packages/mosquitto
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

!29 [sync] PR-23: Fix CVE-2021-34432 and modify the CVE-2021-41039.patch

Browse Source 
From: @openeuler-sync-bot 
Reviewed-by: @small_leek 
Signed-off-by: @small_leek
This commit is contained in:
openeuler-ci-bot 2022-02-25 07:07:46 +00:00 committed by Gitee
commit 77ac510aa8
No known key found for this signature in database
GPG Key ID: 173E9B9CA92EEF8F
3 changed files with 74 additions and 1204 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

62
CVE-2021-34432.patch Normal file
View File

@ -0,0 +1,62 @@
From 9b08faf0bdaf5a4f2e6e3dd1ea7e8c57f70418d6 Mon Sep 17 00:00:00 2001
From: "Roger A. Light" <roger@atchoo.org>
Date: Tue, 9 Feb 2021 14:09:53 +0000
Subject: [PATCH] Fix mosquitto_{pub|sub}_topic_check() function returns.
The would not return MOSQ_ERR_INVAL on topic == NULL.
---
ChangeLog.txt | 5 +++++
lib/util_topic.c | 19 ++++++++++++++++---
2 files changed, 21 insertions(+), 3 deletions(-)
diff --git a/lib/util_topic.c b/lib/util_topic.c
index fc24f0d1c..62b531127 100644
--- a/lib/util_topic.c
+++ b/lib/util_topic.c
@@ -54,6 +54,11 @@ int mosquitto_pub_topic_check(const char *str)
#ifdef WITH_BROKER
int hier_count = 0;
#endif
+
+ if(str == NULL){
+ return MOSQ_ERR_INVAL;
+ }
+
while(str && str[0]){
if(str[0] == '+' || str[0] == '#'){
return MOSQ_ERR_INVAL;
@@ -81,7 +86,9 @@ int mosquitto_pub_topic_check2(const char *str, size_t len)
int hier_count = 0;
#endif
- if(len > 65535) return MOSQ_ERR_INVAL;
+ if(str == NULL || len > 65535){
+ return MOSQ_ERR_INVAL;
+ }
for(i=0; i<len; i++){
if(str[i] == '+' || str[i] == '#'){
@@ -115,7 +122,11 @@ int mosquitto_sub_topic_check(const char *str)
int hier_count = 0;
#endif
- while(str && str[0]){
+ if(str == NULL){
+ return MOSQ_ERR_INVAL;
+ }
+
+ while(str[0]){
if(str[0] == '+'){
if((c != '\0' && c != '/') || (str[1] != '\0' && str[1] != '/')){
return MOSQ_ERR_INVAL;
@@ -150,7 +161,9 @@ int mosquitto_sub_topic_check2(const char *str, size_t len)
int hier_count = 0;
#endif
- if(len > 65535) return MOSQ_ERR_INVAL;
+ if(str == NULL || len > 65535){
+ return MOSQ_ERR_INVAL;
+ }
for(i=0; i<len; i++){
if(str[i] == '+'){

1210
CVE-2021-41039.patch
View File

File diff suppressed because it is too large Load Diff

6
mosquitto.spec
View File

@ -1,6 +1,6 @@
Name: mosquitto Name: mosquitto
Version: 1.6.15 Version: 1.6.15
Release: 5 Release: 6
Summary: Open Source MQTT v3.1/v3.1.1 Broker Summary: Open Source MQTT v3.1/v3.1.1 Broker
License: BSD License: BSD
URL: http://mosquitto.org/ URL: http://mosquitto.org/
@ -8,6 +8,7 @@ Source0: http://mosquitto.org/files/source/%{name}-%{version}.tar.gz
Patch0001: add-usage-output.patch Patch0001: add-usage-output.patch
Patch0002: fix-usage-exit-code.patch Patch0002: fix-usage-exit-code.patch
Patch0003: CVE-2021-41039.patch Patch0003: CVE-2021-41039.patch
Patch0004: CVE-2021-34432.patch
BuildRequires: c-ares-devel gcc-c++ libuuid-devel libwebsockets-devel openssl-devel BuildRequires: c-ares-devel gcc-c++ libuuid-devel libwebsockets-devel openssl-devel
BuildRequires: systemd-devel BuildRequires: systemd-devel
BuildRequires: make BuildRequires: make
@ -91,6 +92,9 @@ exit 0
%{_mandir}/man3/*.3.* %{_mandir}/man3/*.3.*
%changelog %changelog
* Thu Feb 24 2022 yaoxin <yaoxin30@huawei.com> - 1.6.15-6
- Fix CVE-2021-34432 and modify the CVE-2021-41039.patch.
* Thu Dec 30 2021 houyingchao <houyingchao@huawei.com> - 1.6.15-5 * Thu Dec 30 2021 houyingchao <houyingchao@huawei.com> - 1.6.15-5
- Fix CVE-2021-41039 - Fix CVE-2021-41039