84 lines
3.6 KiB
Diff
84 lines
3.6 KiB
Diff
From d3e0b7bbfb2b6ae861c2b7d9b257fc46fcd0b5b2 Mon Sep 17 00:00:00 2001
|
|
From: rpm-build <rpm-build>
|
|
Date: Thu, 25 Apr 2024 09:30:21 +0800
|
|
Subject: [PATCH] CVE-2022-32149
|
|
|
|
---
|
|
.../vendor/golang.org/x/text/language/parse.go | 5 +++++
|
|
.../vendor/golang.org/x/text/language/parse.go | 5 +++++
|
|
vendor/golang.org/x/text/language/parse.go | 5 +++++
|
|
3 files changed, 15 insertions(+)
|
|
|
|
diff --git a/dnsname-18822f9a4fb35d1349eb256f4cd2bfd372474d84/vendor/golang.org/x/text/language/parse.go b/dnsname-18822f9a4fb35d1349eb256f4cd2bfd372474d84/vendor/golang.org/x/text/language/parse.go
|
|
index fca2d30..5265091 100644
|
|
--- a/dnsname-18822f9a4fb35d1349eb256f4cd2bfd372474d84/vendor/golang.org/x/text/language/parse.go
|
|
+++ b/dnsname-18822f9a4fb35d1349eb256f4cd2bfd372474d84/vendor/golang.org/x/text/language/parse.go
|
|
@@ -764,6 +764,7 @@ func nextExtension(s string, p int) int {
|
|
}
|
|
|
|
var errInvalidWeight = errors.New("ParseAcceptLanguage: invalid weight")
|
|
+var errTagListTooLarge = errors.New("tag list exceeds max length")
|
|
|
|
// ParseAcceptLanguage parses the contents of an Accept-Language header as
|
|
// defined in http://www.ietf.org/rfc/rfc2616.txt and returns a list of Tags and
|
|
@@ -773,6 +774,10 @@ var errInvalidWeight = errors.New("ParseAcceptLanguage: invalid weight")
|
|
// Tags with a weight of zero will be dropped. An error will be returned if the
|
|
// input could not be parsed.
|
|
func ParseAcceptLanguage(s string) (tag []Tag, q []float32, err error) {
|
|
+ if strings.Count(s, "-") > 1000 {
|
|
+ return nil, nil, errTagListTooLarge
|
|
+ }
|
|
+
|
|
var entry string
|
|
for s != "" {
|
|
if entry, s = split(s, ','); entry == "" {
|
|
diff --git a/gvisor-tap-vsock-4ee84d66bd86668f011733d8873989b5862bcd07/vendor/golang.org/x/text/language/parse.go b/gvisor-tap-vsock-4ee84d66bd86668f011733d8873989b5862bcd07/vendor/golang.org/x/text/language/parse.go
|
|
index 59b0410..b982d9e 100644
|
|
--- a/gvisor-tap-vsock-4ee84d66bd86668f011733d8873989b5862bcd07/vendor/golang.org/x/text/language/parse.go
|
|
+++ b/gvisor-tap-vsock-4ee84d66bd86668f011733d8873989b5862bcd07/vendor/golang.org/x/text/language/parse.go
|
|
@@ -147,6 +147,7 @@ func update(b *language.Builder, part ...interface{}) (err error) {
|
|
}
|
|
|
|
var errInvalidWeight = errors.New("ParseAcceptLanguage: invalid weight")
|
|
+var errTagListTooLarge = errors.New("tag list exceeds max length")
|
|
|
|
// ParseAcceptLanguage parses the contents of an Accept-Language header as
|
|
// defined in http://www.ietf.org/rfc/rfc2616.txt and returns a list of Tags and
|
|
@@ -164,6 +165,10 @@ func ParseAcceptLanguage(s string) (tag []Tag, q []float32, err error) {
|
|
}
|
|
}()
|
|
|
|
+ if strings.Count(s, "-") > 1000 {
|
|
+ return nil, nil, errTagListTooLarge
|
|
+ }
|
|
+
|
|
var entry string
|
|
for s != "" {
|
|
if entry, s = split(s, ','); entry == "" {
|
|
diff --git a/vendor/golang.org/x/text/language/parse.go b/vendor/golang.org/x/text/language/parse.go
|
|
index 59b0410..b982d9e 100644
|
|
--- a/vendor/golang.org/x/text/language/parse.go
|
|
+++ b/vendor/golang.org/x/text/language/parse.go
|
|
@@ -147,6 +147,7 @@ func update(b *language.Builder, part ...interface{}) (err error) {
|
|
}
|
|
|
|
var errInvalidWeight = errors.New("ParseAcceptLanguage: invalid weight")
|
|
+var errTagListTooLarge = errors.New("tag list exceeds max length")
|
|
|
|
// ParseAcceptLanguage parses the contents of an Accept-Language header as
|
|
// defined in http://www.ietf.org/rfc/rfc2616.txt and returns a list of Tags and
|
|
@@ -164,6 +165,10 @@ func ParseAcceptLanguage(s string) (tag []Tag, q []float32, err error) {
|
|
}
|
|
}()
|
|
|
|
+ if strings.Count(s, "-") > 1000 {
|
|
+ return nil, nil, errTagListTooLarge
|
|
+ }
|
|
+
|
|
var entry string
|
|
for s != "" {
|
|
if entry, s = split(s, ','); entry == "" {
|
|
--
|
|
2.33.0
|
|
|