From 33d43c96cce3c31a5c4cc6773dc28b765e750d85 Mon Sep 17 00:00:00 2001
From: root <fundawang@yeah.net>
Date: Mon, 16 Oct 2023 12:51:39 +0800
Subject: [PATCH] Fix CVE-2023-36617

---
 ruby-3.1.4-CVE-2023-36617.patch | 129 ++++++++++++++++++++++++++++++++
 ruby.spec                       |  11 ++-
 2 files changed, 137 insertions(+), 3 deletions(-)
 create mode 100644 ruby-3.1.4-CVE-2023-36617.patch

diff --git a/ruby-3.1.4-CVE-2023-36617.patch b/ruby-3.1.4-CVE-2023-36617.patch
new file mode 100644
index 0000000..94aeb9e
--- /dev/null
+++ b/ruby-3.1.4-CVE-2023-36617.patch
@@ -0,0 +1,129 @@
+From 5fbc1d45f17e4bff7cc61a78a7d788aa32ff390a Mon Sep 17 00:00:00 2001
+From: Hiroshi SHIBATA <hsbt@ruby-lang.org>
+Date: Thu, 29 Jun 2023 22:24:35 +0900
+Subject: [PATCH] CVE-2023-36617 for Ruby 3.1 (#7996)
+
+* Bump up v0.12.2
+
+* Merge URI-0.10.3 for Bundler
+---
+ .../vendor/uri/lib/uri/rfc2396_parser.rb      |  4 ++--
+ .../vendor/uri/lib/uri/rfc3986_parser.rb      |  2 +-
+ lib/bundler/vendor/uri/lib/uri/version.rb     |  2 +-
+ lib/uri/rfc2396_parser.rb                     |  4 ++--
+ lib/uri/rfc3986_parser.rb                     |  2 +-
+ lib/uri/version.rb                            |  2 +-
+ test/uri/test_parser.rb                       | 22 +++++++++++++++++++
+ 7 files changed, 30 insertions(+), 8 deletions(-)
+
+diff --git a/lib/bundler/vendor/uri/lib/uri/rfc2396_parser.rb b/lib/bundler/vendor/uri/lib/uri/rfc2396_parser.rb
+index e48e164f4c13e..09ed40754d5bf 100644
+--- a/lib/bundler/vendor/uri/lib/uri/rfc2396_parser.rb
++++ b/lib/bundler/vendor/uri/lib/uri/rfc2396_parser.rb
+@@ -491,8 +491,8 @@ def initialize_regexp(pattern)
+       ret = {}
+ 
+       # for Bundler::URI::split
+-      ret[:ABS_URI] = Regexp.new('\A\s*' + pattern[:X_ABS_URI] + '\s*\z', Regexp::EXTENDED)
+-      ret[:REL_URI] = Regexp.new('\A\s*' + pattern[:X_REL_URI] + '\s*\z', Regexp::EXTENDED)
++      ret[:ABS_URI] = Regexp.new('\A\s*+' + pattern[:X_ABS_URI] + '\s*\z', Regexp::EXTENDED)
++      ret[:REL_URI] = Regexp.new('\A\s*+' + pattern[:X_REL_URI] + '\s*\z', Regexp::EXTENDED)
+ 
+       # for Bundler::URI::extract
+       ret[:URI_REF]     = Regexp.new(pattern[:URI_REF])
+diff --git a/lib/bundler/vendor/uri/lib/uri/rfc3986_parser.rb b/lib/bundler/vendor/uri/lib/uri/rfc3986_parser.rb
+index cd4dd0c752663..870720e5b3e8d 100644
+--- a/lib/bundler/vendor/uri/lib/uri/rfc3986_parser.rb
++++ b/lib/bundler/vendor/uri/lib/uri/rfc3986_parser.rb
+@@ -95,7 +95,7 @@ def default_regexp # :nodoc:
+         QUERY: /\A(?:%\h\h|[!$&-.0-;=@-Z_a-z~\/?])*\z/,
+         FRAGMENT: /\A(?:%\h\h|[!$&-.0-;=@-Z_a-z~\/?])*\z/,
+         OPAQUE: /\A(?:[^\/].*)?\z/,
+-        PORT: /\A[\x09\x0a\x0c\x0d ]*\d*[\x09\x0a\x0c\x0d ]*\z/,
++        PORT: /\A[\x09\x0a\x0c\x0d ]*+\d*[\x09\x0a\x0c\x0d ]*\z/,
+       }
+     end
+ 
+diff --git a/lib/bundler/vendor/uri/lib/uri/version.rb b/lib/bundler/vendor/uri/lib/uri/version.rb
+index 3895df0de5c53..d65b7e5b7574d 100644
+--- a/lib/bundler/vendor/uri/lib/uri/version.rb
++++ b/lib/bundler/vendor/uri/lib/uri/version.rb
+@@ -1,6 +1,6 @@
+ module Bundler::URI
+   # :stopdoc:
