patch deps CodeQL alerts

4 years ago · c52a2c7841
parent e84dc7ed0e
commit c52a2c7841
11 changed files with 185 additions and 2 deletions
--- a/deps/Makefile
+++ b/deps/Makefile
@ -58,7 +58,9 @@ libssl/openssl/libssl.a:
 	cd libssl && rm -rf openssl-1.1.1j || true
 	cd libssl && rm -rf openssl-openssl-3.0.0 || true
 	cd libssl && tar -zxf openssl-3.0.0.tar.gz
-	cd libssl/openssl  && ./config no-ssl3 no-tests
+	cd libssl/openssl && patch crypto/ec/curve448/curve448.c < ../curve448.c-multiplication-overflow.patch
+	cd libssl/openssl && patch crypto/asn1/a_time.c < ../a_time.c-multiplication-overflow.patch
+	cd libssl/openssl && ./config no-ssl3 no-tests
 	cd libssl/openssl && CC=${CC} CXX=${CXX} ${MAKE}
 	cd libssl/openssl && ln -s . lib # curl wants this path
 libssl: libssl/openssl/libssl.a
@ -98,6 +100,7 @@ libhttpserver: libhttpserver/libhttpserver/build/src/.libs/libhttpserver.a
 libev/libev/.libs/libev.a:
 	cd libev && rm -rf libev-4.24 || true
 	cd libev && tar -zxf libev-4.24.tar.gz
+	cd libev/libev && patch ev.c < ../ev.c-multiplication-overflow.patch
 	cd libev/libev  && ./configure
 	cd libev/libev && CC=${CC} CXX=${CXX} ${MAKE}
 ev: libev/libev/.libs/libev.a
@ -124,6 +127,7 @@ endif
 ifeq ($(OS),Darwin)
 	cd libmicrohttpd/libmicrohttpd && patch src/microhttpd/mhd_sockets.c < ../mhd_sockets.c-issue-5977.patch
 endif
+	cd libmicrohttpd/libmicrohttpd && patch src/microhttpd/connection.c < ../connection.c-snprintf-overflow.patch
 	cd libmicrohttpd/libmicrohttpd && ./configure --enable-https && CC=${CC} CXX=${CXX} ${MAKE}
 microhttpd: libmicrohttpd/libmicrohttpd/src/microhttpd/.libs/libmicrohttpd.a

@ -200,6 +204,9 @@ mariadb-client-library/mariadb_client/libmariadb/libmariadbclient.a: libssl/open
 ifeq ($(WITHASAN),1)
 	cd mariadb-client-library/mariadb_client && patch -p0 < ../mariadb_asan.patch
 endif
+	cd mariadb-client-library/mariadb_client && patch libmariadb/mariadb_dyncol.c < ../mariadb_dyncol.c-multiplication-overflow.patch
+	cd mariadb-client-library/mariadb_client && patch libmariadb/ma_array.c < ../ma_array.c-multiplication-overflow.patch
+	cd mariadb-client-library/mariadb_client && patch zlib/zutil.c < ../zutil.c-multiplication-overflow.patch
 	cd mariadb-client-library/mariadb_client && CC=${CC} CXX=${CXX} ${MAKE} mariadbclient
 # cd mariadb-client-library/mariadb_client/include && make my_config.h

@ -210,6 +217,7 @@ sqlite3/sqlite3/sqlite3.o:
 	cd sqlite3 && rm -rf sqlite-amalgamation-3190200
 	cd sqlite3 && tar -zxf sqlite-amalgamation-3190200.tar.gz
 	cd sqlite3/sqlite3 && patch sqlite3.c < ../from_unixtime.patch
+	cd sqlite3/sqlite3 && patch sqlite3.c < ../sqlite3.c-multiplication-overflow.patch
 	cd sqlite3/sqlite3 && ${CC} ${MYCFLAGS} -fPIC -c -o sqlite3.o sqlite3.c -DSQLITE_ENABLE_MEMORY_MANAGEMENT -DSQLITE_ENABLE_JSON1 -DSQLITE_DLL=1
 	cd sqlite3/sqlite3 && ${CC} -shared -o libsqlite3.so sqlite3.o

@ -241,7 +249,8 @@ re2/re2/obj/libre2.a:
 #	cd re2 && tar -zxf re2-20140304.tgz
 	cd re2 && tar -zxf re2.tar.gz
 #	cd re2/re2 && sed -i -e 's/-O3 -g /-O3 -fPIC /' Makefile
-#	cd re2 && patch re2/util/mutex.h < mutex.h.patch
+#	cd re2/re2 && patch util/mutex.h < ../mutex.h.patch
+	cd re2/re2 && patch re2/onepass.cc < ../onepass.cc-multiplication-overflow.patch
 	cd re2/re2 && sed -i -e 's/-O3 /-O3 -fPIC -DMEMORY_SANITIZER -DRE2_ON_VALGRIND /' Makefile
 	cd re2/re2 && sed -i -e 's/RE2_CXXFLAGS?=-std=c++11 /RE2_CXXFLAGS?=-std=c++11 -fPIC /' Makefile
 	cd re2/re2 && CC=${CC} CXX=${CXX} ${MAKE}
@ -252,6 +261,7 @@ pcre/pcre/.libs/libpcre.a:
 	cd pcre && rm -rf pcre-8.39
 	cd pcre && rm -rf pcre-8.44
 	cd pcre && tar -zxf pcre-8.44.tar.gz
+	cd pcre/pcre && patch pcretest.c < ../pcretest.c-multiplication-overflow.patch
 	cd pcre/pcre && ./configure
 	cd pcre/pcre && CC=${CC} CXX=${CXX} ${MAKE}
 pcre: pcre/pcre/.libs/libpcre.a
