nghttp2: Fix CVE-2020-11080.patch to applyjansa/dunfell

fixes: Applying patch CVE-2020-11080.patch patching file doc/CMakeLists.txt patching file doc/Makefile.am Hunk #1 FAILED at 69. 1 out of 1 hunk FAILED -- rejects in file doc/Makefile.am patching file lib/includes/nghttp2/nghttp2.h patching file lib/nghttp2_helper.c patching file lib/nghttp2_option.c patching file lib/nghttp2_option.h patching file lib/nghttp2_session.c Hunk #3 succeeded at 5694 (offset 31 lines). Hunk #4 succeeded at 7470 (offset 29 lines). patching file lib/nghttp2_session.h patching file tests/main.c Hunk #1 succeeded at 315 (offset -2 lines). patching file tests/nghttp2_session_test.c Hunk #1 succeeded at 10558 (offset -56 lines). patching file tests/nghttp2_session_test.h Patch CVE-2020-11080.patch does not apply (enforce with -f) Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
author: Martin Jansa <Martin.Jansa@gmail.com> 2021-02-20 16:13:37 -0800
committer: Martin Jansa <Martin.Jansa@gmail.com> 2021-02-23 11:31:36 +0100
commit: 3a3a6c4e42d0b1c22d4e0d9cfd42d3e119972ce0 (patch)
tree: 23822e45398740c0421784c38abe3e7ba07f796d
parent: eeef16060d0373616e24668342b157fc973e1e96 (diff)
download: meta-openembedded-contrib-jansa/dunfell.tar.gz
meta-openembedded-contrib-jansa/dunfell.tar.bz2
meta-openembedded-contrib-jansa/dunfell.zip
1 files changed, 33 insertions, 33 deletions
diff --git a/meta-networking/recipes-support/nghttp2/nghttp2/CVE-2020-11080.patch b/meta-networking/recipes-support/nghttp2/nghttp2/CVE-2020-11080.patch
index 5cf2e872f4..83a1074191 100644
--- a/meta-networking/recipes-support/nghttp2/nghttp2/CVE-2020-11080.patch
+++ b/meta-networking/recipes-support/nghttp2/nghttp2/CVE-2020-11080.patch
@@ -1,11 +1,11 @@
-From 336a98feb0d56b9ac54e12736b18785c27f75090 Mon Sep 17 00:00:00 2001
+From 0e3ddf72a648c5909eef3486432f70ba15089f13 Mon Sep 17 00:00:00 2001
 From: James M Snell <jasnell@gmail.com>
 Date: Fri, 17 Apr 2020 16:53:51 -0700
 Subject: [PATCH] Implement max settings option
 
 CVE: CVE-2020-11080
 Upstream-Status: Backport [https://github.com/nghttp2/nghttp2/commit/336a98feb0d56b9ac54e12736b18785c27f75090]
-Comment: No hunks refreshed
+Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
 ---
  doc/CMakeLists.txt             |  1 +
  doc/Makefile.am                |  1 +
@@ -21,7 +21,7 @@ Comment: No hunks refreshed
  11 files changed, 124 insertions(+)
 
 diff --git a/doc/CMakeLists.txt b/doc/CMakeLists.txt
-index 34c027929..f3aec84da 100644
+index 34c02792..f3aec84d 100644
 --- a/doc/CMakeLists.txt
 +++ b/doc/CMakeLists.txt
 @@ -42,6 +42,7 @@ set(APIDOCS
@@ -33,25 +33,25 @@ index 34c027929..f3aec84da 100644
    nghttp2_priority_spec_check_default.rst
    nghttp2_priority_spec_default_init.rst
 diff --git a/doc/Makefile.am b/doc/Makefile.am
-index 4d73cef50..f073bfa4c 100644
+index 4d73cef5..f073bfa4 100644
 --- a/doc/Makefile.am
 +++ b/doc/Makefile.am
 @@ -69,6 +69,7 @@ APIDOCS= \
-       nghttp2_option_set_peer_max_concurrent_streams.rst \
-       nghttp2_option_set_user_recv_extension_type.rst \
-       nghttp2_option_set_max_outbound_ack.rst \
-+      nghttp2_option_set_max_settings.rst \
-       nghttp2_pack_settings_payload.rst \
-       nghttp2_priority_spec_check_default.rst \
-       nghttp2_priority_spec_default_init.rst \
+ 	nghttp2_option_set_peer_max_concurrent_streams.rst \
+ 	nghttp2_option_set_user_recv_extension_type.rst \
