Resolves: CVE-2018-1000168 - update to the latest upstream release (1.32.0)
This commit is contained in:
Kamil Dudka
parent
8f8a5245bf
commit
35d7cae6d1
|
|
@ -1,99 +0,0 @@
|
|||
From 9fcf3200342603e9aa86a4bd3ba62f890237a200 Mon Sep 17 00:00:00 2001
|
||||
From: Kamil Dudka <kdudka@redhat.com>
|
||||
Date: Tue, 26 Jul 2016 12:58:46 +0200
|
||||
Subject: [PATCH] nghttpx: avoid using std::function to fix crash on armv7hl
|
||||
|
||||
Bug: https://bugzilla.redhat.com/1358845
|
||||
---
|
||||
src/shrpx_client_handler.cc | 8 ++++----
|
||||
src/shrpx_client_handler.h | 6 ++++--
|
||||
src/shrpx_http_downstream_connection.cc | 6 +++---
|
||||
src/shrpx_http_downstream_connection.h | 5 +++--
|
||||
4 files changed, 14 insertions(+), 11 deletions(-)
|
||||
|
||||
diff --git a/src/shrpx_client_handler.cc b/src/shrpx_client_handler.cc
|
||||
index 2c9b2a1..890143e 100644
|
||||
--- a/src/shrpx_client_handler.cc
|
||||
+++ b/src/shrpx_client_handler.cc
|
||||
@@ -654,12 +654,12 @@ int ClientHandler::validate_next_proto() {
|
||||
return -1;
|
||||
}
|
||||
|
||||
-int ClientHandler::do_read() { return read_(*this); }
|
||||
-int ClientHandler::do_write() { return write_(*this); }
|
||||
+int ClientHandler::do_read() { return (this->*read_)(); }
|
||||
+int ClientHandler::do_write() { return (this->*write_)(); }
|
||||
|
||||
int ClientHandler::on_read() {
|
||||
if (rb_.chunk_avail()) {
|
||||
- auto rv = on_read_(*this);
|
||||
+ auto rv = (this->*on_read_)();
|
||||
if (rv != 0) {
|
||||
return rv;
|
||||
}
|
||||
@@ -667,7 +667,7 @@ int ClientHandler::on_read() {
|
||||
conn_.handle_tls_pending_read();
|
||||
return 0;
|
||||
}
|
||||
-int ClientHandler::on_write() { return on_write_(*this); }
|
||||
+int ClientHandler::on_write() { return (this->*on_write_)(); }
|
||||
|
||||
const StringRef &ClientHandler::get_ipaddr() const { return ipaddr_; }
|
||||
|
||||
diff --git a/src/shrpx_client_handler.h b/src/shrpx_client_handler.h
|
||||
index bdfdafd..08f42b3 100644
|
||||
--- a/src/shrpx_client_handler.h
|
||||
+++ b/src/shrpx_client_handler.h
|
||||
@@ -185,8 +185,10 @@ private:
|
||||
StringRef forwarded_for_;
|
||||
// lowercased TLS SNI which client sent.
