* [PATCH] ruby: fix CVE-2019-16254
@ 2020-02-10 18:16 Rahul Chauhan
2020-02-10 18:32 ` ✗ patchtest: failure for " Patchwork
2020-02-11 13:06 ` [PATCH] " rahul chauhan
0 siblings, 2 replies; 7+ messages in thread
From: Rahul Chauhan @ 2020-02-10 18:16 UTC (permalink / raw)
To: openembedded-core
Signed-off-by: Rahul Chauhan <rahulchauhankitps@gmail.com>
---
.../ruby/ruby/fix-CVE-2019-16254.patch | 106 +++++++++++++++++++++
meta/recipes-devtools/ruby/ruby_2.5.5.bb | 1 +
2 files changed, 107 insertions(+)
create mode 100644 meta/recipes-devtools/ruby/ruby/fix-CVE-2019-16254.patch
diff --git a/meta/recipes-devtools/ruby/ruby/fix-CVE-2019-16254.patch b/meta/recipes-devtools/ruby/ruby/fix-CVE-2019-16254.patch
new file mode 100644
index 0000000..704c850
--- /dev/null
+++ b/meta/recipes-devtools/ruby/ruby/fix-CVE-2019-16254.patch
@@ -0,0 +1,106 @@
+From 18d5289b4579822e391b3f5c16541e6552e9f06c Mon Sep 17 00:00:00 2001
+From: Yusuke Endoh <mame@ruby-lang.org>
+Date: Tue, 1 Oct 2019 12:29:18 +0900
+Subject: [PATCH] WEBrick: prevent response splitting and header injection
+
+This is a follow up to d9d4a28f1cdd05a0e8dabb36d747d40bbcc30f16.
+The commit prevented CRLR, but did not address an isolated CR or an
+isolated LF.
+
+Upstream-Status: Backport https://github.com/ruby/ruby/commit/3ce238b5f9795581eb84114dcfbdf4aa086bfecc
+CVE: CVE-2019-16254
+
+Co-Authored-By: NARUSE, Yui <naruse@airemix.jp>
+Signed-off-by: Rahul Chauhan <rahulchauhankitps@gmail.com>
+---
+ lib/webrick/httpresponse.rb | 3 ++-
+ test/webrick/test_httpresponse.rb | 46 +++++++++++++++++++++++++++++++++++++--
+ 2 files changed, 46 insertions(+), 3 deletions(-)
+
+diff --git a/lib/webrick/httpresponse.rb b/lib/webrick/httpresponse.rb
+index 6d77692..d26324c 100644
+--- a/lib/webrick/httpresponse.rb
++++ b/lib/webrick/httpresponse.rb
+@@ -367,7 +367,8 @@ def set_error(ex, backtrace=false)
+ private
+
+ def check_header(header_value)
+- if header_value =~ /\r\n/
++ header_value = header_value.to_s
++ if /[\r\n]/ =~ header_value
+ raise InvalidHeader
+ else
+ header_value
+diff --git a/test/webrick/test_httpresponse.rb b/test/webrick/test_httpresponse.rb
+index 6263e0a..24a6968 100644
+--- a/test/webrick/test_httpresponse.rb
++++ b/test/webrick/test_httpresponse.rb
+@@ -29,7 +29,7 @@ def setup
+ @res.keep_alive = true
+ end
+
+- def test_prevent_response_splitting_headers
++ def test_prevent_response_splitting_headers_crlf
+ res['X-header'] = "malicious\r\nCookie: hack"
+ io = StringIO.new
+ res.send_response io
+@@ -39,7 +39,7 @@ def test_prevent_response_splitting_headers
+ refute_match 'hack', io.string
+ end
+
+- def test_prevent_response_splitting_cookie_headers
++ def test_prevent_response_splitting_cookie_headers_crlf
+ user_input = "malicious\r\nCookie: hack"
+ res.cookies << WEBrick::Cookie.new('author', user_input)
+ io = StringIO.new
+@@ -50,6 +50,48 @@ def test_prevent_response_splitting_cookie_headers
+ refute_match 'hack', io.string
+ end
+
++ def test_prevent_response_splitting_headers_cr
++ res['X-header'] = "malicious\rCookie: hack"
++ io = StringIO.new
++ res.send_response io
++ io.rewind
++ res = Net::HTTPResponse.read_new(Net::BufferedIO.new(io))
++ assert_equal '500', res.code
++ refute_match 'hack', io.string
++ end
++
++ def test_prevent_response_splitting_cookie_headers_cr
++ user_input = "malicious\rCookie: hack"
++ res.cookies << WEBrick::Cookie.new('author', user_input)
++ io = StringIO.new
++ res.send_response io
++ io.rewind
++ res = Net::HTTPResponse.read_new(Net::BufferedIO.new(io))
++ assert_equal '500', res.code
++ refute_match 'hack', io.string
++ end
++
++ def test_prevent_response_splitting_headers_lf
++ res['X-header'] = "malicious\nCookie: hack"
++ io = StringIO.new
++ res.send_response io
++ io.rewind
++ res = Net::HTTPResponse.read_new(Net::BufferedIO.new(io))
++ assert_equal '500', res.code
++ refute_match 'hack', io.string
++ end
++
++ def test_prevent_response_splitting_cookie_headers_lf
++ user_input = "malicious\nCookie: hack"
++ res.cookies << WEBrick::Cookie.new('author', user_input)
++ io = StringIO.new
++ res.send_response io
++ io.rewind