+-  VERSION_CODE = '001002'.freeze
++  VERSION_CODE = '001003'.freeze
+   VERSION = VERSION_CODE.scan(/../).collect{|n| n.to_i}.join('.').freeze
+   # :startdoc:
+ end
+diff --git a/lib/uri/rfc2396_parser.rb b/lib/uri/rfc2396_parser.rb
+index 76a8f99fd48cc..00c66cf042221 100644
+--- a/lib/uri/rfc2396_parser.rb
++++ b/lib/uri/rfc2396_parser.rb
+@@ -497,8 +497,8 @@ def initialize_regexp(pattern)
+       ret = {}
+ 
+       # for URI::split
+-      ret[:ABS_URI] = Regexp.new('\A\s*' + pattern[:X_ABS_URI] + '\s*\z', Regexp::EXTENDED)
+-      ret[:REL_URI] = Regexp.new('\A\s*' + pattern[:X_REL_URI] + '\s*\z', Regexp::EXTENDED)
++      ret[:ABS_URI] = Regexp.new('\A\s*+' + pattern[:X_ABS_URI] + '\s*\z', Regexp::EXTENDED)
++      ret[:REL_URI] = Regexp.new('\A\s*+' + pattern[:X_REL_URI] + '\s*\z', Regexp::EXTENDED)
+ 
+       # for URI::extract
+       ret[:URI_REF]     = Regexp.new(pattern[:URI_REF])
+diff --git a/lib/uri/rfc3986_parser.rb b/lib/uri/rfc3986_parser.rb
+index dd24a409ea174..9b1663dbb6efe 100644
+--- a/lib/uri/rfc3986_parser.rb
++++ b/lib/uri/rfc3986_parser.rb
+@@ -100,7 +100,7 @@ def default_regexp # :nodoc:
+         QUERY: /\A(?:%\h\h|[!$&-.0-;=@-Z_a-z~\/?])*\z/,
+         FRAGMENT: /\A(?:%\h\h|[!$&-.0-;=@-Z_a-z~\/?])*\z/,
+         OPAQUE: /\A(?:[^\/].*)?\z/,
+-        PORT: /\A[\x09\x0a\x0c\x0d ]*\d*[\x09\x0a\x0c\x0d ]*\z/,
++        PORT: /\A[\x09\x0a\x0c\x0d ]*+\d*[\x09\x0a\x0c\x0d ]*\z/,
+       }
+     end
+ 
+diff --git a/lib/uri/version.rb b/lib/uri/version.rb
+index 7497a7d31a5df..f0aca586acab4 100644
+--- a/lib/uri/version.rb
++++ b/lib/uri/version.rb
+@@ -1,6 +1,6 @@
+ module URI
+   # :stopdoc:
+-  VERSION_CODE = '001201'.freeze
++  VERSION_CODE = '001202'.freeze
+   VERSION = VERSION_CODE.scan(/../).collect{|n| n.to_i}.join('.').freeze
+   # :startdoc:
+ end
+diff --git a/test/uri/test_parser.rb b/test/uri/test_parser.rb
+index 72fb5901d963f..cee0acb4b57c8 100644
+--- a/test/uri/test_parser.rb
++++ b/test/uri/test_parser.rb
+@@ -79,4 +79,26 @@ def test_split
+     assert_equal([nil, nil, "example.com", nil, nil, "", nil, nil, nil], URI.split("//example.com"))
+     assert_equal([nil, nil, "[0::0]", nil, nil, "", nil, nil, nil], URI.split("//[0::0]"))
+   end
++
++  def test_rfc2822_parse_relative_uri
++    pre = ->(length) {
++      " " * length + "\0"
++    }
++    parser = URI::RFC2396_Parser.new
++    assert_linear_performance((1..5).map {|i| 10**i}, pre: pre) do |uri|
++      assert_raise(URI::InvalidURIError) do
++        parser.split(uri)
++      end
++    end
++  end
++
++  def test_rfc3986_port_check
++    pre = ->(length) {"\t" * length + "a"}
++    uri = URI.parse("http://my.example.com")
++    assert_linear_performance((1..5).map {|i| 10**i}, pre: pre) do |port|
++      assert_raise(URI::InvalidComponentError) do
++        uri.port = port
++      end
++    end
++  end
+ end
diff --git a/ruby.spec b/ruby.spec
index 32fa7b5..0b8a712 100644
--- a/ruby.spec
+++ b/ruby.spec
@@ -1,4 +1,4 @@
-%define anolis_release 8
+%define anolis_release 9
 %global major_version 3
 %global minor_version 1
 %global teeny_version 4
@@ -20,7 +20,7 @@
 
