!20 Fix CVE-2023-30364 for libcoap, support udp stream and file feature for dsoftbus

From: @heppen Reviewed-by: @yukaii Signed-off-by: @yukaii
2023-09-25 06:59:30 +00:00 · 2023-09-25 06:59:30 +00:00 · 55fd99d57c
commit 55fd99d57c
parent 92830da5f5 ec95efbd2b
3 changed files with 181 additions and 20 deletions
--- a/0018-open-udp-stream-and-file-feature-for-dsoftbus.patch
+++ b/0018-open-udp-stream-and-file-feature-for-dsoftbus.patch
@ -0,0 +1,94 @@
+From 271b7e334ec0514952a5532cad572d5ec87b0725 Mon Sep 17 00:00:00 2001
+From: heppen <hepeng68@huawei.com>
+Date: Wed, 20 Sep 2023 16:00:14 +0800
+Subject: [PATCH] open udp stream and file feature
+
+---
+ .../feature_config/standard/config.gni              |  4 ++--
+ components/nstackx/fillp/BUILD.gn                   |  2 +-
+ core/frame/BUILD.gn                                 |  3 +++
+ .../udp/stream/libsoftbus_stream/vtp_instance.cpp   | 13 ++++++++++++-
+ 4 files changed, 18 insertions(+), 4 deletions(-)
+
+diff --git a/adapter/default_config/feature_config/standard/config.gni b/adapter/default_config/feature_config/standard/config.gni
+index 15951d1..75d27a7 100644
+--- a/adapter/default_config/feature_config/standard/config.gni
+++ b/adapter/default_config/feature_config/standard/config.gni
+@@ -21,8 +21,8 @@ declare_args() {
+   dsoftbus_standard_feature_conn_p2p = false
+ 
+   dsoftbus_standard_feature_trans_udp = true
+-  dsoftbus_standard_feature_trans_udp_stream = false
+-  dsoftbus_standard_feature_trans_udp_file = false
+  dsoftbus_standard_feature_trans_udp_stream = true
+  dsoftbus_standard_feature_trans_udp_file = true
+ 
+   dsoftbus_standard_feature_ip_auth = true
+   dsoftbus_standard_feature_auth_account = false
+diff --git a/components/nstackx/fillp/BUILD.gn b/components/nstackx/fillp/BUILD.gn
+index f5c5443..d56fd05 100644
+--- a/components/nstackx/fillp/BUILD.gn
+++ b/components/nstackx/fillp/BUILD.gn
+@@ -105,7 +105,7 @@ if (defined(ohos_lite)) {
+     include_dirs = fillp_include
+     include_dirs += [ "//utils/native/base/include/" ]
+     sources = fillp_source
+-    deps = [ "//utils/native/base:utilsecurec_shared" ]
+    deps = [ "//third_party/bounds_checking_function:libsec_shared" ]
+ 
+     part_name = "dsoftbus_standard"
+     subsystem_name = "communication"
+diff --git a/core/frame/BUILD.gn b/core/frame/BUILD.gn
+index 3948ef6..5936a3a 100644
+--- a/core/frame/BUILD.gn
+++ b/core/frame/BUILD.gn
+@@ -180,6 +180,9 @@ if (defined(ohos_lite)) {
+       ":softbus_server",
+       "$dsoftbus_root_path/components/nstackx/nstackx_ctrl:nstackx_ctrl",
+       "$dsoftbus_root_path/components/nstackx/nstackx_util:nstackx_util.open",
+      "$dsoftbus_root_path/components/nstackx/nstackx_core/dfile:nstackx_dfile.open",
+      "$dsoftbus_root_path/components/nstackx/nstackx_congestion:nstackx_congestion.open",
+      "$dsoftbus_root_path/components/nstackx/fillp:FillpSo.open",
+       "$dsoftbus_root_path/core/common:softbus_utils",
+       "$dsoftbus_root_path/adapter:softbus_adapter",
+       "$dsoftbus_root_path/sdk:softbus_client",
+diff --git a/sdk/transmission/trans_channel/udp/stream/libsoftbus_stream/vtp_instance.cpp b/sdk/transmission/trans_channel/udp/stream/libsoftbus_stream/vtp_instance.cpp
+index 13a1cff..064b5bf 100644
+--- a/sdk/transmission/trans_channel/udp/stream/libsoftbus_stream/vtp_instance.cpp
