diff --git a/CVE-2019-18609.patch b/CVE-2019-18609.patch deleted file mode 100644 index d522ab2..0000000 --- a/CVE-2019-18609.patch +++ /dev/null @@ -1,47 +0,0 @@ -From fc85be7123050b91b054e45b91c78d3241a5047a Mon Sep 17 00:00:00 2001 -From: Alan Antonuk -Date: Sun, 3 Nov 2019 23:50:07 -0800 -Subject: [PATCH] lib: check frame_size is >= INT32_MAX - -When parsing a frame header, validate that the frame_size is less than -or equal to INT32_MAX. Given frame_max is limited between 0 and -INT32_MAX in amqp_login and friends, this does not change the API. - -This prevents a potential buffer overflow when a malicious client sends -a frame_size that is close to UINT32_MAX, in which causes an overflow -when computing state->target_size resulting in a small value there. A -buffer is then allocated with the small amount, then memcopy copies the -frame_size writing to memory beyond the end of the buffer. ---- - librabbitmq/amqp_connection.c | 15 ++++++++++++--- - 1 file changed, 12 insertions(+), 3 deletions(-) - -diff --git a/librabbitmq/amqp_connection.c b/librabbitmq/amqp_connection.c -index 034b2e96..b106f70a 100644 ---- a/librabbitmq/amqp_connection.c -+++ b/librabbitmq/amqp_connection.c -@@ -287,12 +287,21 @@ int amqp_handle_input(amqp_connection_state_t state, amqp_bytes_t received_data, - case CONNECTION_STATE_HEADER: { - amqp_channel_t channel; - amqp_pool_t *channel_pool; -- /* frame length is 3 bytes in */ -+ uint32_t frame_size; -+ - channel = amqp_d16(amqp_offset(raw_frame, 1)); - -- state->target_size = -- amqp_d32(amqp_offset(raw_frame, 3)) + HEADER_SIZE + FOOTER_SIZE; -+ /* frame length is 3 bytes in */ -+ frame_size = amqp_d32(amqp_offset(raw_frame, 3)); -+ /* To prevent the target_size calculation below from overflowing, check -+ * that the stated frame_size is smaller than a signed 32-bit. Given -+ * the library only allows configuring frame_max as an int32_t, and -+ * frame_size is uint32_t, the math below is safe from overflow. */ -+ if (frame_size >= INT32_MAX) { -+ return AMQP_STATUS_BAD_AMQP_DATA; -+ } - -+ state->target_size = frame_size + HEADER_SIZE + FOOTER_SIZE; - if ((size_t)state->frame_max < state->target_size) { - return AMQP_STATUS_BAD_AMQP_DATA; - } diff --git a/backport-0001-Fix-instructions-for-default-build.patch b/backport-0001-Fix-instructions-for-default-build.patch deleted file mode 100644 index 86ad2f2..0000000 --- a/backport-0001-Fix-instructions-for-default-build.patch +++ /dev/null @@ -1,26 +0,0 @@ -From 1fa5f63e6ba34d6d29fea7db62fde1b2bf96d914 Mon Sep 17 00:00:00 2001 -From: Ross Cousens -Date: Mon, 16 Jul 2018 10:18:04 +1000 -Subject: [PATCH] Fix instructions for default build - -The order of arguments were incorrect, --build must directly specify the directory afterwards. ---- - README.md | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/README.md b/README.md -index 5255315..b7776c6 100644 ---- a/README.md -+++ b/README.md -@@ -52,7 +52,7 @@ systems are: - - mkdir build && cd build - cmake .. -- cmake --build [--config Release] . -+ cmake --build . [--config Release] - - The --config