--- a/deps/libev/ev.c-multiplication-overflow.patch
+++ b/deps/libev/ev.c-multiplication-overflow.patch
@ -0,0 +1,18 @@
+@@ -1937,7 +1937,7 @@
+   while (cnt > ncur);
+ 
+   /* if size is large, round to MALLOC_ROUND - 4 * longs to accommodate malloc overhead */
+-  if (elem * ncur > MALLOC_ROUND - sizeof (void *) * 4)
+  if ((long) elem * ncur > MALLOC_ROUND - sizeof (void *) * 4)
+     {
+       ncur *= elem;
+       ncur = (ncur + elem + (MALLOC_ROUND - 1) + sizeof (void *) * 4) & ~(MALLOC_ROUND - 1);
+@@ -1953,7 +1953,7 @@
+ array_realloc (int elem, void *base, int *cur, int cnt)
+ {
+   *cur = array_nextsize (elem, *cur, cnt);
+-  return ev_realloc (base, elem * *cur);
+  return ev_realloc (base, (long) elem * *cur);
+ }
+ 
+ #define array_init_zero(base,count)	\
--- a/deps/libmicrohttpd/connection.c-snprintf-overflow.patch
+++ b/deps/libmicrohttpd/connection.c-snprintf-overflow.patch
@ -0,0 +1,20 @@
+@@ -1582,11 +1582,18 @@
+                                                 MHD_HTTP_HEADER_CONNECTION))) &&
+               (MHD_str_equal_caseless_ (pos->value,
+                                         "Keep-Alive")) ) ) )
+-      off += MHD_snprintf_ (&data[off],
+    {
+      int n = MHD_snprintf_ (&data[off],
+                             size - off,
+                             "%s: %s\r\n",
+                             pos->header,
+                             pos->value);
+      if (n < 0 || n >= size - off)
+      {
+        break;
+      }
+      off += n;
+    }
+   }
+   if (MHD_CONNECTION_FOOTERS_RECEIVED == connection->state)
+   {
--- a/deps/libssl/a_time.c-multiplication-overflow.patch
+++ b/deps/libssl/a_time.c-multiplication-overflow.patch
@ -0,0 +1,9 @@
+@@ -248,7 +248,7 @@
+             }
+             o++;
+         }
+-        if (offset && !OPENSSL_gmtime_adj(&tmp, 0, offset * offsign))
+        if (offset && !OPENSSL_gmtime_adj(&tmp, 0, (long) offset * offsign))
+             goto err;
+     } else {
+         /* not Z, or not +/- in non-strict mode */
--- a/deps/libssl/curve448.c-multiplication-overflow.patch
+++ b/deps/libssl/curve448.c-multiplication-overflow.patch
@ -0,0 +1,9 @@
+@@ -588,7 +588,7 @@
+             assert(position >= 0);
+             if (odd & (1 << (table_bits + 1)))
+                 delta -= (1 << (table_bits + 1));
+-            current -= delta * (1 << pos);
+            current -= (long) delta * (1 << pos);
+             control[position].power = pos + 16 * (w - 1);
+             control[position].addend = delta;
+             position--;
--- a/deps/mariadb-client-library/ma_array.c-multiplication-overflow.patch
+++ b/deps/mariadb-client-library/ma_array.c-multiplication-overflow.patch
@ -0,0 +1,53 @@
+@@ -46,7 +46,7 @@
+   array->max_element=init_alloc;
+   array->alloc_increment=alloc_increment;
+   array->size_of_element=element_size;
+-  if (!(array->buffer=(char*) malloc(element_size*init_alloc)))
+  if (!(array->buffer=(char*) malloc((long) element_size*init_alloc)))
+   {
+     array->max_element=0;
+     return(TRUE);
+@@ -80,7 +80,7 @@
+   if (array->elements == array->max_element)
+   {
+     char *new_ptr;
+-    if (!(new_ptr=(char*) realloc(array->buffer,(array->max_element+
+    if (!(new_ptr=(char*) realloc(array->buffer,(long) (array->max_element+
+ 			          array->alloc_increment)*
+ 				   array->size_of_element)))
+       return 0;
+@@ -111,14 +111,14 @@
+       char *new_ptr;
+       size=(idx+array->alloc_increment)/array->alloc_increment;
+       size*= array->alloc_increment;
+-      if (!(new_ptr=(char*) realloc(array->buffer,size*
+      if (!(new_ptr=(char*) realloc(array->buffer,(long) size*
+ 			            array->size_of_element)))
+ 	return TRUE;
+       array->buffer=new_ptr;
+       array->max_element=size;
+     }
+     memset((array->buffer+array->elements*array->size_of_element), 0,