++ res = Net::HTTPResponse.read_new(Net::BufferedIO.new(io))
++ assert_equal '500', res.code
++ refute_match 'hack', io.string
++ end
++
+ def test_304_does_not_log_warning
+ res.status = 304
+ res.setup_header
+--
+2.7.4
diff --git a/meta/recipes-devtools/ruby/ruby_2.5.5.bb b/meta/recipes-devtools/ruby/ruby_2.5.5.bb
index 223b037..58bb97f 100644
--- a/meta/recipes-devtools/ruby/ruby_2.5.5.bb
+++ b/meta/recipes-devtools/ruby/ruby_2.5.5.bb
@@ -3,6 +3,7 @@ require ruby.inc
SRC_URI += " \
file://0001-configure.ac-check-finite-isinf-isnan-as-macros-firs.patch \
file://run-ptest \
+ file://fix-CVE-2019-16254.patch \
"
SRC_URI[md5sum] = "7e156fb526b8f4bb1b30a3dd8a7ce400"
--
2.7.4
^ permalink raw reply related [flat|nested] 7+ messages in thread
* ✗ patchtest: failure for ruby: fix CVE-2019-16254
2020-02-10 18:16 [PATCH] ruby: fix CVE-2019-16254 Rahul Chauhan
@ 2020-02-10 18:32 ` Patchwork
2020-02-11 13:06 ` [PATCH] " rahul chauhan
1 sibling, 0 replies; 7+ messages in thread
From: Patchwork @ 2020-02-10 18:32 UTC (permalink / raw)
To: Rahul Chauhan; +Cc: openembedded-core
== Series Details ==
Series: ruby: fix CVE-2019-16254
Revision: 1
URL : https://patchwork.openembedded.org/series/22538/
State : failure
== Summary ==
Thank you for submitting this patch series to OpenEmbedded Core. This is
an automated response. Several tests have been executed on the proposed
series by patchtest resulting in the following failures:
* Issue Series does not apply on top of target branch [test_series_merge_on_head]
Suggested fix Rebase your series on top of targeted branch
Targeted branch master (currently at 44a4ac2294)
If you believe any of these test results are incorrect, please reply to the
mailing list (openembedded-core@lists.openembedded.org) raising your concerns.
Otherwise we would appreciate you correcting the issues and submitting a new
version of the patchset if applicable. Please ensure you add/increment the
version number when sending the new version (i.e. [PATCH] -> [PATCH v2] ->
[PATCH v3] -> ...).
---
Guidelines: https://www.openembedded.org/wiki/Commit_Patch_Message_Guidelines
Test framework: http://git.yoctoproject.org/cgit/cgit.cgi/patchtest
Test suite: http://git.yoctoproject.org/cgit/cgit.cgi/patchtest-oe
^ permalink raw reply [flat|nested] 7+ messages in thread
* Re: [PATCH] ruby: fix CVE-2019-16254
2020-02-10 18:16 [PATCH] ruby: fix CVE-2019-16254 Rahul Chauhan
2020-02-10 18:32 ` ✗ patchtest: failure for " Patchwork
@ 2020-02-11 13:06 ` rahul chauhan
2020-02-11 13:16 ` Alexander Kanavin
1 sibling, 1 reply; 7+ messages in thread
From: rahul chauhan @ 2020-02-11 13:06 UTC (permalink / raw)
To: openembedded-core
[-- Attachment #1: Type: text/plain, Size: 5802 bytes --]
Hi community members,
This patch Fixes CVE-2019-16254 on zeus branch.
patch test failed, since I did not use --subject-prefix="zeus][PATCH" at
the time of patch submission to openembedded-core@lists.openembedded.org.
should i resubmit this patch with --subject-prefix="zeus][PATCH"
or
can anyone guide me what should do next in this situation ?
Thanks & Regards
Rahul Chauhan
On Mon, Feb 10, 2020 at 11:47 PM Rahul Chauhan <rahulchauhankitps@gmail.com>
wrote:
> Signed-off-by: Rahul Chauhan <rahulchauhankitps@gmail.com>
> ---
> .../ruby/ruby/fix-CVE-2019-16254.patch | 106
> +++++++++++++++++++++
> meta/recipes-devtools/ruby/ruby_2.5.5.bb | 1 +
> 2 files changed, 107 insertions(+)
> create mode 100644
> meta/recipes-devtools/ruby/ruby/fix-CVE-2019-16254.patch
>
> diff --git a/meta/recipes-devtools/ruby/ruby/fix-CVE-2019-16254.patch
> b/meta/recipes-devtools/ruby/ruby/fix-CVE-2019-16254.patch
> new file mode 100644
> index 0000000..704c850
> --- /dev/null
> +++ b/meta/recipes-devtools/ruby/ruby/fix-CVE-2019-16254.patch
> @@ -0,0 +1,106 @@
> +From 18d5289b4579822e391b3f5c16541e6552e9f06c Mon Sep 17 00:00:00 2001
> +From: Yusuke Endoh <mame@ruby-lang.org>
> +Date: Tue, 1 Oct 2019 12:29:18 +0900
> +Subject: [PATCH] WEBrick: prevent response splitting and header injection
> +
> +This is a follow up to d9d4a28f1cdd05a0e8dabb36d747d40bbcc30f16.
> +The commit prevented CRLR, but did not address an isolated CR or an
> +isolated LF.