+ 	nghttp2_option_set_max_outbound_ack.rst \
++	nghttp2_option_set_max_settings.rst \
+ 	nghttp2_pack_settings_payload.rst \
+ 	nghttp2_priority_spec_check_default.rst \
+ 	nghttp2_priority_spec_default_init.rst \
 diff --git a/lib/includes/nghttp2/nghttp2.h b/lib/includes/nghttp2/nghttp2.h
-index e3aeb9fed..9be6eea5c 100644
+index e3aeb9fe..9be6eea5 100644
 --- a/lib/includes/nghttp2/nghttp2.h
 +++ b/lib/includes/nghttp2/nghttp2.h
 @@ -228,6 +228,13 @@ typedef struct {
   */
  #define NGHTTP2_CLIENT_MAGIC_LEN 24
-
+ 
 +/**
 + * @macro
 + *
@@ -77,7 +77,7 @@ index e3aeb9fed..9be6eea5c 100644
 @@ -2659,6 +2671,17 @@ NGHTTP2_EXTERN void nghttp2_option_set_no_closed_streams(nghttp2_option *option,
  NGHTTP2_EXTERN void nghttp2_option_set_max_outbound_ack(nghttp2_option *option,
                                                          size_t val);
-
+ 
 +/**
 + * @function
 + *
@@ -93,7 +93,7 @@ index e3aeb9fed..9be6eea5c 100644
   * @function
   *
 diff --git a/lib/nghttp2_helper.c b/lib/nghttp2_helper.c
-index 91136a619..0bd541472 100644
+index 91136a61..0bd54147 100644
 --- a/lib/nghttp2_helper.c
 +++ b/lib/nghttp2_helper.c
 @@ -334,6 +334,8 @@ const char *nghttp2_strerror(int error_code) {
@@ -106,7 +106,7 @@ index 91136a619..0bd541472 100644
      return "Unknown error code";
    }
 diff --git a/lib/nghttp2_option.c b/lib/nghttp2_option.c
-index e53f22d36..34348e660 100644
+index e53f22d3..34348e66 100644
 --- a/lib/nghttp2_option.c
 +++ b/lib/nghttp2_option.c
 @@ -121,3 +121,8 @@ void nghttp2_option_set_max_outbound_ack(nghttp2_option *option, size_t val) {
@@ -119,7 +119,7 @@ index e53f22d36..34348e660 100644
 +  option->max_settings = val;
 +}
 diff --git a/lib/nghttp2_option.h b/lib/nghttp2_option.h
-index 1f740aaa6..939729fdc 100644
+index 1f740aaa..939729fd 100644
 --- a/lib/nghttp2_option.h
 +++ b/lib/nghttp2_option.h
 @@ -67,6 +67,7 @@ typedef enum {
@@ -128,7 +128,7 @@ index 1f740aaa6..939729fdc 100644
    NGHTTP2_OPT_MAX_OUTBOUND_ACK = 1 << 11,
 +  NGHTTP2_OPT_MAX_SETTINGS = 1 << 12,
  } nghttp2_option_flag;
-
+ 
  /**
 @@ -85,6 +86,10 @@ struct nghttp2_option {
     * NGHTTP2_OPT_MAX_OUTBOUND_ACK
@@ -142,15 +142,15 @@ index 1f740aaa6..939729fdc 100644
     * Bitwise OR of nghttp2_option_flag to determine that which fields
     * are specified.
 diff --git a/lib/nghttp2_session.c b/lib/nghttp2_session.c
-index 563ccd7de..415e34776 100644
+index 9df3d6f3..470576da 100644
 --- a/lib/nghttp2_session.c
 +++ b/lib/nghttp2_session.c
 @@ -458,6 +458,7 @@ static int session_new(nghttp2_session **session_ptr,
-
+ 
    (*session_ptr)->max_send_header_block_length = NGHTTP2_MAX_HEADERSLEN;
    (*session_ptr)->max_outbound_ack = NGHTTP2_DEFAULT_MAX_OBQ_FLOOD_ITEM;
 +  (*session_ptr)->max_settings = NGHTTP2_DEFAULT_MAX_SETTINGS;
-
+ 
    if (option) {
      if ((option->opt_set_mask & NGHTTP2_OPT_NO_AUTO_WINDOW_UPDATE) &&
 @@ -521,6 +522,11 @@ static int session_new(nghttp2_session **session_ptr,
@@ -163,12 +163,12 @@ index 563ccd7de..415e34776 100644
 +      (*session_ptr)->max_settings = option->max_settings;
 +    }
    }
-
+ 
    rv = nghttp2_hd_deflate_init2(&(*session_ptr)->hd_deflater,
-@@ -5657,6 +5663,16 @@ ssize_t nghttp2_session_mem_recv(nghttp2_session *session, const uint8_t *in,
+@@ -5688,6 +5694,16 @@ ssize_t nghttp2_session_mem_recv(nghttp2_session *session, const uint8_t *in,
            iframe->max_niv =
