代码拉取完成,页面将自动刷新
0004-backport-CVE-2024-7254-1.patch
6.93 KB
zhangxianting
提交于
2024-09-25 11:24
.
append fix CVE-2024-7254
123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146
From cc8b3483a5584b3301e3d43d17eb59704857ffaa Mon Sep 17 00:00:00 2001
From: Protobuf Team Bot <protobuf-github-bot@google.com>
Date: Thu, 18 Jul 2024 07:41:01 -0700
Subject: [PATCH] Internal change
PiperOrigin-RevId: 653615736
---
.../core/src/main/java/com/google/protobuf/ArrayDecoders.java | 3 +--
.../com/google/protobuf/InvalidProtocolBufferException.java | 2 +-
.../core/src/main/java/com/google/protobuf/MessageSchema.java | 3 +++
.../src/main/java/com/google/protobuf/MessageSetSchema.java | 1 +
.../src/main/java/com/google/protobuf/UnknownFieldSchema.java | 3 +--
java/lite/src/test/java/com/google/protobuf/LiteTest.java | 3 +++
src/google/protobuf/unittest_lite.proto | 4 ++++
7 files changed, 14 insertions(+), 5 deletions(-)
diff --git a/java/core/src/main/java/com/google/protobuf/ArrayDecoders.java b/java/core/src/main/java/com/google/protobuf/ArrayDecoders.java
index f3241de..9bf1439 100644
--- a/java/core/src/main/java/com/google/protobuf/ArrayDecoders.java
+++ b/java/core/src/main/java/com/google/protobuf/ArrayDecoders.java
@@ -24,8 +24,7 @@ import java.io.IOException;
@CheckReturnValue
final class ArrayDecoders {
- private ArrayDecoders() {
- }
+ private ArrayDecoders() {}
/**
* A helper used to return multiple values in a Java function. Java doesn't natively support
diff --git a/java/core/src/main/java/com/google/protobuf/InvalidProtocolBufferException.java b/java/core/src/main/java/com/google/protobuf/InvalidProtocolBufferException.java
index 5d10e48..dbcb9e8 100644
--- a/java/core/src/main/java/com/google/protobuf/InvalidProtocolBufferException.java
+++ b/java/core/src/main/java/com/google/protobuf/InvalidProtocolBufferException.java
@@ -132,7 +132,7 @@ public class InvalidProtocolBufferException extends IOException {
static InvalidProtocolBufferException recursionLimitExceeded() {
return new InvalidProtocolBufferException(
"Protocol message had too many levels of nesting. May be malicious. "
- + "Use CodedInputStream.setRecursionLimit() to increase the depth limit.");
+ + "Use setRecursionLimit() to increase the recursion depth limit.");
}
static InvalidProtocolBufferException sizeLimitExceeded() {
diff --git a/java/core/src/main/java/com/google/protobuf/MessageSchema.java b/java/core/src/main/java/com/google/protobuf/MessageSchema.java
index de3890f..f8f79fc 100644
--- a/java/core/src/main/java/com/google/protobuf/MessageSchema.java
+++ b/java/core/src/main/java/com/google/protobuf/MessageSchema.java
@@ -3006,6 +3006,7 @@ final class MessageSchema<T> implements Schema<T> {
unknownFields = unknownFieldSchema.getBuilderFromMessage(message);
}
// Unknown field.