 # TODO: Check the version if/when available in library.
 %global bundler_tsort_version 0.1.1
-%global bundler_uri_version 0.10.2
+%global bundler_uri_version 0.10.3
 
 # Bundled libraries versions
 %global rubygems_version 3.3.26
@@ -108,6 +108,8 @@ Patch9: %{name}-3.2.0-define-unsupported-gc-compaction-methods_generated-files.p
 Patch10: %{name}-3.2.0-Detect-compaction-support-during-runtime.patch
 Patch11: %{name}-irb-1.4.1-drop-rdoc-hard-dep.patch
 Patch12: %{name}-irb-1.4.1-set-rdoc-soft-dep.patch
+# https://github.com/ruby/ruby/commit/5fbc1d45f17e4bff7cc61a78a7d788aa32ff390a
+Patch13: %{name}-3.1.4-CVE-2023-36617.patch
 
 Suggests: rubypick
 Requires: %{name}-libs = %{version}-%{release}
@@ -1109,7 +1111,7 @@ DISABLE_TESTS="$DISABLE_TESTS -n !/TestWeakMap#test_compaction_bug_19529/"
 %{gem_dir}/specifications/default/tmpdir-0.1.2.gemspec
 %{gem_dir}/specifications/default/tsort-0.1.0.gemspec
 %{gem_dir}/specifications/default/un-0.2.0.gemspec
-%{gem_dir}/specifications/default/uri-0.12.1.gemspec
+%{gem_dir}/specifications/default/uri-0.12.2.gemspec
 %{gem_dir}/specifications/default/weakref-0.1.1.gemspec
 %{gem_dir}/specifications/default/yaml-0.2.0.gemspec
 %{gem_dir}/specifications/default/zlib-2.1.1.gemspec
@@ -1263,6 +1265,9 @@ DISABLE_TESTS="$DISABLE_TESTS -n !/TestWeakMap#test_compaction_bug_19529/"
 %{_datadir}/ri
 
 %changelog
+* Thu Jul 13 2023 Funda Wang <fundawang@yeah.net> - 3.1.4-9
+- Fix CVE-2023-36617
+
 * Sat Apr 15 2023 Jing Zhang <renyu.zj@linux.alibaba.com> - 3.1.4-8
 - Refact spec
 
-- 
Gitee