CaROS/meta-openembedded
3
1
Fork 0
mirror of git://git.openembedded.org/meta-openembedded synced 2026-01-01 13:58:06 +00:00
Code Issues Packages Projects Releases Wiki Activity

grpc: fix CVE-2023-32732

Browse Source 
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
This commit is contained in:
Chen Qi 2023-08-09 13:49:08 +08:00 committed by Khem Raj
parent 8d353c0491
commit 491b7592f4
2 changed files with 82 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

81
meta-oe/recipes-devtools/grpc/grpc/0001-fix-CVE-2023-32732.patch Normal file
View File

@ -0,0 +1,81 @@
From d39489045b5aa73e27713e3cbacb8832c1140ec8 Mon Sep 17 00:00:00 2001
From: Chen Qi <Qi.Chen@windriver.com>
Date: Wed, 9 Aug 2023 13:33:45 +0800
Subject: [PATCH] fix CVE-2023-32732
CVE: CVE-2023-32732
Upstream-Status: Backport [https://github.com/grpc/grpc/pull/32309/commits/6a7850ef4f042ac26559854266dddc79bfbc75b2]
The original patch is adjusted to fit the current 1.50.1 version.
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
---
.../ext/transport/chttp2/transport/hpack_parser.cc | 10 +++++++---
src/core/ext/transport/chttp2/transport/internal.h | 2 --
src/core/ext/transport/chttp2/transport/parsing.cc | 6 ++----
3 files changed, 9 insertions(+), 9 deletions(-)
diff --git a/src/core/ext/transport/chttp2/transport/hpack_parser.cc b/src/core/ext/transport/chttp2/transport/hpack_parser.cc
index f2e49022dc3..cd459d15238 100644
--- a/src/core/ext/transport/chttp2/transport/hpack_parser.cc
+++ b/src/core/ext/transport/chttp2/transport/hpack_parser.cc
@@ -1211,12 +1211,16 @@ class HPackParser::Parser {
"). GRPC_ARG_MAX_METADATA_SIZE can be set to increase this limit.",
*frame_length_, metadata_size_limit_);
if (metadata_buffer_ != nullptr) metadata_buffer_->Clear();
+ // StreamId is used as a signal to skip this stream but keep the connection
+ // alive
return input_->MaybeSetErrorAndReturn(
[] {
return grpc_error_set_int(
- GRPC_ERROR_CREATE_FROM_STATIC_STRING(
- "received initial metadata size exceeds limit"),
- GRPC_ERROR_INT_GRPC_STATUS, GRPC_STATUS_RESOURCE_EXHAUSTED);
+ grpc_error_set_int(
+ GRPC_ERROR_CREATE_FROM_STATIC_STRING(
+ "received initial metadata size exceeds limit"),
+ GRPC_ERROR_INT_GRPC_STATUS, GRPC_STATUS_RESOURCE_EXHAUSTED),
+ GRPC_ERROR_INT_STREAM_ID, 0);
},
false);
}
diff --git a/src/core/ext/transport/chttp2/transport/internal.h b/src/core/ext/transport/chttp2/transport/internal.h
index 4a2f4261d83..f8b544d9583 100644
--- a/src/core/ext/transport/chttp2/transport/internal.h
+++ b/src/core/ext/transport/chttp2/transport/internal.h
@@ -542,8 +542,6 @@ struct grpc_chttp2_stream {
grpc_core::Timestamp deadline = grpc_core::Timestamp::InfFuture();
- /** saw some stream level error */
- grpc_error_handle forced_close_error = GRPC_ERROR_NONE;
/** how many header frames have we received? */
uint8_t header_frames_received = 0;
/** number of bytes received - reset at end of parse thread execution */
diff --git a/src/core/ext/transport/chttp2/transport/parsing.cc b/src/core/ext/transport/chttp2/transport/parsing.cc
index 980f13543f6..afe6da190b6 100644
--- a/src/core/ext/transport/chttp2/transport/parsing.cc
+++ b/src/core/ext/transport/chttp2/transport/parsing.cc
@@ -22,6 +22,7 @@
#include <string.h>
#include <string>
+#include <utility>
#include "absl/base/attributes.h"
#include "absl/status/status.h"
@@ -719,10 +720,7 @@ static grpc_error_handle parse_frame_slice(grpc_chttp2_transport* t,
}
grpc_chttp2_parsing_become_skip_parser(t);
if (s) {
- s->forced_close_error = err;
- grpc_chttp2_add_rst_stream_to_next_write(t, t->incoming_stream_id,
- GRPC_HTTP2_PROTOCOL_ERROR,
- &s->stats.outgoing);
+ grpc_chttp2_cancel_stream(t, s, std::exchange(err, absl::OkStatus()));
} else {
GRPC_ERROR_UNREF(err);
}
--
2.34.1

1
meta-oe/recipes-devtools/grpc/grpc_1.50.1.bb
View File

@ -26,6 +26,7 @@ SRC_URI = "gitsm://github.com/grpc/grpc.git;protocol=https;name=grpc;branch=${BR
file://0001-Revert-Changed-GRPCPP_ABSEIL_SYNC-to-GPR_ABSEIL_SYNC.patch \
file://0001-cmake-add-separate-export-for-plugin-targets.patch \
file://0001-cmake-Link-with-libatomic-on-rv32-rv64.patch \
file://0001-fix-CVE-2023-32732.patch \
"
# Fixes build with older compilers 4.8 especially on ubuntu 14.04
CXXFLAGS:append:class-native = " -Wl,--no-as-needed"