> +
> +Upstream-Status: Backport
> https://github.com/ruby/ruby/commit/3ce238b5f9795581eb84114dcfbdf4aa086bfecc
> +CVE: CVE-2019-16254
> +
> +Co-Authored-By: NARUSE, Yui <naruse@airemix.jp>
> +Signed-off-by: Rahul Chauhan <rahulchauhankitps@gmail.com>
> +---
> + lib/webrick/httpresponse.rb | 3 ++-
> + test/webrick/test_httpresponse.rb | 46
> +++++++++++++++++++++++++++++++++++++--
> + 2 files changed, 46 insertions(+), 3 deletions(-)
> +
> +diff --git a/lib/webrick/httpresponse.rb b/lib/webrick/httpresponse.rb
> +index 6d77692..d26324c 100644
> +--- a/lib/webrick/httpresponse.rb
> ++++ b/lib/webrick/httpresponse.rb
> +@@ -367,7 +367,8 @@ def set_error(ex, backtrace=false)
> + private
> +
> + def check_header(header_value)
> +- if header_value =~ /\r\n/
> ++ header_value = header_value.to_s
> ++ if /[\r\n]/ =~ header_value
> + raise InvalidHeader
> + else
> + header_value
> +diff --git a/test/webrick/test_httpresponse.rb
> b/test/webrick/test_httpresponse.rb
> +index 6263e0a..24a6968 100644
> +--- a/test/webrick/test_httpresponse.rb
> ++++ b/test/webrick/test_httpresponse.rb
> +@@ -29,7 +29,7 @@ def setup
> + @res.keep_alive = true
> + end
> +
> +- def test_prevent_response_splitting_headers
> ++ def test_prevent_response_splitting_headers_crlf
> + res['X-header'] = "malicious\r\nCookie: hack"
> + io = StringIO.new
> + res.send_response io
> +@@ -39,7 +39,7 @@ def test_prevent_response_splitting_headers
> + refute_match 'hack', io.string
> + end
> +
> +- def test_prevent_response_splitting_cookie_headers
> ++ def test_prevent_response_splitting_cookie_headers_crlf
> + user_input = "malicious\r\nCookie: hack"
> + res.cookies << WEBrick::Cookie.new('author', user_input)
> + io = StringIO.new
> +@@ -50,6 +50,48 @@ def test_prevent_response_splitting_cookie_headers
> + refute_match 'hack', io.string
> + end
> +
> ++ def test_prevent_response_splitting_headers_cr
> ++ res['X-header'] = "malicious\rCookie: hack"
> ++ io = StringIO.new
> ++ res.send_response io
> ++ io.rewind
> ++ res = Net::HTTPResponse.read_new(Net::BufferedIO.new(io))
> ++ assert_equal '500', res.code
> ++ refute_match 'hack', io.string
> ++ end
> ++
> ++ def test_prevent_response_splitting_cookie_headers_cr
> ++ user_input = "malicious\rCookie: hack"
> ++ res.cookies << WEBrick::Cookie.new('author', user_input)
> ++ io = StringIO.new
> ++ res.send_response io
> ++ io.rewind
> ++ res = Net::HTTPResponse.read_new(Net::BufferedIO.new(io))
> ++ assert_equal '500', res.code
> ++ refute_match 'hack', io.string
> ++ end
> ++
> ++ def test_prevent_response_splitting_headers_lf
> ++ res['X-header'] = "malicious\nCookie: hack"
> ++ io = StringIO.new
> ++ res.send_response io
> ++ io.rewind
> ++ res = Net::HTTPResponse.read_new(Net::BufferedIO.new(io))
> ++ assert_equal '500', res.code
> ++ refute_match 'hack', io.string
> ++ end
> ++
> ++ def test_prevent_response_splitting_cookie_headers_lf
> ++ user_input = "malicious\nCookie: hack"
> ++ res.cookies << WEBrick::Cookie.new('author', user_input)
> ++ io = StringIO.new
> ++ res.send_response io
> ++ io.rewind
> ++ res = Net::HTTPResponse.read_new(Net::BufferedIO.new(io))
> ++ assert_equal '500', res.code
> ++ refute_match 'hack', io.string
> ++ end
> ++
> + def test_304_does_not_log_warning
> + res.status = 304
> + res.setup_header
> +--
> +2.7.4
> diff --git a/meta/recipes-devtools/ruby/ruby_2.5.5.bb
> b/meta/recipes-devtools/ruby/ruby_2.5.5.bb
> index 223b037..58bb97f 100644
> --- a/meta/recipes-devtools/ruby/ruby_2.5.5.bb
> +++ b/meta/recipes-devtools/ruby/ruby_2.5.5.bb
> @@ -3,6 +3,7 @@ require ruby.inc
> SRC_URI += " \
>
> file://0001-configure.ac-check-finite-isinf-isnan-as-macros-firs.patch \
> file://run-ptest \
> + file://fix-CVE-2019-16254.patch \
> "
>
> SRC_URI[md5sum] = "7e156fb526b8f4bb1b30a3dd8a7ce400"
> --
> 2.7.4
>
>
[-- Attachment #2: Type: text/html, Size: 7745 bytes --]
^ permalink raw reply [flat|nested] 7+ messages in thread
* Re: [PATCH] ruby: fix CVE-2019-16254
2020-02-11 13:06 ` [PATCH] " rahul chauhan
@ 2020-02-11 13:16 ` Alexander Kanavin
2020-02-11 13:27 ` rahul chauhan
0 siblings, 1 reply; 7+ messages in thread
From: Alexander Kanavin @ 2020-02-11 13:16 UTC (permalink / raw)
To: rahul chauhan; +Cc: OE-core
[-- Attachment #1: Type: text/plain, Size: 6362 bytes --]
Yes. You should always specify the target branch in the subject if it is
not for master.
Alex
On Tue, 11 Feb 2020 at 14:06, rahul chauhan <rahulchauhankitps@gmail.com>
wrote:
> Hi community members,
>
> This patch Fixes CVE-2019-16254 on zeus branch.
> patch test failed, since I did not use --subject-prefix="zeus][PATCH" at
> the time of patch submission to openembedded-core@lists.openembedded.org.
>
> should i resubmit this patch with --subject-prefix="zeus][PATCH"
> or
> can anyone guide me what should do next in this situation ?
