From 22c67837a3e8ca53f693eba92d5ab9804ce6da7f Mon Sep 17 00:00:00 2001 From: bwzhang Date: Fri, 19 Apr 2024 11:22:54 +0800 Subject: [PATCH] fix CVE-2022-34038 (cherry picked from commit fe04da5523435fa93fd8399fafdf81c34ba5f580) --- 0007-fix-CVE-2022-34038.patch | 43 +++++++++++++++++++++++++++++++++++ etcd.spec | 16 +++++++++---- 2 files changed, 55 insertions(+), 4 deletions(-) create mode 100644 0007-fix-CVE-2022-34038.patch diff --git a/0007-fix-CVE-2022-34038.patch b/0007-fix-CVE-2022-34038.patch new file mode 100644 index 0000000..b327fbb --- /dev/null +++ b/0007-fix-CVE-2022-34038.patch @@ -0,0 +1,43 @@ +From 10fdd367a2095806b025c1c54d30886369b3d586 Mon Sep 17 00:00:00 2001 +From: bwzhang +Date: Fri, 19 Apr 2024 11:11:10 +0800 +Subject: [PATCH] fix CVE-2022-34038 + +--- + pkg/ioutil/pagewriter.go | 10 ++++++++++ + 1 file changed, 10 insertions(+) + +diff --git a/pkg/ioutil/pagewriter.go b/pkg/ioutil/pagewriter.go +index cf9a8dc..4daaa9d 100644 +--- a/pkg/ioutil/pagewriter.go ++++ b/pkg/ioutil/pagewriter.go +@@ -16,6 +16,7 @@ package ioutil + + import ( + "io" ++ "fmt" + ) + + var defaultBufferBytes = 128 * 1024 +@@ -38,9 +39,18 @@ type PageWriter struct { + bufWatermarkBytes int + } + ++// Assert will panic with a given formatted message if the given condition is false. ++func Assert(condition bool, msg string, v int) { ++ if !condition { ++ panic(fmt.Sprintf("assertion failed: "+msg, v)) ++ } ++} ++ + // NewPageWriter creates a new PageWriter. pageBytes is the number of bytes + // to write per page. pageOffset is the starting offset of io.Writer. + func NewPageWriter(w io.Writer, pageBytes, pageOffset int) *PageWriter { ++ // If pageBytes is 0 or less, it will trigger a panic directly ++ Assert(pageBytes > 0, "pageBytes %d is an invalid value, it must be greater than 0", pageBytes) + return &PageWriter{ + w: w, + pageOffset: pageOffset, +-- +2.20.1 + diff --git a/etcd.spec b/etcd.spec index d83cea7..85060c8 100644 --- a/etcd.spec +++ b/etcd.spec @@ -31,7 +31,7 @@ system.} %global gosupfiles integration/fixtures/* etcdserver/api/v2http/testdata/* Name: etcd -Release: 8 +Release: 9 Summary: Distributed reliable key-value store for the most critical data of a distributed system # Upstream license specification: Apache-2.0 @@ -50,6 +50,7 @@ Patch3: 0003-etcd-Add-sw64-architecture.patch Patch4: 0004-fix-CVE-2023-45288.patch Patch5: 0005-fix-CVE-2022-41723.patch Patch6: 0006-fix-CVE-2023-39325.patch +Patch7: 0007-fix-CVE-2022-34038.patch BuildRequires: golang BuildRequires: python3-devel @@ -70,6 +71,7 @@ Requires(pre): shadow-utils %patch4 -p1 %patch5 -p1 %patch6 -p1 +%patch7 -p1 %ifarch sw_64 %patch3 -p1 %endif @@ -158,19 +160,25 @@ getent passwd %{name} >/dev/null || useradd -r -g %{name} -d %{_sharedstatedir}/ %endif %changelog -* Wed Apr 17 2024 zhangbowei -3.4.14-8 +* Fri Apr 19 2024 zhangbowei - 3.4.14-9 +- Type:bugfix +- CVE:NA +- SUG:NA +- DESC: fix CVE-2022-34038 + +* Wed Apr 17 2024 zhangbowei - 3.4.14-8 - Type:bugfix - CVE:NA - SUG:NA - DESC: fix CVE-2023-39325 -* Wed Apr 17 2024 zhangbowei -3.4.14-7 +* Wed Apr 17 2024 zhangbowei - 3.4.14-7 - Type:bugfix - CVE:NA - SUG:NA - DESC: fix CVE-2022-41723 -* Wed Apr 17 2024 zhangbowei -3.4.14-6 +* Wed Apr 17 2024 zhangbowei - 3.4.14-6 - Type:bugfix - CVE:NA - SUG:NA -- Gitee