packages/undertow
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Fix CVE-2020-10705

Browse Source 
(cherry picked from commit 7c391bd2365209d58d74f6a462cd94885a92da31)
This commit is contained in:
houyingchao 2021-10-27 18:46:28 +08:00 committed by openeuler-sync-bot
parent f8494fb89d
commit bfaf57d3fe
2 changed files with 103 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

97
CVE-2020-10705.patch Normal file
View File

@ -0,0 +1,97 @@
From b53d4589c586e8bbdcc89ed60f32cd7977e9a4f4 Mon Sep 17 00:00:00 2001
From: Stuart Douglas <stuart.w.douglas@gmail.com>
Date: Wed, 15 Apr 2020 15:39:02 +1000
Subject: [PATCH] [UNDERTOW-1657] Fix issue with 100-continue and h2
---
.../server/handlers/HttpContinueReadHandler.java | 12 +++++++-----
.../server/protocol/ajp/AjpServerConnection.java | 6 +++++-
.../server/protocol/http/HttpServerConnection.java | 6 +++++-
3 files changed, 17 insertions(+), 7 deletions(-)
diff --git a/core/src/main/java/io/undertow/server/handlers/HttpContinueReadHandler.java b/core/src/main/java/io/undertow/server/handlers/HttpContinueReadHandler.java
index 33c5c25..4a905f3 100644
--- a/core/src/main/java/io/undertow/server/handlers/HttpContinueReadHandler.java
+++ b/core/src/main/java/io/undertow/server/handlers/HttpContinueReadHandler.java
@@ -23,15 +23,17 @@ import java.nio.ByteBuffer;
import java.nio.channels.FileChannel;
import java.util.concurrent.TimeUnit;
+import org.xnio.channels.StreamSinkChannel;
+import org.xnio.conduits.AbstractStreamSourceConduit;
+import org.xnio.conduits.StreamSourceConduit;
+
import io.undertow.server.ConduitWrapper;
-import io.undertow.server.protocol.http.HttpContinue;
import io.undertow.server.HttpHandler;
import io.undertow.server.HttpServerExchange;
+import io.undertow.server.ResponseCommitListener;
+import io.undertow.server.protocol.http.HttpContinue;
import io.undertow.util.ConduitFactory;
import io.undertow.util.StatusCodes;
-import org.xnio.channels.StreamSinkChannel;
-import org.xnio.conduits.AbstractStreamSourceConduit;
-import org.xnio.conduits.StreamSourceConduit;
/**
* Handler for requests that require 100-continue responses. If an attempt is made to read from the source
@@ -44,7 +46,7 @@ public class HttpContinueReadHandler implements HttpHandler {
private static final ConduitWrapper<StreamSourceConduit> WRAPPER = new ConduitWrapper<StreamSourceConduit>() {
@Override
public StreamSourceConduit wrap(final ConduitFactory<StreamSourceConduit> factory, final HttpServerExchange exchange) {
- if(exchange.isRequestChannelAvailable() && !exchange.isResponseStarted()) {
+ if (exchange.isRequestChannelAvailable() && !exchange.isResponseStarted()) {
return new ContinueConduit(factory.create(), exchange);
}
return factory.create();
diff --git a/core/src/main/java/io/undertow/server/protocol/ajp/AjpServerConnection.java b/core/src/main/java/io/undertow/server/protocol/ajp/AjpServerConnection.java
index e5e3031..d9cae2d 100644
--- a/core/src/main/java/io/undertow/server/protocol/ajp/AjpServerConnection.java
+++ b/core/src/main/java/io/undertow/server/protocol/ajp/AjpServerConnection.java
@@ -26,6 +26,8 @@ import io.undertow.server.HttpHandler;
import io.undertow.server.HttpServerExchange;
import io.undertow.server.SSLSessionInfo;
import io.undertow.util.DateUtils;
+
+import org.xnio.IoUtils;
import org.xnio.OptionMap;
import io.undertow.connector.ByteBufferPool;
import org.xnio.StreamConnection;
@@ -61,7 +63,9 @@ public final class AjpServerConnection extends AbstractServerConnection {
@Override
public void terminateRequestChannel(HttpServerExchange exchange) {
- //todo: terminate
+ if (!exchange.isPersistent()) {
+ IoUtils.safeClose(getChannel().getSourceChannel());
+ }
}
@Override
diff --git a/core/src/main/java/io/undertow/server/protocol/http/HttpServerConnection.java b/core/src/main/java/io/undertow/server/protocol/http/HttpServerConnection.java
index 0128e9b..63bcdd6 100644
--- a/core/src/main/java/io/undertow/server/protocol/http/HttpServerConnection.java
+++ b/core/src/main/java/io/undertow/server/protocol/http/HttpServerConnection.java
@@ -36,6 +36,8 @@ import io.undertow.util.Headers;
import io.undertow.util.HttpString;
import io.undertow.util.ImmediatePooledByteBuffer;
import io.undertow.util.Methods;
+
+import org.xnio.IoUtils;
import org.xnio.OptionMap;
import io.undertow.connector.ByteBufferPool;
import io.undertow.connector.PooledByteBuffer;
@@ -135,7 +137,9 @@ public final class HttpServerConnection extends AbstractServerConnection {
@Override
public void terminateRequestChannel(HttpServerExchange exchange) {
-
+ if (!exchange.isPersistent()) {
+ IoUtils.safeClose(getChannel().getSourceChannel());
+ }
}
/**
--
2.23.0

7
undertow.spec
View File

@ -2,13 +2,14 @@
%global namedversion %{version}%{?namedreltag}
Name: undertow
Version: 1.4.0
Release: 1
Release: 2
Summary: Java web server using non-blocking IO
License: ASL 2.0
URL: http://undertow.io/
Source0: https://github.com/undertow-io/undertow/archive/%{namedversion}/%{name}-%{namedversion}.tar.gz
# Remove unavailable methods in jetty-alpn-api-1.1.0
Patch0: undertow-1.4.0-jetty-alpn-api-1.1.0.patch
Patch1: CVE-2020-10705.patch
BuildArch: noarch
Epoch: 1
BuildRequires: maven-local mvn(junit:junit) mvn(org.eclipse.jetty.alpn:alpn-api)
@ -32,6 +33,7 @@ This package contains the API documentation for %{name}.
%prep
%setup -q -n %{name}-%{namedversion}
%patch0 -p1
%patch1 -p1
rm -rf mac-jdk-fix
%pom_disable_module examples
%pom_remove_plugin -r :maven-checkstyle-plugin
@ -60,5 +62,8 @@ done
%license LICENSE.txt
%changelog
* Wed Oct 27 2021 houyingchao <houyingchao@huawei.com> - 1.4.0-2
- Fix CVE-2020-10705
* Wed Aug 19 2020 maminjie <maminjie1@huawei.com> - 1.4.0-1
- package init