From fd91389cf3d389f0857749c69105931ca5a6edf9 Mon Sep 17 00:00:00 2001
From: chengyechun <chengyechun1@huawei.com>
Date: Fri, 3 Nov 2023 11:09:21 +0800
Subject: [PATCH] fix CVE-2023-31122

---
 ...ort-CVE-2023-31122-out-of-bound-Read.patch | 28 +++++++++++++++++++
 httpd.spec                                    | 13 +++++++--
 2 files changed, 38 insertions(+), 3 deletions(-)
 create mode 100644 backport-CVE-2023-31122-out-of-bound-Read.patch

diff --git a/backport-CVE-2023-31122-out-of-bound-Read.patch b/backport-CVE-2023-31122-out-of-bound-Read.patch
new file mode 100644
index 0000000..aebeaeb
--- /dev/null
+++ b/backport-CVE-2023-31122-out-of-bound-Read.patch
@@ -0,0 +1,28 @@
+From c41eb3b14a3d1eb2e3c42c4728cc52a22748851a Mon Sep 17 00:00:00 2001
+From: Stefan Eissing <icing@apache.org>
+Date: Mon, 16 Oct 2023 06:39:44 +0000
+Subject: [PATCH] mod_macro: out of bounds Read
+
+Conflict:NA
+Reference:https://github.com/apache/httpd/commit/c41eb3b14a3d1eb2e3c42c4728cc52a22748851a
+
+---
+ modules/core/mod_macro.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/modules/core/mod_macro.c b/modules/core/mod_macro.c
+index 04af43b..cc42d0b 100644
+--- a/modules/core/mod_macro.c
++++ b/modules/core/mod_macro.c
+@@ -465,7 +465,7 @@ static const char *process_content(apr_pool_t * pool,
+     for (i = 0; i < contents->nelts; i++) {
+         const char *errmsg;
+         /* copy the line and substitute macro parameters */
+-        strncpy(line, ((char **) contents->elts)[i], MAX_STRING_LEN - 1);
++        apr_cpystrn(line, ((char **) contents->elts)[i], MAX_STRING_LEN);
+         errmsg = substitute_macro_args(line, MAX_STRING_LEN,
+                                        macro, replacements, used);
+         if (errmsg) {
+-- 
+2.23.0
+
diff --git a/httpd.spec b/httpd.spec
index 70d339b..9616300 100644
--- a/httpd.spec
+++ b/httpd.spec
@@ -8,7 +8,7 @@
 Name:             httpd
 Summary:          Apache HTTP Server
 Version:          2.4.51
-Release:          17
+Release:          18
 License:          ASL 2.0
 URL:              https://httpd.apache.org/
 Source0:          https://archive.apache.org/dist/httpd/httpd-%{version}.tar.bz2
@@ -76,7 +76,7 @@ Patch22:          backport-001-CVE-2022-23943.patch
 Patch23:          backport-002-CVE-2022-23943.patch
 Patch24:          backport-CVE-2021-44790.patch
 Patch25:          backport-001-CVE-2021-44224.patch
-Patch26:          backport-002-CVE-2021-44224.patch 
+Patch26:          backport-002-CVE-2021-44224.patch
 Patch27:          backport-Switch-from-PCRE-to-PCRE2.patch
 Patch28:          backport-CVE-2022-28615.patch
 Patch29:          backport-CVE-2022-31813.patch
@@ -104,6 +104,7 @@ Patch50:          backport-Report-an-error-if-the-AJP-backend-sends-an-invalid-n
 Patch51:          backport-handled-a-negative-value-when-parsing-the-config.patch
 Patch52:          backport-avoid-delimiting-the-query-with-a-backreference.patch
 Patch53:          backport-fix-missing-APLOGNO.patch
+Patch54:          backport-CVE-2023-31122-out-of-bound-Read.patch
 
 BuildRequires:    gcc autoconf pkgconfig findutils xmlto perl-interpreter perl-generators systemd-devel
 BuildRequires:    zlib-devel libselinux-devel lua-devel brotli-devel
@@ -536,7 +537,13 @@ exit $rv
 %{_rpmconfigdir}/macros.d/macros.httpd
 
 %changelog
-* Fri Jun 09 2023 chengyechun <sunhai10@huawei.com> - 2.4.51-17
+* Thu Nov 02 2023 chengyechun <chengyechun1@huawei.com> - 2.4.51-18
+- Type:CVE
+- ID:CVE-2023-31122
+- SUG:NA
+- DESC:fix CVE-2023-31122
+
+* Fri Jun 09 2023 chengyechun <chengyechun1@huawei.com> - 2.4.51-17
 - Type:bugfix
 - ID:
 - SUG:restart
-- 
Gitee