makeImmutable(Object message); + +- /** Merges one field into the unknown fields. */ + final boolean mergeOneFieldFrom(B unknownFields, Reader reader) throws IOException { + int tag = reader.getTag(); + int fieldNumber = WireFormat.getTagFieldNumber(tag); +@@ -88,7 +87,7 @@ final boolean mergeOneFieldFrom(B unknownFields, Reader reader) throws IOExcepti + } + } + +- final void mergeFrom(B unknownFields, Reader reader) throws IOException { ++ private final void mergeFrom(B unknownFields, Reader reader) throws IOException { + while (true) { + if (reader.getFieldNumber() == Reader.READ_DONE + || !mergeOneFieldFrom(unknownFields, reader)) { +diff --git a/java/lite/src/test/java/com/google/protobuf/LiteTest.java b/java/lite/src/test/java/com/google/protobuf/LiteTest.java +index 0c7b8b535b18d..411bc63f087fd 100644 +--- a/java/lite/src/test/java/com/google/protobuf/LiteTest.java ++++ b/java/lite/src/test/java/com/google/protobuf/LiteTest.java +@@ -10,12 +10,14 @@ + import static com.google.common.truth.Truth.assertThat; + import static com.google.common.truth.Truth.assertWithMessage; + import static java.util.Collections.singletonList; ++import static org.junit.Assert.assertThrows; + + import com.google.protobuf.FieldPresenceTestProto.TestAllTypes; + import com.google.protobuf.UnittestImportLite.ImportEnumLite; + import com.google.protobuf.UnittestImportPublicLite.PublicImportMessageLite; + import com.google.protobuf.UnittestLite.ForeignEnumLite; + import com.google.protobuf.UnittestLite.ForeignMessageLite; ++import com.google.protobuf.UnittestLite.RecursiveGroup; + import com.google.protobuf.UnittestLite.RecursiveMessage; + import com.google.protobuf.UnittestLite.TestAllExtensionsLite; + import com.google.protobuf.UnittestLite.TestAllTypesLite; +@@ -50,6 +52,7 @@ + import java.util.Arrays; + import java.util.Iterator; + import java.util.List; ++import java.util.concurrent.atomic.AtomicBoolean; + import org.junit.Before; + import org.junit.Test; + import org.junit.runner.RunWith; +diff --git a/src/google/protobuf/unittest_lite.proto b/src/google/protobuf/unittest_lite.proto +index b3fcfa431c00a..4bc78c4de6a80 100644 +--- a/src/google/protobuf/unittest_lite.proto ++++ b/src/google/protobuf/unittest_lite.proto +@@ -625,3 +625,7 @@ message RecursiveMessage { + optional RecursiveMessage recurse = 1; + optional bytes payload = 2; + } ++ ++message RecursiveGroup { ++ RecursiveGroup recurse = 1 [features.message_encoding = DELIMITED]; ++} diff --git a/protobuf.spec b/protobuf.spec index c22ccab77826c05cfd4b1d651b01d3fc5850b572..54e89a46e9e8067dbcff5a736ae20d93f48f495e 100644 --- a/protobuf.spec +++ b/protobuf.spec @@ -1,4 +1,4 @@ -%define anolis_release 6 +%define anolis_release 7 %define googletest_ver 5ec7f0c4a113e2f18ac2c6cc7df51ad6afc24081 %bcond_without python %bcond_with java @@ -26,7 +26,11 @@ Source3: %{gtest_url}/archive/%{gtest_commit}/%{gtest_dir}.tar.gz # --help” output. Source4: protoc.1 -Patch3: protobuf-3.19.4-jre17-add-opens.patch +Patch0: protobuf-3.19.4-jre17-add-opens.patch + +# https://github.com/protocolbuffers/protobuf/commit/cc8b3483a5584b3301e3d43d17eb59704857ffaa +Patch1: bugfix-for-cve-2024-7254.patch + BuildRequires: libtool BuildRequires: pkgconfig BuildRequires: zlib-devel @@ -246,7 +250,8 @@ The %{name}-doc package contains documentation files for %{name} %prep %setup -q -n %{name}-%{version} -a3 -%patch3 -p1 -b .jre17 +%patch -P 0 -p1 -b .jre17 +%patch -P 1 -p1 # Copy in the needed gtest/gmock implementations. %setup -q -T -D -b 3 -n %{name}-%{version} @@ -422,6 +427,9 @@ fail=1 %doc CHANGES.txt CONTRIBUTORS.txt README.md %changelog +* Thu Apr 17 2025 tomcruiseqi <10762123+tomcruiseqi@user.noreply.gitee.com> - 3.19.6-7 +- Fix CVE-2024-7254 + * Wed Mar 13 2024 Zhao Hang - 3.19.6-6 - Rebuild with python3.11