>
> Thanks & Regards
> Rahul Chauhan
>
> On Mon, Feb 10, 2020 at 11:47 PM Rahul Chauhan <
> rahulchauhankitps@gmail.com> wrote:
>
>> Signed-off-by: Rahul Chauhan <rahulchauhankitps@gmail.com>
>> ---
>> .../ruby/ruby/fix-CVE-2019-16254.patch | 106
>> +++++++++++++++++++++
>> meta/recipes-devtools/ruby/ruby_2.5.5.bb | 1 +
>> 2 files changed, 107 insertions(+)
>> create mode 100644
>> meta/recipes-devtools/ruby/ruby/fix-CVE-2019-16254.patch
>>
>> diff --git a/meta/recipes-devtools/ruby/ruby/fix-CVE-2019-16254.patch
>> b/meta/recipes-devtools/ruby/ruby/fix-CVE-2019-16254.patch
>> new file mode 100644
>> index 0000000..704c850
>> --- /dev/null
>> +++ b/meta/recipes-devtools/ruby/ruby/fix-CVE-2019-16254.patch
>> @@ -0,0 +1,106 @@
>> +From 18d5289b4579822e391b3f5c16541e6552e9f06c Mon Sep 17 00:00:00 2001
>> +From: Yusuke Endoh <mame@ruby-lang.org>
>> +Date: Tue, 1 Oct 2019 12:29:18 +0900
>> +Subject: [PATCH] WEBrick: prevent response splitting and header injection
>> +
>> +This is a follow up to d9d4a28f1cdd05a0e8dabb36d747d40bbcc30f16.
>> +The commit prevented CRLR, but did not address an isolated CR or an
>> +isolated LF.
>> +
>> +Upstream-Status: Backport
>> https://github.com/ruby/ruby/commit/3ce238b5f9795581eb84114dcfbdf4aa086bfecc
>> +CVE: CVE-2019-16254
>> +
>> +Co-Authored-By: NARUSE, Yui <naruse@airemix.jp>
>> +Signed-off-by: Rahul Chauhan <rahulchauhankitps@gmail.com>
>> +---
>> + lib/webrick/httpresponse.rb | 3 ++-
>> + test/webrick/test_httpresponse.rb | 46
>> +++++++++++++++++++++++++++++++++++++--
>> + 2 files changed, 46 insertions(+), 3 deletions(-)
>> +
>> +diff --git a/lib/webrick/httpresponse.rb b/lib/webrick/httpresponse.rb
>> +index 6d77692..d26324c 100644
>> +--- a/lib/webrick/httpresponse.rb
>> ++++ b/lib/webrick/httpresponse.rb
>> +@@ -367,7 +367,8 @@ def set_error(ex, backtrace=false)
>> + private
>> +
>> + def check_header(header_value)
>> +- if header_value =~ /\r\n/
>> ++ header_value = header_value.to_s
>> ++ if /[\r\n]/ =~ header_value
>> + raise InvalidHeader
>> + else
>> + header_value
>> +diff --git a/test/webrick/test_httpresponse.rb
>> b/test/webrick/test_httpresponse.rb
>> +index 6263e0a..24a6968 100644
>> +--- a/test/webrick/test_httpresponse.rb
>> ++++ b/test/webrick/test_httpresponse.rb
>> +@@ -29,7 +29,7 @@ def setup
>> + @res.keep_alive = true
>> + end
>> +
>> +- def test_prevent_response_splitting_headers
>> ++ def test_prevent_response_splitting_headers_crlf
>> + res['X-header'] = "malicious\r\nCookie: hack"
>> + io = StringIO.new
>> + res.send_response io
>> +@@ -39,7 +39,7 @@ def test_prevent_response_splitting_headers
>> + refute_match 'hack', io.string
>> + end
>> +
>> +- def test_prevent_response_splitting_cookie_headers
>> ++ def test_prevent_response_splitting_cookie_headers_crlf
>> + user_input = "malicious\r\nCookie: hack"
>> + res.cookies << WEBrick::Cookie.new('author', user_input)
>> + io = StringIO.new
>> +@@ -50,6 +50,48 @@ def test_prevent_response_splitting_cookie_headers
>> + refute_match 'hack', io.string
>> + end
>> +
>> ++ def test_prevent_response_splitting_headers_cr
>> ++ res['X-header'] = "malicious\rCookie: hack"
>> ++ io = StringIO.new
>> ++ res.send_response io
>> ++ io.rewind
>> ++ res = Net::HTTPResponse.read_new(Net::BufferedIO.new(io))
>> ++ assert_equal '500', res.code
>> ++ refute_match 'hack', io.string
>> ++ end
>> ++
>> ++ def test_prevent_response_splitting_cookie_headers_cr
>> ++ user_input = "malicious\rCookie: hack"
>> ++ res.cookies << WEBrick::Cookie.new('author', user_input)
>> ++ io = StringIO.new
>> ++ res.send_response io
>> ++ io.rewind
>> ++ res = Net::HTTPResponse.read_new(Net::BufferedIO.new(io))
>> ++ assert_equal '500', res.code
>> ++ refute_match 'hack', io.string
>> ++ end
>> ++
>> ++ def test_prevent_response_splitting_headers_lf
>> ++ res['X-header'] = "malicious\nCookie: hack"