                iframe->frame.hd.length / NGHTTP2_FRAME_SETTINGS_ENTRY_LENGTH + 1;
-
+ 
 +          if (iframe->max_niv - 1 > session->max_settings) {
 +            rv = nghttp2_session_terminate_session_with_reason(
 +                session, NGHTTP2_ENHANCE_YOUR_CALM,
@@ -181,8 +181,8 @@ index 563ccd7de..415e34776 100644
 +
            iframe->iv = nghttp2_mem_malloc(mem, sizeof(nghttp2_settings_entry) *
                                                     iframe->max_niv);
-
-@@ -7425,6 +7441,11 @@ static int nghttp2_session_upgrade_internal(nghttp2_session *session,
+ 
+@@ -7454,6 +7470,11 @@ static int nghttp2_session_upgrade_internal(nghttp2_session *session,
    if (settings_payloadlen % NGHTTP2_FRAME_SETTINGS_ENTRY_LENGTH) {
      return NGHTTP2_ERR_INVALID_ARGUMENT;
    }
@@ -195,7 +195,7 @@ index 563ccd7de..415e34776 100644
                                                settings_payloadlen, mem);
    if (rv != 0) {
 diff --git a/lib/nghttp2_session.h b/lib/nghttp2_session.h
-index d20827315..07bfbb6c9 100644
+index 90ead9c0..0cd51815 100644
 --- a/lib/nghttp2_session.h
 +++ b/lib/nghttp2_session.h
 @@ -267,6 +267,8 @@ struct nghttp2_session {
@@ -208,10 +208,10 @@ index d20827315..07bfbb6c9 100644
    uint32_t next_stream_id;
    /* The last stream ID this session initiated.  For client session,
 diff --git a/tests/main.c b/tests/main.c
-index 41e0b03eb..67eb4a1c2 100644
+index 46e9b1cb..e1e75689 100644
 --- a/tests/main.c
 +++ b/tests/main.c
-@@ -317,6 +317,8 @@ int main() {
+@@ -315,6 +315,8 @@ int main() {
                     test_nghttp2_session_set_local_window_size) ||
        !CU_add_test(pSuite, "session_cancel_from_before_frame_send",
                     test_nghttp2_session_cancel_from_before_frame_send) ||
@@ -221,13 +221,13 @@ index 41e0b03eb..67eb4a1c2 100644
                     test_nghttp2_session_removed_closed_stream) ||
        !CU_add_test(pSuite, "session_pause_data",
 diff --git a/tests/nghttp2_session_test.c b/tests/nghttp2_session_test.c
-index 6eb8e244d..33ee3ad84 100644
+index b366a6aa..cefe27a6 100644
 --- a/tests/nghttp2_session_test.c
 +++ b/tests/nghttp2_session_test.c
-@@ -10614,6 +10614,67 @@ void test_nghttp2_session_cancel_from_before_frame_send(void) {
+@@ -10558,6 +10558,67 @@ void test_nghttp2_session_cancel_from_before_frame_send(void) {
    nghttp2_session_del(session);
  }
-
+ 
 +void test_nghttp2_session_too_many_settings(void) {
 +  nghttp2_session *session;
 +  nghttp2_option *option;
@@ -293,7 +293,7 @@ index 6eb8e244d..33ee3ad84 100644
  prepare_session_removed_closed_stream(nghttp2_session *session,
                                        nghttp2_hd_deflater *deflater) {
 diff --git a/tests/nghttp2_session_test.h b/tests/nghttp2_session_test.h
-index e872c5d0b..818c808d0 100644
+index e872c5d0..818c808d 100644
 --- a/tests/nghttp2_session_test.h
 +++ b/tests/nghttp2_session_test.h
 @@ -156,6 +156,7 @@ void test_nghttp2_session_repeated_priority_change(void);
author	Martin Jansa <Martin.Jansa@gmail.com>	2021-02-20 16:13:37 -0800
committer	Martin Jansa <Martin.Jansa@gmail.com>	2021-02-23 11:31:36 +0100
commit	3a3a6c4e42d0b1c22d4e0d9cfd42d3e119972ce0 (patch)
tree	23822e45398740c0421784c38abe3e7ba07f796d
parent	eeef16060d0373616e24668342b157fc973e1e96 (diff)
download	meta-openembedded-contrib-jansa/dunfell.tar.gz meta-openembedded-contrib-jansa/dunfell.tar.bz2 meta-openembedded-contrib-jansa/dunfell.zip