+++ b/sdk/transmission/trans_channel/udp/stream/libsoftbus_stream/vtp_instance.cpp
+@@ -62,9 +62,16 @@ FILLP_UINT32 VtpInstance::CryptoRand()
+     if (fd < 0) {
+         return 0;
+     }
+-
+     FILLP_UINT32 value = 0;
+
+#ifdef __GNUC__
+#pragma GCC diagnostic push
+#pragma GCC diagnostic ignored "-Wunused-result"
+#endif
+     read(fd, &value, sizeof(FILLP_UINT32));
+#ifdef __GNUC__
+#pragma GCC diagnostic pop
+#endif
+     close(fd);
+     return value;
+ }
+@@ -82,10 +89,14 @@ void VtpInstance::PrintFillpLog(FILLP_UINT32 debugType, FILLP_UINT32 debugLevel,
+ 
+     va_list vaList;
+     va_start(vaList, format);
+#ifdef __clang__
+ #pragma clang diagnostic push
+ #pragma clang diagnostic ignored "-Wformat-nonliteral"
+#endif
+     int result = vsprintf_s(debugInfo, DEBUG_BUFFER_LEN, static_cast<const char *>(format), vaList);
+#ifdef __clang__
+ #pragma clang diagnostic pop
+#endif
+     if (result < 0) {
+         SoftBusLog(SOFTBUS_LOG_TRAN, SOFTBUS_LOG_ERROR, "**********fillDebugSend Fail!************");
+         va_end(vaList);
+-- 
+2.33.0
+
--- a/0019-third-party-libcoap-fix-CVE-2023-30364.patch
+++ b/0019-third-party-libcoap-fix-CVE-2023-30364.patch
@ -0,0 +1,55 @@
+From 905c17b5c116b039c1083290679be3f6c27fe401 Mon Sep 17 00:00:00 2001
+From: heppen <hepeng68@huawei.com>
+Date: Thu, 14 Sep 2023 18:59:15 +0800
+Subject: [PATCH] bugfix cve-2023-30362
+
+---
+ src/net.c | 32 +++++++++++++++++++-------------
+ 1 file changed, 19 insertions(+), 13 deletions(-)
+
+diff --git a/src/net.c b/src/net.c
+index 7154628..a432ddd 100644
+--- a/src/net.c
+++ b/src/net.c
+@@ -1217,19 +1217,25 @@ coap_send_internal(coap_session_t *session, coap_pdu_t *pdu) {
+ 
+       /* Need to check that we are not seeing this proxy in the return loop */
+       if (pdu->data && opt == NULL) {
+-        if (pdu->used_size + 1 <= pdu->max_size) {
+-          char *a_match;
+-          size_t data_len = pdu->used_size - (pdu->data - pdu->token);
+-          pdu->data[data_len] = '\000';
+-          a_match = strstr((char*)pdu->data, cp);
+-          if (a_match && (a_match == (char*)pdu->data || a_match[-1] == ' ') &&
+-              ((size_t)(a_match - (char*)pdu->data + len) == data_len ||
+-               a_match[len] == ' ')) {
+-            coap_log(LOG_WARNING, "Proxy loop detected '%s'\n",
+-                     (char*)pdu->data);
+-            coap_delete_pdu(pdu);
+-            return (coap_mid_t)COAP_DROPPED_RESPONSE;
+-          }
+        char *a_match;
+        size_t data_len;
+
+        if (pdu->used_size + 1 > pdu->max_size) {
+          /* No space */
+          return (coap_mid_t)COAP_DROPPED_RESPONSE;
+        }
+        if (!coap_pdu_resize(pdu, pdu->used_size + 1)) {
+          /* Internal error */
+          return (coap_mid_t)COAP_DROPPED_RESPONSE;
+        }
+        data_len = pdu->used_size - (pdu->data - pdu->token);
+        pdu->data[data_len] = '\000';
+        a_match = strstr((char*)pdu->data, cp);
+        if (a_match && (a_match == (char*)pdu->data || a_match[-1] == ' ') &&
+            ((size_t)(a_match - (char*)pdu->data + len) == data_len ||
+             a_match[len] == ' ')) {
+          coap_delete_pdu(pdu);
+          return (coap_mid_t)COAP_DROPPED_RESPONSE;
+         }
+       }
+       if (pdu->used_size + len + 1 <= pdu->max_size) {
+-- 
+2.33.0
+
--- a/dsoftbus.spec
+++ b/dsoftbus.spec
@ -14,7 +14,7 @@