+
if (unknownFieldSchema.mergeOneFieldFrom(unknownFields, reader)) {
continue;
}
@@ -3381,6 +3382,7 @@ final class MessageSchema<T> implements Schema<T> {
if (unknownFields == null) {
unknownFields = unknownFieldSchema.getBuilderFromMessage(message);
}
+
if (!unknownFieldSchema.mergeOneFieldFrom(unknownFields, reader)) {
return;
}
@@ -3397,6 +3399,7 @@ final class MessageSchema<T> implements Schema<T> {
if (unknownFields == null) {
unknownFields = unknownFieldSchema.getBuilderFromMessage(message);
}
+
if (!unknownFieldSchema.mergeOneFieldFrom(unknownFields, reader)) {
return;
}
diff --git a/java/core/src/main/java/com/google/protobuf/MessageSetSchema.java b/java/core/src/main/java/com/google/protobuf/MessageSetSchema.java
index eec3acd..a17037e 100644
--- a/java/core/src/main/java/com/google/protobuf/MessageSetSchema.java
+++ b/java/core/src/main/java/com/google/protobuf/MessageSetSchema.java
@@ -278,6 +278,7 @@ final class MessageSetSchema<T> implements Schema<T> {
reader, extension, extensionRegistry, extensions);
return true;
} else {
+
return unknownFieldSchema.mergeOneFieldFrom(unknownFields, reader);
}
} else {
diff --git a/java/core/src/main/java/com/google/protobuf/UnknownFieldSchema.java b/java/core/src/main/java/com/google/protobuf/UnknownFieldSchema.java
index c4ec645..a43bc2a 100644
--- a/java/core/src/main/java/com/google/protobuf/UnknownFieldSchema.java
+++ b/java/core/src/main/java/com/google/protobuf/UnknownFieldSchema.java
@@ -55,7 +55,6 @@ abstract class UnknownFieldSchema<T, B> {
/** Marks unknown fields as immutable. */
abstract void makeImmutable(Object message);
- /** Merges one field into the unknown fields. */
final boolean mergeOneFieldFrom(B unknownFields, Reader reader) throws IOException {
int tag = reader.getTag();
int fieldNumber = WireFormat.getTagFieldNumber(tag);
@@ -88,7 +87,7 @@ abstract class UnknownFieldSchema<T, B> {
}
}
- final void mergeFrom(B unknownFields, Reader reader) throws IOException {
+ private final void mergeFrom(B unknownFields, Reader reader) throws IOException {
while (true) {
if (reader.getFieldNumber() == Reader.READ_DONE
|| !mergeOneFieldFrom(unknownFields, reader)) {
diff --git a/java/lite/src/test/java/com/google/protobuf/LiteTest.java b/java/lite/src/test/java/com/google/protobuf/LiteTest.java
index 754ed7d..b42a4b9 100644
--- a/java/lite/src/test/java/com/google/protobuf/LiteTest.java
+++ b/java/lite/src/test/java/com/google/protobuf/LiteTest.java
@@ -10,12 +10,14 @@ package com.google.protobuf;
import static com.google.common.truth.Truth.assertThat;
import static com.google.common.truth.Truth.assertWithMessage;
import static java.util.Collections.singletonList;
+import static org.junit.Assert.assertThrows;
import com.google.protobuf.FieldPresenceTestProto.TestAllTypes;
import com.google.protobuf.UnittestImportLite.ImportEnumLite;
import com.google.protobuf.UnittestImportPublicLite.PublicImportMessageLite;
import com.google.protobuf.UnittestLite.ForeignEnumLite;
import com.google.protobuf.UnittestLite.ForeignMessageLite;
+import com.google.protobuf.UnittestLite.RecursiveGroup;
import com.google.protobuf.UnittestLite.RecursiveMessage;
import com.google.protobuf.UnittestLite.TestAllExtensionsLite;
import com.google.protobuf.UnittestLite.TestAllTypesLite;
@@ -50,6 +52,7 @@ import java.util.ArrayList;
import java.util.Arrays;
import java.util.Iterator;
import java.util.List;
+import java.util.concurrent.atomic.AtomicBoolean;
import org.junit.Before;
import org.junit.Test;
import org.junit.runner.RunWith;
diff --git a/src/google/protobuf/unittest_lite.proto b/src/google/protobuf/unittest_lite.proto
index 1848a2a..af6febf 100644
--- a/src/google/protobuf/unittest_lite.proto
+++ b/src/google/protobuf/unittest_lite.proto
@@ -505,3 +505,7 @@ message RecursiveMessage {
optional RecursiveMessage recurse = 1;
optional bytes payload = 2;
}
+
+message RecursiveGroup {
+ RecursiveGroup recurse = 1 [features.message_encoding = DELIMITED];
+}
--
2.43.0
举报
请认真填写举报原因,尽可能描述详细。
请选择举报类型
误判申诉
此处可能存在不合适展示的内容,页面不予展示。您可通过相关编辑功能自查并修改。
如您确认内容无涉及 不当用语 / 纯广告导流 / 暴力 / 低俗色情 / 侵权 / 盗版 / 虚假 / 无价值内容或违法国家有关法律法规的内容,可点击提交进行申诉,我们将尽快为您处理。
马建仓 AI 助手
尝试更多
代码解读
代码找茬
代码优化