From eea58701538e78e3524c0b97978b93fece266787 Mon Sep 17 00:00:00 2001
From: ChendongSun <sunchendong@xfusion.com>
Date: Thu, 13 Apr 2023 13:36:11 +0800
Subject: [PATCH] golang: fix CVE-2023-24537

---
 ....go1.19-go-scanner-reject-large-line.patch | 91 +++++++++++++++++++
 golang.spec                                   |  6 +-
 2 files changed, 96 insertions(+), 1 deletion(-)
 create mode 100644 0003-release-branch.go1.19-go-scanner-reject-large-line.patch

diff --git a/0003-release-branch.go1.19-go-scanner-reject-large-line.patch b/0003-release-branch.go1.19-go-scanner-reject-large-line.patch
new file mode 100644
index 0000000..86875be
--- /dev/null
+++ b/0003-release-branch.go1.19-go-scanner-reject-large-line.patch
@@ -0,0 +1,91 @@
+From 126a1d02da82f93ede7ce0bd8d3c51ef627f2104 Mon Sep 17 00:00:00 2001
+From: Damien Neil <dneil@google.com>
+Date: Wed, 22 Mar 2023 09:33:22 -0700
+Subject: [PATCH] [release-branch.go1.19] go/scanner: reject large line and
+ column numbers in //line directives
+
+Setting a large line or column number using a //line directive can cause
+integer overflow even in small source files.
+
+Limit line and column numbers in //line directives to 2^30-1, which
+is small enough to avoid int32 overflow on all reasonbly-sized files.
+
+Fixes CVE-2023-24537
+Fixes #59273
+For #59180
+
+Reviewed-on: https://team-review.git.corp.google.com/c/golang/go-private/+/1802456
+Reviewed-by: Julie Qiu <julieqiu@google.com>
+Reviewed-by: Roland Shoemaker <bracewell@google.com>
+Run-TryBot: Damien Neil <dneil@google.com>
+Reviewed-on: https://team-review.git.corp.google.com/c/golang/go-private/+/1802611
+Reviewed-by: Damien Neil <dneil@google.com>
+Change-Id: Ifdfa192d54f722d781a4d8c5f35b5fb72d122168
+Reviewed-on: https://go-review.googlesource.com/c/go/+/481986
+Reviewed-by: Matthew Dempsky <mdempsky@google.com>
+TryBot-Result: Gopher Robot <gobot@golang.org>
+Run-TryBot: Michael Knyszek <mknyszek@google.com>
+Auto-Submit: Michael Knyszek <mknyszek@google.com>
+---
+ src/go/parser/parser_test.go | 16 ++++++++++++++++
+ src/go/scanner/scanner.go    |  7 +++++--
+ 2 files changed, 21 insertions(+), 2 deletions(-)
+
+diff --git a/src/go/parser/parser_test.go b/src/go/parser/parser_test.go
+index 0c278924c9..15b265ffc3 100644
+--- a/src/go/parser/parser_test.go
++++ b/src/go/parser/parser_test.go
+@@ -742,3 +742,19 @@ func TestScopeDepthLimit(t *testing.T) {
+ 		}
+ 	}
+ }
++
++// TestIssue59180 tests that line number overflow doesn't cause an infinite loop.
++func TestIssue59180(t *testing.T) {
++	testcases := []string{
++		"package p\n//line :9223372036854775806\n\n//",
++		"package p\n//line :1:9223372036854775806\n\n//",
++		"package p\n//line file:9223372036854775806\n\n//",
++	}
++
++	for _, src := range testcases {
++		_, err := ParseFile(token.NewFileSet(), "", src, ParseComments)
++		if err == nil {
++			t.Errorf("ParseFile(%s) succeeded unexpectedly", src)
++		}
++	}
++}
+diff --git a/src/go/scanner/scanner.go b/src/go/scanner/scanner.go
+index 07e07581f7..6a7e30bb2f 100644
+--- a/src/go/scanner/scanner.go
++++ b/src/go/scanner/scanner.go
+@@ -246,13 +246,16 @@ func (s *Scanner) updateLineInfo(next, offs int, text []byte) {
+ 		return
+ 	}
+ 
++	// Put a cap on the maximum size of line and column numbers.
++	// 30 bits allows for some additional space before wrapping an int32.
++	const maxLineCol = 1<<30 - 1
+ 	var line, col int
+ 	i2, n2, ok2 := trailingDigits(text[:i-1])
+ 	if ok2 {
+ 		//line filename:line:col
+ 		i, i2 = i2, i
+ 		line, col = n2, n
+-		if col == 0 {
++		if col == 0 || col > maxLineCol {
+ 			s.error(offs+i2, "invalid column number: "+string(text[i2:]))
+ 			return
+ 		}
+@@ -262,7 +265,7 @@ func (s *Scanner) updateLineInfo(next, offs int, text []byte) {
+ 		line = n
+ 	}
+ 
+-	if line == 0 {
++	if line == 0 || line > maxLineCol {
+ 		s.error(offs+i, "invalid line number: "+string(text[i:]))
+ 		return
+ 	}
+-- 
+2.33.0
+
diff --git a/golang.spec b/golang.spec
index 3b65f2f..fb95298 100644
--- a/golang.spec
+++ b/golang.spec
@@ -62,13 +62,14 @@
 
 Name:           golang
 Version:        1.19.4
-Release:        2
+Release:        3
 Summary:        The Go Programming Language
 License:        BSD and Public Domain
 URL:            https://golang.org/
 Source0:        https://dl.google.com/go/go1.19.4.src.tar.gz
 Patch0:         0001-Enable-go-plugin-support-for-riscv64.patch
 Patch1:         0002-runtime-support-riscv64-SV57-mode.patch
+Patch2:         0003-release-branch.go1.19-go-scanner-reject-large-line.patch
 
 %if !%{golang_bootstrap}
 BuildRequires:  gcc-go >= 5
@@ -389,6 +390,9 @@ fi
 %files devel -f go-tests.list -f go-misc.list -f go-src.list
 
 %changelog
+* Thu Apr 20 2023 sunchendong<sunchendong@xfusion.com> - 1.19.4-3
+- fix CVE-2023-24537
+
 * Mon Apr 03 2023 misaka00251 <liuxin@iscas.ac.cn> - 1.19.4-2
 - Enable go plugin support for riscv64 (based on work by yangjinghua)
 - Backport upstream sv57 enablement for riscv64
-- 
Gitee