fix-CVE-2022-3854
This commit is contained in:
wangzengliang1
parent
3b3b63bfc1
commit
c04327782a
47
0014-fix-CVE-2022-3854.patch
Normal file
47
0014-fix-CVE-2022-3854.patch
Normal file
@ -0,0 +1,47 @@
|
||||
From ed7c2d0a58fb87201777fb4097d5a2b650593b31 Mon Sep 17 00:00:00 2001
|
||||
From: wangzengliang1 <wangzengliang1@huawei.com>
|
||||
Date: Mon, 30 Jan 2023 09:32:19 +0800
|
||||
Subject: [PATCH] fix CVE-2022-3854
|
||||
|
||||
---
|
||||
src/rgw/rgw_common.cc | 5 +++++
|
||||
src/rgw/rgw_sal.h | 6 +++++-
|
||||
2 files changed, 10 insertions(+), 1 deletion(-)
|
||||
|
||||
diff --git a/src/rgw/rgw_common.cc b/src/rgw/rgw_common.cc
|
||||
index b44d4bf..ce7b94c 100644
|
||||
--- a/src/rgw/rgw_common.cc
|
||||
+++ b/src/rgw/rgw_common.cc
|
||||
@@ -1279,6 +1279,11 @@ bool verify_bucket_permission_no_policy(const DoutPrefixProvider* dpp, struct re
|
||||
|
||||
bool verify_bucket_permission(const DoutPrefixProvider* dpp, struct req_state * const s, const uint64_t op)
|
||||
{
|
||||
+ if (rgw::sal::RGWBucket::empty(s->bucket)) {
|
||||
+ // request is missing a bucket name
|
||||
+ return false;
|
||||
+ }
|
||||
+
|
||||
perm_state_from_req_state ps(s);
|
||||
|
||||
return verify_bucket_permission(dpp,
|
||||
diff --git a/src/rgw/rgw_sal.h b/src/rgw/rgw_sal.h
|
||||
index 41da8bc..197f975 100644
|
||||
--- a/src/rgw/rgw_sal.h
|
||||
+++ b/src/rgw/rgw_sal.h
|
||||
@@ -279,8 +279,12 @@ class RGWBucket {
|
||||
void convert(cls_user_bucket_entry *b) const {
|
||||
ent.convert(b);
|
||||
}
|
||||
+
|
||||
+ /** Check if a Bucket pointer is empty */
|
||||
+ static bool empty(const RGWBucket* b) { return (!b || b->empty()); }
|
||||
+ /** Check if a Bucket unique pointer is empty */
|
||||
+ static bool empty(const std::unique_ptr<RGWBucket>& b) { return (!b || b->empty()); }
|
||||
|
||||
- static bool empty(RGWBucket* b) { return (!b || b->empty()); }
|
||||
virtual std::unique_ptr<RGWBucket> clone() = 0;
|
||||
|
||||
/* dang - This is temporary, until the API is completed */
|
||||
--
|
||||
2.13.0.windows.1
|
||||
|
||||
@ -125,7 +125,7 @@
|
||||
#################################################################################
|
||||
Name: ceph
|
||||
Version: 16.2.7
|
||||
Release: 15
|
||||
Release: 16
|
||||
%if 0%{?fedora} || 0%{?rhel} || 0%{?openEuler}
|
||||
Epoch: 2
|
||||
%endif
|
||||
@ -156,6 +156,7 @@ Patch10: 0010-fix-CVE-2022-3650.patch
|
||||
Patch11: 0011-fix-no-module-named-v1_event-for-mgr-k8sevent.patch
|
||||
Patch12: 0012-add-missing-includes-when-compiling-with-boost-1.75.patch
|
||||
Patch13: 0013-add-atomic-library-for-loongarch64.patch
|
||||
Patch14: 0014-fix-CVE-2022-3854.patch
|
||||
%if 0%{?suse_version}
|
||||
# _insert_obs_source_lines_here
|
||||
ExclusiveArch: x86_64 aarch64 ppc64le s390x
|
||||
@ -2500,6 +2501,9 @@ exit 0
|
||||
%config %{_sysconfdir}/prometheus/ceph/ceph_default_alerts.yml
|
||||
|
||||
%changelog
|
||||
* Mon Feb 20 2023 wangzengliang<wangzengliang2@huawei.com> - 2:16.2.7-16
|
||||
- fix CVE-2022-3854
|
||||
|
||||
* Tue Feb 14 2023 wangzengliang<wangzengliang2@huawei.com> - 2:16.2.7-15
|
||||
- fix error for uninstall cephadm
|
||||
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user