[Enhancement] Add patch to enhance brpc security due to CVE-2023-31039 (#24155)
Fixes #24152 Signed-off-by: Astralidea <astralidea@163.com>
This commit is contained in:
Felix Li
GitHub
parent
e26400e0a7
commit
fb67922cb5
|
|
@ -301,6 +301,7 @@ if [ ! -f $PATCHED_MARK ] && [ $BRPC_SOURCE == "brpc-0.9.7" ]; then
|
|||
fi
|
||||
if [ ! -f $PATCHED_MARK ] && [ $BRPC_SOURCE == "brpc-1.3.0" ]; then
|
||||
patch -p1 < $TP_PATCH_DIR/brpc-1.3.0.patch
|
||||
patch -p1 < $TP_PATCH_DIR/brpc-1.3.0-CVE-2023-31039.patch
|
||||
touch $PATCHED_MARK
|
||||
fi
|
||||
cd -
|
||||
|
|
|
|||
|
|
@ -0,0 +1,34 @@
|
|||
--- brpc-1.3.0/src/brpc/server.cpp 2022-10-11 21:11:45.000000000 +0800
|
||||
+++ brpc-1.3.0/src/brpc/server.cpp 2023-05-25 18:38:07.103702393 +0800
|
||||
@@ -16,7 +16,6 @@
|
||||
// under the License.
|
||||
|
||||
|
||||
-#include <wordexp.h> // wordexp
|
||||
#include <iomanip>
|
||||
#include <arpa/inet.h> // inet_aton
|
||||
#include <fcntl.h> // O_CREAT
|
||||
@@ -1672,23 +1671,8 @@
|
||||
}
|
||||
}
|
||||
|
||||
-static std::string ExpandPath(const std::string &path) {
|
||||
- if (path.empty()) {
|
||||
- return std::string();
|
||||
- }
|
||||
- std::string ret;
|
||||
- wordexp_t p;
|
||||
- wordexp(path.c_str(), &p, 0);
|
||||
- CHECK_EQ(p.we_wordc, 1u);
|
||||
- if (p.we_wordc == 1) {
|
||||
- ret = p.we_wordv[0];
|
||||
- }
|
||||
- wordfree(&p);
|
||||
- return ret;
|
||||
-}
|
||||
|
||||
void Server::PutPidFileIfNeeded() {
|
||||
- _options.pid_file = ExpandPath(_options.pid_file);
|
||||
if (_options.pid_file.empty()) {
|
||||
return;
|
||||
}
|
||||
Loading…
Reference in New Issue