>> ++ io = StringIO.new
>> ++ res.send_response io
>> ++ io.rewind
>> ++ res = Net::HTTPResponse.read_new(Net::BufferedIO.new(io))
>> ++ assert_equal '500', res.code
>> ++ refute_match 'hack', io.string
>> ++ end
>> ++
>> ++ def test_prevent_response_splitting_cookie_headers_lf
>> ++ user_input = "malicious\nCookie: hack"
>> ++ res.cookies << WEBrick::Cookie.new('author', user_input)
>> ++ io = StringIO.new
>> ++ res.send_response io
>> ++ io.rewind
>> ++ res = Net::HTTPResponse.read_new(Net::BufferedIO.new(io))
>> ++ assert_equal '500', res.code
>> ++ refute_match 'hack', io.string
>> ++ end
>> ++
>> + def test_304_does_not_log_warning
>> + res.status = 304
>> + res.setup_header
>> +--
>> +2.7.4
>> diff --git a/meta/recipes-devtools/ruby/ruby_2.5.5.bb
>> b/meta/recipes-devtools/ruby/ruby_2.5.5.bb
>> index 223b037..58bb97f 100644
>> --- a/meta/recipes-devtools/ruby/ruby_2.5.5.bb
>> +++ b/meta/recipes-devtools/ruby/ruby_2.5.5.bb
>> @@ -3,6 +3,7 @@ require ruby.inc
>> SRC_URI += " \
>>
>> file://0001-configure.ac-check-finite-isinf-isnan-as-macros-firs.patch \
>> file://run-ptest \
>> + file://fix-CVE-2019-16254.patch \
>> "
>>
>> SRC_URI[md5sum] = "7e156fb526b8f4bb1b30a3dd8a7ce400"
>> --
>> 2.7.4
>>
>> --
> _______________________________________________
> Openembedded-core mailing list
> Openembedded-core@lists.openembedded.org
> http://lists.openembedded.org/mailman/listinfo/openembedded-core
>
[-- Attachment #2: Type: text/html, Size: 8755 bytes --]
^ permalink raw reply [flat|nested] 7+ messages in thread
* Re: [PATCH] ruby: fix CVE-2019-16254
2020-02-11 13:16 ` Alexander Kanavin
@ 2020-02-11 13:27 ` rahul chauhan
2020-02-11 13:34 ` Alexander Kanavin
0 siblings, 1 reply; 7+ messages in thread
From: rahul chauhan @ 2020-02-11 13:27 UTC (permalink / raw)
To: Alexander Kanavin, openembedded-core
[-- Attachment #1: Type: text/plain, Size: 6788 bytes --]
Thanks Alexander,
For quick response,
should i resubmit this patch with --subject-prefix="zeus][PATCH"
or
should i submit the next patch version.
On Tue, Feb 11, 2020 at 6:45 PM Alexander Kanavin <alex.kanavin@gmail.com>
wrote:
> Yes. You should always specify the target branch in the subject if it is
> not for master.
>
> Alex
>
> On Tue, 11 Feb 2020 at 14:06, rahul chauhan <rahulchauhankitps@gmail.com>
> wrote:
>
>> Hi community members,
>>
>> This patch Fixes CVE-2019-16254 on zeus branch.
>> patch test failed, since I did not use --subject-prefix="zeus][PATCH" at
>> the time of patch submission to openembedded-core@lists.openembedded.org.
>>
>> should i resubmit this patch with --subject-prefix="zeus][PATCH"
>> or
>> can anyone guide me what should do next in this situation ?
>>
>> Thanks & Regards
>> Rahul Chauhan
>>
>> On Mon, Feb 10, 2020 at 11:47 PM Rahul Chauhan <
>> rahulchauhankitps@gmail.com> wrote:
>>
>>> Signed-off-by: Rahul Chauhan <rahulchauhankitps@gmail.com>
>>> ---
>>> .../ruby/ruby/fix-CVE-2019-16254.patch | 106
>>> +++++++++++++++++++++
>>> meta/recipes-devtools/ruby/ruby_2.5.5.bb | 1 +
>>> 2 files changed, 107 insertions(+)
>>> create mode 100644
>>> meta/recipes-devtools/ruby/ruby/fix-CVE-2019-16254.patch
>>>
>>> diff --git a/meta/recipes-devtools/ruby/ruby/fix-CVE-2019-16254.patch
>>> b/meta/recipes-devtools/ruby/ruby/fix-CVE-2019-16254.patch
>>> new file mode 100644
>>> index 0000000..704c850
>>> --- /dev/null
>>> +++ b/meta/recipes-devtools/ruby/ruby/fix-CVE-2019-16254.patch
>>> @@ -0,0 +1,106 @@
>>> +From 18d5289b4579822e391b3f5c16541e6552e9f06c Mon Sep 17 00:00:00 2001
>>> +From: Yusuke Endoh <mame@ruby-lang.org>
>>> +Date: Tue, 1 Oct 2019 12:29:18 +0900
>>> +Subject: [PATCH] WEBrick: prevent response splitting and header
>>> injection
>>> +
>>> +This is a follow up to d9d4a28f1cdd05a0e8dabb36d747d40bbcc30f16.
>>> +The commit prevented CRLR, but did not address an isolated CR or an
>>> +isolated LF.