Release flag should be used in multi-configuration generators e.g., - Visual Studio or XCode. --- -2.37.3.windows.1 - diff --git a/backport-0001-OpenSSL-should-ignore-missing-config-file.patch b/backport-0001-OpenSSL-should-ignore-missing-config-file.patch deleted file mode 100644 index 0dda6ba..0000000 --- a/backport-0001-OpenSSL-should-ignore-missing-config-file.patch +++ /dev/null @@ -1,32 +0,0 @@ -From 23c8fd736abda6331e38ca045735d636390336f5 Mon Sep 17 00:00:00 2001 -From: Alan Antonuk -Date: Sat, 8 Sep 2018 11:48:35 -0700 -Subject: [PATCH] OpenSSL should ignore missing config file - -When initializing OpenSSL in v1.1.0 or later, tell OpenSSL to ignore -missing openssl.cnf. - -Fixes #523 ---- - librabbitmq/amqp_openssl.c | 5 +++-- - 1 file changed, 3 insertions(+), 2 deletions(-) - -diff --git a/librabbitmq/amqp_openssl.c b/librabbitmq/amqp_openssl.c -index bcd5ba5..1fac25d 100644 ---- a/librabbitmq/amqp_openssl.c -+++ b/librabbitmq/amqp_openssl.c -@@ -584,8 +584,9 @@ static int setup_openssl(void) { - CRYPTO_set_locking_callback(ssl_locking_callback); - - #ifdef AMQP_OPENSSL_V110 -- if (CONF_modules_load_file(NULL, "rabbitmq-c", CONF_MFLAGS_DEFAULT_SECTION) <= -- 0) { -+ if (CONF_modules_load_file( -+ NULL, "rabbitmq-c", -+ CONF_MFLAGS_DEFAULT_SECTION | CONF_MFLAGS_IGNORE_MISSING_FILE) <= 0) { - status = AMQP_STATUS_SSL_ERROR; - goto out; - } --- -2.37.3.windows.1 - diff --git a/librabbitmq.spec b/librabbitmq.spec index c34598c..7fa6fa5 100644 --- a/librabbitmq.spec +++ b/librabbitmq.spec @@ -1,19 +1,17 @@ -%global git_commit 77e3805d1662034339c3c19bcdaaa62a56c1fa7e +%global git_commit a64c08c68aff34d49a2ac152f04988cd921084f9 %global git_short_commit %(tmp=%{git_commit}; echo ${tmp:0:7}) %global project_name rabbitmq-c Name: librabbitmq -Version: 0.9.0 -Release: 8 + +Version: 0.11.0 +Release: 1 + Summary: The AMQP client library License: MIT URL: https://github.com/alanxz/rabbitmq-c Source0: https://github.com/alanxz/%{project_name}/archive/%{git_commit}/%{project_name}-%{version}-%{git_short_commit}.tar.gz -Patch0000: CVE-2019-18609.patch - -Patch6000: backport-0001-Fix-instructions-for-default-build.patch -Patch6001: backport-0001-OpenSSL-should-ignore-missing-config-file.patch BuildRequires: cmake > 2.8 BuildRequires: popt-devel > 1.14 @@ -58,6 +56,7 @@ make test %doc THANKS TODO *.md %{_libdir}/%{name}.so.4* %{_bindir}/amqp-* +%{_libdir}/cmake/rabbitmq-c/* %files devel %{_libdir}/%{name}.so @@ -68,8 +67,10 @@ make test %doc %{_mandir}/man1/amqp-*.1* %doc %{_mandir}/man7/librabbitmq-tools.7* - %changelog +* Mon Jan 16 2023 dan 0.11.0-1 +- update to 0.11.0 + * Sat Jan 7 2023 mengwenhua - 0.9.0-8 - OpenSSL should ignore missing config file diff --git a/rabbitmq-c-0.11.0-a64c08c.tar.gz b/rabbitmq-c-0.11.0-a64c08c.tar.gz new file mode 100644 index 0000000..10793f0 Binary files /dev/null and b/rabbitmq-c-0.11.0-a64c08c.tar.gz differ diff --git a/rabbitmq-c-0.9.0-77e3805.tar.gz b/rabbitmq-c-0.9.0-77e3805.tar.gz deleted file mode 100644 index ee8bbb0..0000000 Binary files a/rabbitmq-c-0.9.0-77e3805.tar.gz and /dev/null differ