 Name: dsoftbus
 Version: 1.0.0
-Release: 3
+Release: 5
 Summary: openEuler embedded softbus capability support
 License: Apache License 2.0
 Url: https://openeuler.gitee.io/yocto-meta-openeuler/features/distributed_softbus.html
@ -45,6 +45,8 @@ Patch0014: 0014-add-depend-for-openeuler.patch
 Patch0015: 0015-simplify-dependency-on-third-party-packages.patch
 Patch0016: 0016-adapter-cjson-in-openEuler-for-softbus.patch
 Patch0017: 0017-simplify-dependency-for-dsoftbus-standard.patch
+Patch0018: 0018-open-udp-stream-and-file-feature-for-dsoftbus.patch
+Patch0019: 0019-third-party-libcoap-fix-CVE-2023-30364.patch

 BuildRequires: gcc, g++, cmake, python, zip, unzip, ninja-build, git, libboundscheck, cjson-devel, openssl-devel, gn

@ -52,6 +54,8 @@ BuildRequires: gcc, g++, cmake, python, zip, unzip, ninja-build, git, libboundsc
 OpenEuler supports distributed softbus capability, which is part of openEuler's embedded capability

 %prep
+rm -rf %{_builddir}/*
+
 # Create the directories needed for the build
 dsoftbus_build_dir="%{_builddir}/dsoftbus_build"
 dsoftbus_prebuilts_build_tools="${dsoftbus_build_dir}/prebuilts/build-tools/linux-x86/bin"
@ -109,24 +113,26 @@ mv %{_builddir}/%{source_security_device_auth}-%{openHarmony_source_release} ${d
 mv %{_builddir}/%{source_commonlibrary_c_utils}-%{openHarmony_source_release} ${dsoftbus_utils}/native

 # do patch
-%patch -p1 -d ${dsoftbus_build_dir}/build
-%patch1 -p1 -d ${dsoftbus_build_dir}/build
-%patch2 -p1 -d ${dsoftbus_build_dir}/build 
-%patch3 -p1 -d ${dsoftbus_utils}/native
-%patch4 -p1 -d ${dsoftbus_thirdparty}/mbedtls
-%patch5 -p1 -d ${dsoftbus_thirdparty}/mbedtls
-%patch6 -p1 -d ${dsoftbus_thirdparty}/mbedtls
-%patch7 -p1 -d ${dsoftbus_hichain}/huks
-%patch8 -p1 -d ${dsoftbus_hichain}/deviceauth
-%patch9 -p1 -d ${dsoftbus_hichain}/deviceauth
-%patch10 -p1 -d ${dsoftbus_hichain}/deviceauth
-%patch11 -p1 -d ${dsoftbus_build_dir}/build 
-%patch12 -p1 -d ${dsoftbus_thirdparty}/bounds_checking_function
-%patch13 -p1 -d ${dsoftbus_productdefine}
-%patch14 -p1 -d ${dsoftbus_depend}
-%patch15 -p1 -d ${dsoftbus_hichain}/huks
-%patch16 -p1 -d ${dsoftbus_thirdparty}/cJSON
-%patch17 -p1 -d %{_builddir}/%{source_dsoftbus_standard}
+%patch -P0 -p1 -d ${dsoftbus_build_dir}/build
+%patch -P1 -p1 -d ${dsoftbus_build_dir}/build
+%patch -P2 -p1 -d ${dsoftbus_build_dir}/build
+%patch -P3 -p1 -d ${dsoftbus_utils}/native
+%patch -P4 -p1 -d ${dsoftbus_thirdparty}/mbedtls
+%patch -P5 -p1 -d ${dsoftbus_thirdparty}/mbedtls
+%patch -P6 -p1 -d ${dsoftbus_thirdparty}/mbedtls
+%patch -P7 -p1 -d ${dsoftbus_hichain}/huks
+%patch -P8 -p1 -d ${dsoftbus_hichain}/deviceauth
+%patch -P9 -p1 -d ${dsoftbus_hichain}/deviceauth
+%patch -P10 -p1 -d ${dsoftbus_hichain}/deviceauth
+%patch -P11 -p1 -d ${dsoftbus_build_dir}/build
+%patch -P12 -p1 -d ${dsoftbus_thirdparty}/bounds_checking_function
+%patch -P13 -p1 -d ${dsoftbus_productdefine}
+%patch -P14 -p1 -d ${dsoftbus_depend}
+%patch -P15 -p1 -d ${dsoftbus_hichain}/huks
+%patch -P16 -p1 -d ${dsoftbus_thirdparty}/cJSON
+%patch -P17 -p1 -d %{_builddir}/%{source_dsoftbus_standard}
+%patch -P18 -p1 -d %{_builddir}/%{source_dsoftbus_standard}
+%patch -P19 -p1 -d ${dsoftbus_thirdparty}/libcoap

 # init gn root
 ln -s ${dsoftbus_build_dir}/build/build_scripts/build.sh ${dsoftbus_build_dir}/build.sh
@ -199,6 +205,12 @@ ${dsoftbus_build_dir}/third_party/bounds_checking_function/include/*.h \
 /data/data

 %changelog
+* Mon Sep 25 2023 heppen <hepeng68@huawei.com> - 1.0.0-5
+- fix CVE-2023-30364 for libcoap
+
+* Wed Sep 20 2023 heppen <hepeng68@huawei.com> - 1.0.0-4
+- open udp stream and file feature for dsoftbus
+
 * Wed Nov 30 2022 liheavy <lihaiwei8@huawei.com> - 1.0.0-3
 - Disassemble yocto-embedded-tools and replace cjson, ninja, gn, openssl, libboundscheck
 - with openEuler software package 
@ -207,4 +219,4 @@ ${dsoftbus_build_dir}/third_party/bounds_checking_function/include/*.h \
 - add URL,change branch of libboundscheck to 22.03-LTS-SP1

 * Tue Nov 22 2022 xuchongyu <xuchongyu@huawei.com> - 1.0.0-1
- init dsoftbus
+- init dsoftbus