+-	  (idx - array->elements)*array->size_of_element);
+	  (long) (idx - array->elements)*array->size_of_element);
+     array->elements=idx+1;
+   }
+   memcpy(array->buffer+(idx * array->size_of_element),element,
+@@ -155,7 +155,7 @@
+   char *ptr=array->buffer+array->size_of_element*idx;
+   array->elements--;
+   memmove(ptr,ptr+array->size_of_element,
+-	  (array->elements-idx)*array->size_of_element);
+	  (long) (array->elements-idx)*array->size_of_element);
+ }
+ 
+ 
+@@ -166,7 +166,7 @@
+   if (array->buffer && array->max_element != elements)
+   {
+     array->buffer=(char*) realloc(array->buffer,
+-			          elements*array->size_of_element);
+			          (long) elements*array->size_of_element);
+     array->max_element=elements;
+   }
+ }
--- a/deps/mariadb-client-library/mariadb_dyncol.c-multiplication-overflow.patch
+++ b/deps/mariadb-client-library/mariadb_dyncol.c-multiplication-overflow.patch
@ -0,0 +1,16 @@
+@@ -3999,13 +3999,13 @@
+         (val->x.time_value.neg ? -1 : 1);
+       break;
+     case DYN_COL_DATE:
+-      *ll= (val->x.time_value.year * 10000 +
+      *ll= ((long) val->x.time_value.year * 10000 +
+             val->x.time_value.month * 100 +
+             val->x.time_value.day) *
+         (val->x.time_value.neg ? -1 : 1);
+       break;
+     case DYN_COL_TIME:
+-      *ll= (val->x.time_value.hour * 10000 +
+      *ll= ((long) val->x.time_value.hour * 10000 +
+             val->x.time_value.minute * 100 +
+             val->x.time_value.second) *
+         (val->x.time_value.neg ? -1 : 1);
--- a/deps/mariadb-client-library/zutil.c-multiplication-overflow.patch
+++ b/deps/mariadb-client-library/zutil.c-multiplication-overflow.patch
@ -0,0 +1,9 @@
+@@ -303,7 +303,7 @@
+     unsigned size;
+ {
+     if (opaque) items += size - size; /* make compiler happy */
+-    return sizeof(uInt) > 2 ? (voidpf)malloc(items * size) :
+    return sizeof(uInt) > 2 ? (voidpf)malloc((long) items * size) :
+                               (voidpf)calloc(items, size);
+ }
+ 
--- a/deps/pcre/pcretest.c-multiplication-overflow.patch
+++ b/deps/pcre/pcretest.c-multiplication-overflow.patch
@ -0,0 +1,9 @@
+@@ -4094,7 +4094,7 @@
+ #endif
+       new_info(re, NULL, PCRE_INFO_SIZE, &size);
+       fprintf(outfile, "Memory allocation (code space): %d\n",
+-        (int)(size - real_pcre_size - name_count * name_entry_size));
+        (int)(size - real_pcre_size - (long) name_count * name_entry_size));
+       }
+ 
+     /* If -s or /S was present, study the regex to generate additional info to
--- a/deps/re2/onepass.cc-multiplication-overflow.patch
+++ b/deps/re2/onepass.cc-multiplication-overflow.patch
@ -0,0 +1,12 @@
+@@ -611,9 +611,9 @@
+     LOG(ERROR) << "nodes:\n" << dump;
+   }
+ 
+-  dfa_mem_ -= nalloc*statesize;
+  dfa_mem_ -= static_cast<long>(nalloc)*statesize;
+   onepass_nodes_ = PODArray<uint8_t>(nalloc*statesize);
+-  memmove(onepass_nodes_.data(), nodes.data(), nalloc*statesize);
+  memmove(onepass_nodes_.data(), nodes.data(), static_cast<long>(nalloc)*statesize);
+   return true;
+ 
+ fail:
--- a/deps/sqlite3/sqlite3.c-multiplication-overflow.patch
+++ b/deps/sqlite3/sqlite3.c-multiplication-overflow.patch
@ -0,0 +1,18 @@
+@@ -103301,7 +103301,7 @@
+   int n = *pnEntry;
+   if( (n & (n-1))==0 ){
+     int sz = (n==0) ? 1 : 2*n;
+-    void *pNew = sqlite3DbRealloc(db, pArray, sz*szEntry);
+    void *pNew = sqlite3DbRealloc(db, pArray, (long) sz*szEntry);
+     if( pNew==0 ){
+       *pIdx = -1;
+       return pArray;
+@@ -141183,7 +141183,7 @@
+     pStart = 0;
+   }else if( pBuf==0 ){
+     sqlite3BeginBenignMalloc();
+-    pStart = sqlite3Malloc( sz*cnt );  /* IMP: R-61949-35727 */
+    pStart = sqlite3Malloc( (long) sz*cnt );  /* IMP: R-61949-35727 */
+     sqlite3EndBenignMalloc();
+     if( pStart ) cnt = sqlite3MallocSize(pStart)/sz;
+   }else{