|
||||
StringRef sni_;
|
||||
- std::function<int(ClientHandler &)> read_, write_;
|
||||
- std::function<int(ClientHandler &)> on_read_, on_write_;
|
||||
+ int (ClientHandler::*read_)();
|
||||
+ int (ClientHandler::*write_)();
|
||||
+ int (ClientHandler::*on_read_)();
|
||||
+ int (ClientHandler::*on_write_)();
|
||||
// Address of frontend listening socket
|
||||
const UpstreamAddr *faddr_;
|
||||
Worker *worker_;
|
||||
diff --git a/src/shrpx_http_downstream_connection.cc b/src/shrpx_http_downstream_connection.cc
|
||||
index 077844c..8a38788 100644
|
||||
--- a/src/shrpx_http_downstream_connection.cc
|
||||
+++ b/src/shrpx_http_downstream_connection.cc
|
||||
@@ -1448,13 +1448,13 @@ int HttpDownstreamConnection::connected() {
|
||||
return 0;
|
||||
}
|
||||
|
||||
-int HttpDownstreamConnection::on_read() { return on_read_(*this); }
|
||||
+int HttpDownstreamConnection::on_read() { return (this->*on_read_)(); }
|
||||
|
||||
-int HttpDownstreamConnection::on_write() { return on_write_(*this); }
|
||||
+int HttpDownstreamConnection::on_write() { return (this->*on_write_)(); }
|
||||
|
||||
void HttpDownstreamConnection::on_upstream_change(Upstream *upstream) {}
|
||||
|
||||
-void HttpDownstreamConnection::signal_write() { signal_write_(*this); }
|
||||
+void HttpDownstreamConnection::signal_write() { (this->*signal_write_)(); }
|
||||
|
||||
int HttpDownstreamConnection::actual_signal_write() {
|
||||
ev_feed_event(conn_.loop, &conn_.wev, EV_WRITE);
|
||||
diff --git a/src/shrpx_http_downstream_connection.h b/src/shrpx_http_downstream_connection.h
|
||||
index 8fad535..0ab430c 100644
|
||||
--- a/src/shrpx_http_downstream_connection.h
|
||||
+++ b/src/shrpx_http_downstream_connection.h
|
||||
@@ -91,8 +91,9 @@ public:
|
||||
|
||||
private:
|
||||
Connection conn_;
|
||||
- std::function<int(HttpDownstreamConnection &)> on_read_, on_write_,
|
||||
- signal_write_;
|
||||
+ int (HttpDownstreamConnection::*on_read_)();
|
||||
+ int (HttpDownstreamConnection::*on_write_)();
|
||||
+ int (HttpDownstreamConnection::*signal_write_)();
|
||||
Worker *worker_;
|
||||
// nullptr if TLS is not used.
|
||||
SSL_CTX *ssl_ctx_;
|
||||
--
|
||||
2.5.5
|
||||
|
||||
10
nghttp2.spec
10
nghttp2.spec
|
|
@ -1,17 +1,15 @@
|
|||
Summary: Experimental HTTP/2 client, server and proxy
|
||||
Name: nghttp2
|
||||
Version: 1.21.1
|
||||
Version: 1.31.1
|
||||
Release: 1%{?dist}
|
||||
License: MIT
|
||||
Group: Applications/Internet
|
||||
URL: https://nghttp2.org/
|
||||
Source0: https://github.com/tatsuhiro-t/nghttp2/releases/download/v%{version}/nghttp2-%{version}.tar.xz
|
||||
|
||||
# prevent nghttpx from crashing on armv7hl (#1358845)
|
||||
Patch1: 0001-nghttp2-1.13.0-armv7hl-sigsegv.patch
|
||||
|
||||
BuildRequires: CUnit-devel
|
||||
BuildRequires: c-ares-devel
|
||||
BuildRequires: gcc-c++
|
||||
BuildRequires: libev-devel
|
||||
BuildRequires: openssl-devel
|
||||
BuildRequires: systemd-devel
|
||||
|
|
@ -46,7 +44,6 @@ for building applications with libnghttp2.
|
|||
|
||||
%prep
|
||||
%setup -q
|
||||
%patch1 -p1
|
||||
|
||||
|
||||
%build
|
||||
|
|
@ -117,6 +114,9 @@ make %{?_smp_mflags} check
|
|||
|
||||
|
||||
%changelog
|
||||
* Fri Apr 13 2018 Kamil Dudka <kdudka@redhat.com> 1.31.1-1
|
||||
- update to the latest upstream release (fixes CVE-2018-1000168)
|
||||
|
||||
* Mon Apr 10 2017 Kamil Dudka <kdudka@redhat.com> 1.21.1-1
|
||||
- update to the latest upstream release
|
||||
|
||||
|
|
|
|||
Loading…
Reference in New Issue