>>> +
>>> +Upstream-Status: Backport
>>> https://github.com/ruby/ruby/commit/3ce238b5f9795581eb84114dcfbdf4aa086bfecc
>>> +CVE: CVE-2019-16254
>>> +
>>> +Co-Authored-By: NARUSE, Yui <naruse@airemix.jp>
>>> +Signed-off-by: Rahul Chauhan <rahulchauhankitps@gmail.com>
>>> +---
>>> + lib/webrick/httpresponse.rb | 3 ++-
>>> + test/webrick/test_httpresponse.rb | 46
>>> +++++++++++++++++++++++++++++++++++++--
>>> + 2 files changed, 46 insertions(+), 3 deletions(-)
>>> +
>>> +diff --git a/lib/webrick/httpresponse.rb b/lib/webrick/httpresponse.rb
>>> +index 6d77692..d26324c 100644
>>> +--- a/lib/webrick/httpresponse.rb
>>> ++++ b/lib/webrick/httpresponse.rb
>>> +@@ -367,7 +367,8 @@ def set_error(ex, backtrace=false)
>>> + private
>>> +
>>> + def check_header(header_value)
>>> +- if header_value =~ /\r\n/
>>> ++ header_value = header_value.to_s
>>> ++ if /[\r\n]/ =~ header_value
>>> + raise InvalidHeader
>>> + else
>>> + header_value
>>> +diff --git a/test/webrick/test_httpresponse.rb
>>> b/test/webrick/test_httpresponse.rb
>>> +index 6263e0a..24a6968 100644
>>> +--- a/test/webrick/test_httpresponse.rb
>>> ++++ b/test/webrick/test_httpresponse.rb
>>> +@@ -29,7 +29,7 @@ def setup
>>> + @res.keep_alive = true
>>> + end
>>> +
>>> +- def test_prevent_response_splitting_headers
>>> ++ def test_prevent_response_splitting_headers_crlf
>>> + res['X-header'] = "malicious\r\nCookie: hack"
>>> + io = StringIO.new
>>> + res.send_response io
>>> +@@ -39,7 +39,7 @@ def test_prevent_response_splitting_headers
>>> + refute_match 'hack', io.string
>>> + end
>>> +
>>> +- def test_prevent_response_splitting_cookie_headers
>>> ++ def test_prevent_response_splitting_cookie_headers_crlf
>>> + user_input = "malicious\r\nCookie: hack"
>>> + res.cookies << WEBrick::Cookie.new('author', user_input)
>>> + io = StringIO.new
>>> +@@ -50,6 +50,48 @@ def test_prevent_response_splitting_cookie_headers
>>> + refute_match 'hack', io.string
>>> + end
>>> +
>>> ++ def test_prevent_response_splitting_headers_cr
>>> ++ res['X-header'] = "malicious\rCookie: hack"
>>> ++ io = StringIO.new
>>> ++ res.send_response io
>>> ++ io.rewind
>>> ++ res = Net::HTTPResponse.read_new(Net::BufferedIO.new(io))
>>> ++ assert_equal '500', res.code
>>> ++ refute_match 'hack', io.string
>>> ++ end
>>> ++
>>> ++ def test_prevent_response_splitting_cookie_headers_cr
>>> ++ user_input = "malicious\rCookie: hack"
>>> ++ res.cookies << WEBrick::Cookie.new('author', user_input)
>>> ++ io = StringIO.new
>>> ++ res.send_response io
>>> ++ io.rewind
>>> ++ res = Net::HTTPResponse.read_new(Net::BufferedIO.new(io))
>>> ++ assert_equal '500', res.code
>>> ++ refute_match 'hack', io.string
>>> ++ end
>>> ++
>>> ++ def test_prevent_response_splitting_headers_lf
>>> ++ res['X-header'] = "malicious\nCookie: hack"
>>> ++ io = StringIO.new
>>> ++ res.send_response io
>>> ++ io.rewind
>>> ++ res = Net::HTTPResponse.read_new(Net::BufferedIO.new(io))
>>> ++ assert_equal '500', res.code
>>> ++ refute_match 'hack', io.string
>>> ++ end
>>> ++
>>> ++ def test_prevent_response_splitting_cookie_headers_lf
>>> ++ user_input = "malicious\nCookie: hack"
>>> ++ res.cookies << WEBrick::Cookie.new('author', user_input)
>>> ++ io = StringIO.new
>>> ++ res.send_response io
>>> ++ io.rewind
>>> ++ res = Net::HTTPResponse.read_new(Net::BufferedIO.new(io))
>>> ++ assert_equal '500', res.code
>>> ++ refute_match 'hack', io.string
>>> ++ end
>>> ++
>>> + def test_304_does_not_log_warning
>>> + res.status = 304
>>> + res.setup_header
>>> +--
>>> +2.7.4
>>> diff --git a/meta/recipes-devtools/ruby/ruby_2.5.5.bb
>>> b/meta/recipes-devtools/ruby/ruby_2.5.5.bb
>>> index 223b037..58bb97f 100644
>>> --- a/meta/recipes-devtools/ruby/ruby_2.5.5.bb
>>> +++ b/meta/recipes-devtools/ruby/ruby_2.5.5.bb
>>> @@ -3,6 +3,7 @@ require ruby.inc
>>> SRC_URI += " \
>>>
>>> file://0001-configure.ac-check-finite-isinf-isnan-as-macros-firs.patch \
>>> file://run-ptest \
>>> + file://fix-CVE-2019-16254.patch \
>>> "
>>>
>>> SRC_URI[md5sum] = "7e156fb526b8f4bb1b30a3dd8a7ce400"
>>> --
>>> 2.7.4
>>>
>>> --
>> _______________________________________________
>> Openembedded-core mailing list
>> Openembedded-core@lists.openembedded.org
>> http://lists.openembedded.org/mailman/listinfo/openembedded-core
>>
>
[-- Attachment #2: Type: text/html, Size: 9268 bytes --]
^ permalink raw reply [flat|nested] 7+ messages in thread
* Re: [PATCH] ruby: fix CVE-2019-16254
2020-02-11 13:27 ` rahul chauhan
@ 2020-02-11 13:34 ` Alexander Kanavin
2020-02-11 13:35 ` rahul chauhan
0 siblings, 1 reply; 7+ messages in thread
From: Alexander Kanavin @ 2020-02-11 13:34 UTC (permalink / raw)
To: rahul chauhan; +Cc: OE-core
[-- Attachment #1: Type: text/plain, Size: 7101 bytes --]
Either way is fine.
Alex
On Tue, 11 Feb 2020 at 14:28, rahul chauhan <rahulchauhankitps@gmail.com>
wrote:
> Thanks Alexander,
>
> For quick response,
> should i resubmit this patch with --subject-prefix="zeus][PATCH"
> or
> should i submit the next patch version.
>
> On Tue, Feb 11, 2020 at 6:45 PM Alexander Kanavin <alex.kanavin@gmail.com>
> wrote:
>
>> Yes. You should always specify the target branch in the subject if it is
>> not for master.
>>
>> Alex
>>
>> On Tue, 11 Feb 2020 at 14:06, rahul chauhan <rahulchauhankitps@gmail.com>
>> wrote:
>>
>>> Hi community members,
>>>
>>> This patch Fixes CVE-2019-16254 on zeus branch.
