!21 回合上游社区补丁, 修复oss-fuzz测出的heap-buffer-overflow问题

From: @gaozhekang
Reviewed-by: @solarhu
Signed-off-by: @solarhu

0004-src-avoid-OOB-read-in-URL-parser.patch

@@ -0,0 +1,79 @@
+From 4cb8fa4aa5dea72bc66ea950e3fc193385bb7175 Mon Sep 17 00:00:00 2001
+From: gaozhekang <gaozhekang@huawei.com>
+Date: Wed, 4 Nov 2020 11:12:53 +0800
+Subject: [PATCH] src: avoid OOB read in URL parser
+
+This is not a big concern, because right now, all (non-test) inputs
+to the parser are `'\0'`-terminated, but we should be future-proof
+here and not perform these OOB reads.
+
+---
+ src/node_url.cc         |  6 +++---
+ test/cctest/test_url.cc | 20 ++++++++++++++++++++
+ 2 files changed, 23 insertions(+), 3 deletions(-)
+
+diff --git a/src/node_url.cc b/src/node_url.cc
+index 7bfcde5..41492b1 100644
+--- a/src/node_url.cc
++++ b/src/node_url.cc
+@@ -1487,7 +1487,7 @@ void URL::Parse(const char* input,
+             state = kSpecialRelativeOrAuthority;
+           } else if (special) {
+             state = kSpecialAuthoritySlashes;
+-          } else if (p[1] == '/') {
++          } else if (p + 1 < end && p[1] == '/') {
+             state = kPathOrAuthority;
+             p++;
+           } else {
+@@ -1547,7 +1547,7 @@ void URL::Parse(const char* input,
+         }
+         break;
+       case kSpecialRelativeOrAuthority:
+-        if (ch == '/' && p[1] == '/') {
++        if (ch == '/' && p + 1 < end && p[1] == '/') {
+           state = kSpecialAuthorityIgnoreSlashes;
+           p++;
+         } else {
+@@ -1695,7 +1695,7 @@ void URL::Parse(const char* input,
+         break;
+       case kSpecialAuthoritySlashes:
+         state = kSpecialAuthorityIgnoreSlashes;
+-        if (ch == '/' && p[1] == '/') {
++        if (ch == '/' && p + 1 < end && p[1] == '/') {
+           p++;
+         } else {
+           continue;
+diff --git a/test/cctest/test_url.cc b/test/cctest/test_url.cc
+index ddef534..810cbc2 100644
+--- a/test/cctest/test_url.cc
++++ b/test/cctest/test_url.cc
+@@ -80,6 +80,26 @@ TEST_F(URLTest, Base3) {
+   EXPECT_EQ(simple.path(), "/baz");
+ }
+ 
++TEST_F(URLTest, TruncatedAfterProtocol) {
++  char input[2] = { 'q', ':' };
++  URL simple(input, sizeof(input));
++
++  EXPECT_FALSE(simple.flags() & URL_FLAGS_FAILED);
++  EXPECT_EQ(simple.protocol(), "q:");
++  EXPECT_EQ(simple.host(), "");
++  EXPECT_EQ(simple.path(), "/");
++}
++
++TEST_F(URLTest, TruncatedAfterProtocol2) {
++  char input[6] = { 'h', 't', 't', 'p', ':', '/' };
++  URL simple(input, sizeof(input));
++
++  EXPECT_TRUE(simple.flags() & URL_FLAGS_FAILED);
++  EXPECT_EQ(simple.protocol(), "http:");
++  EXPECT_EQ(simple.host(), "");
++  EXPECT_EQ(simple.path(), "");
++}
++
+ TEST_F(URLTest, ToFilePath) {
+ #define T(url, path) EXPECT_EQ(path, URL(url).ToFilePath())
+   T("http://example.org/foo/bar", "");
+-- 
+2.23.0
+

nodejs.spec

@@ -57,7 +57,7 @@
 Name: nodejs
 Epoch: %{nodejs_epoch}
 Version: %{nodejs_version}
-Release: 1
+Release: 2
 Summary: JavaScript runtime
 License: MIT and ASL 2.0 and ISC and BSD
 Group: Development/Languages
@@ -72,6 +72,7 @@ Source7: nodejs_native.attr
 Patch1: 0001-Disable-running-gyp-on-shared-deps.patch
 Patch2: 0002-Install-both-binaries-and-use-libdir.patch
 Patch3: 0003-build-auto-load-ICU-data-from-with-icu-default-data-.patch
+Patch4: 0004-src-avoid-OOB-read-in-URL-parser.patch
 
 BuildRequires: python2-devel python3-devel zlib-devel gcc >= 6.3.0
 BuildRequires: gcc-c++ >= 6.3.0 nodejs-packaging chrpath libatomic
@@ -455,6 +456,9 @@ end
 
 
 %changelog
+* Wed Nov 04 2020 gaozhekang <gaozhekang@huawei.com> - 1:10.21.0-2
+- avoid OOB read in URL parser
+
 * Mon Aug 24 2020 lingsheng <lingsheng@huawei.com> - 1:10.21.0-1
 - Update to 10.21.0