>>> patch test failed, since I did not use --subject-prefix="zeus][PATCH" at
>>> the time of patch submission to openembedded-core@lists.openembedded.org
>>> .
>>>
>>> should i resubmit this patch with --subject-prefix="zeus][PATCH"
>>> or
>>> can anyone guide me what should do next in this situation ?
>>>
>>> Thanks & Regards
>>> Rahul Chauhan
>>>
>>> On Mon, Feb 10, 2020 at 11:47 PM Rahul Chauhan <
>>> rahulchauhankitps@gmail.com> wrote:
>>>
>>>> Signed-off-by: Rahul Chauhan <rahulchauhankitps@gmail.com>
>>>> ---
>>>> .../ruby/ruby/fix-CVE-2019-16254.patch | 106
>>>> +++++++++++++++++++++
>>>> meta/recipes-devtools/ruby/ruby_2.5.5.bb | 1 +
>>>> 2 files changed, 107 insertions(+)
>>>> create mode 100644
>>>> meta/recipes-devtools/ruby/ruby/fix-CVE-2019-16254.patch
>>>>
>>>> diff --git a/meta/recipes-devtools/ruby/ruby/fix-CVE-2019-16254.patch
>>>> b/meta/recipes-devtools/ruby/ruby/fix-CVE-2019-16254.patch
>>>> new file mode 100644
>>>> index 0000000..704c850
>>>> --- /dev/null
>>>> +++ b/meta/recipes-devtools/ruby/ruby/fix-CVE-2019-16254.patch
>>>> @@ -0,0 +1,106 @@
>>>> +From 18d5289b4579822e391b3f5c16541e6552e9f06c Mon Sep 17 00:00:00 2001
>>>> +From: Yusuke Endoh <mame@ruby-lang.org>
>>>> +Date: Tue, 1 Oct 2019 12:29:18 +0900
>>>> +Subject: [PATCH] WEBrick: prevent response splitting and header
>>>> injection
>>>> +
>>>> +This is a follow up to d9d4a28f1cdd05a0e8dabb36d747d40bbcc30f16.
>>>> +The commit prevented CRLR, but did not address an isolated CR or an
>>>> +isolated LF.
>>>> +
>>>> +Upstream-Status: Backport
>>>> https://github.com/ruby/ruby/commit/3ce238b5f9795581eb84114dcfbdf4aa086bfecc
>>>> +CVE: CVE-2019-16254
>>>> +
>>>> +Co-Authored-By: NARUSE, Yui <naruse@airemix.jp>
>>>> +Signed-off-by: Rahul Chauhan <rahulchauhankitps@gmail.com>
>>>> +---
>>>> + lib/webrick/httpresponse.rb | 3 ++-
>>>> + test/webrick/test_httpresponse.rb | 46
>>>> +++++++++++++++++++++++++++++++++++++--
>>>> + 2 files changed, 46 insertions(+), 3 deletions(-)
>>>> +
>>>> +diff --git a/lib/webrick/httpresponse.rb b/lib/webrick/httpresponse.rb
>>>> +index 6d77692..d26324c 100644
>>>> +--- a/lib/webrick/httpresponse.rb
>>>> ++++ b/lib/webrick/httpresponse.rb
>>>> +@@ -367,7 +367,8 @@ def set_error(ex, backtrace=false)
>>>> + private
>>>> +
>>>> + def check_header(header_value)
>>>> +- if header_value =~ /\r\n/
>>>> ++ header_value = header_value.to_s
>>>> ++ if /[\r\n]/ =~ header_value
>>>> + raise InvalidHeader
>>>> + else
>>>> + header_value
>>>> +diff --git a/test/webrick/test_httpresponse.rb
>>>> b/test/webrick/test_httpresponse.rb
>>>> +index 6263e0a..24a6968 100644
>>>> +--- a/test/webrick/test_httpresponse.rb
>>>> ++++ b/test/webrick/test_httpresponse.rb
>>>> +@@ -29,7 +29,7 @@ def setup
>>>> + @res.keep_alive = true
>>>> + end
>>>> +
>>>> +- def test_prevent_response_splitting_headers
>>>> ++ def test_prevent_response_splitting_headers_crlf
>>>> + res['X-header'] = "malicious\r\nCookie: hack"
>>>> + io = StringIO.new
>>>> + res.send_response io
>>>> +@@ -39,7 +39,7 @@ def test_prevent_response_splitting_headers
>>>> + refute_match 'hack', io.string
>>>> + end
>>>> +
>>>> +- def test_prevent_response_splitting_cookie_headers
>>>> ++ def test_prevent_response_splitting_cookie_headers_crlf
>>>> + user_input = "malicious\r\nCookie: hack"
>>>> + res.cookies << WEBrick::Cookie.new('author', user_input)
>>>> + io = StringIO.new
>>>> +@@ -50,6 +50,48 @@ def test_prevent_response_splitting_cookie_headers
>>>> + refute_match 'hack', io.string
>>>> + end
>>>> +
>>>> ++ def test_prevent_response_splitting_headers_cr
>>>> ++ res['X-header'] = "malicious\rCookie: hack"
>>>> ++ io = StringIO.new
>>>> ++ res.send_response io
>>>> ++ io.rewind
>>>> ++ res = Net::HTTPResponse.read_new(Net::BufferedIO.new(io))
>>>> ++ assert_equal '500', res.code
>>>> ++ refute_match 'hack', io.string
>>>> ++ end
>>>> ++
>>>> ++ def test_prevent_response_splitting_cookie_headers_cr
>>>> ++ user_input = "malicious\rCookie: hack"
>>>> ++ res.cookies << WEBrick::Cookie.new('author', user_input)
>>>> ++ io = StringIO.new
>>>> ++ res.send_response io
>>>> ++ io.rewind
>>>> ++ res = Net::HTTPResponse.read_new(Net::BufferedIO.new(io))
>>>> ++ assert_equal '500', res.code
>>>> ++ refute_match 'hack', io.string
>>>> ++ end
>>>> ++
>>>> ++ def test_prevent_response_splitting_headers_lf
>>>> ++ res['X-header'] = "malicious\nCookie: hack"
>>>> ++ io = StringIO.new
>>>> ++ res.send_response io
>>>> ++ io.rewind
>>>> ++ res = Net::HTTPResponse.read_new(Net::BufferedIO.new(io))
>>>> ++ assert_equal '500', res.code
>>>> ++ refute_match 'hack', io.string
>>>> ++ end
>>>> ++
>>>> ++ def test_prevent_response_splitting_cookie_headers_lf
>>>> ++ user_input = "malicious\nCookie: hack"
>>>> ++ res.cookies << WEBrick::Cookie.new('author', user_input)
>>>> ++ io = StringIO.new
>>>> ++ res.send_response io
>>>> ++ io.rewind
>>>> ++ res = Net::HTTPResponse.read_new(Net::BufferedIO.new(io))
>>>> ++ assert_equal '500', res.code
>>>> ++ refute_match 'hack', io.string
>>>> ++ end
>>>> ++
>>>> + def test_304_does_not_log_warning
>>>> + res.status = 304
>>>> + res.setup_header
>>>> +--
>>>> +2.7.4
>>>> diff --git a/meta/recipes-devtools/ruby/ruby_2.5.5.bb
>>>> b/meta/recipes-devtools/ruby/ruby_2.5.5.bb
>>>> index 223b037..58bb97f 100644
>>>> --- a/meta/recipes-devtools/ruby/ruby_2.5.5.bb
>>>> +++ b/meta/recipes-devtools/ruby/ruby_2.5.5.bb
>>>> @@ -3,6 +3,7 @@ require ruby.inc
>>>> SRC_URI += " \
>>>>
>>>> file://0001-configure.ac-check-finite-isinf-isnan-as-macros-firs.patch \
>>>> file://run-ptest \
>>>> + file://fix-CVE-2019-16254.patch \
>>>> "
>>>>
>>>> SRC_URI[md5sum] = "7e156fb526b8f4bb1b30a3dd8a7ce400"
>>>> --
>>>> 2.7.4
>>>>
>>>> --
>>> _______________________________________________
>>> Openembedded-core mailing list
>>> Openembedded-core@lists.openembedded.org
>>> http://lists.openembedded.org/mailman/listinfo/openembedded-core
>>>
>>
[-- Attachment #2: Type: text/html, Size: 9872 bytes --]
^ permalink raw reply [flat|nested] 7+ messages in thread
* Re: [PATCH] ruby: fix CVE-2019-16254
2020-02-11 13:34 ` Alexander Kanavin
@ 2020-02-11 13:35 ` rahul chauhan
0 siblings, 0 replies; 7+ messages in thread
From: rahul chauhan @ 2020-02-11 13:35 UTC (permalink / raw)
To: Alexander Kanavin; +Cc: OE-core
[-- Attachment #1: Type: text/plain, Size: 7397 bytes --]
Ok, thanks.
On Tue, Feb 11, 2020 at 7:04 PM Alexander Kanavin <alex.kanavin@gmail.com>
wrote:
> Either way is fine.
>
> Alex
>
> On Tue, 11 Feb 2020 at 14:28, rahul chauhan <rahulchauhankitps@gmail.com>
> wrote:
>
>> Thanks Alexander,
>>
>> For quick response,
>> should i resubmit this patch with --subject-prefix="zeus][PATCH"
>> or
>> should i submit the next patch version.
>>
>> On Tue, Feb 11, 2020 at 6:45 PM Alexander Kanavin <alex.kanavin@gmail.com>
>> wrote:
>>
>>> Yes. You should always specify the target branch in the subject if it is
>>> not for master.
>>>
>>> Alex
>>>
>>> On Tue, 11 Feb 2020 at 14:06, rahul chauhan <rahulchauhankitps@gmail.com>
>>> wrote:
>>>
>>>> Hi community members,
>>>>
>>>> This patch Fixes CVE-2019-16254 on zeus branch.
>>>> patch test failed, since I did not use --subject-prefix="zeus][PATCH"
>>>> at the time of patch submission to
>>>> openembedded-core@lists.openembedded.org.
>>>>
>>>> should i resubmit this patch with --subject-prefix="zeus][PATCH"
>>>> or
>>>> can anyone guide me what should do next in this situation ?
>>>>
>>>> Thanks & Regards
>>>> Rahul Chauhan
>>>>
>>>> On Mon, Feb 10, 2020 at 11:47 PM Rahul Chauhan <
>>>> rahulchauhankitps@gmail.com> wrote:
>>>>
>>>>> Signed-off-by: Rahul Chauhan <rahulchauhankitps@gmail.com>
>>>>> ---
>>>>> .../ruby/ruby/fix-CVE-2019-16254.patch | 106
>>>>> +++++++++++++++++++++
>>>>> meta/recipes-devtools/ruby/ruby_2.5.5.bb | 1 +
>>>>> 2 files changed, 107 insertions(+)
>>>>> create mode 100644
>>>>> meta/recipes-devtools/ruby/ruby/fix-CVE-2019-16254.patch
>>>>>
>>>>> diff --git a/meta/recipes-devtools/ruby/ruby/fix-CVE-2019-16254.patch
>>>>> b/meta/recipes-devtools/ruby/ruby/fix-CVE-2019-16254.patch
>>>>> new file mode 100644
>>>>> index 0000000..704c850
>>>>> --- /dev/null
>>>>> +++ b/meta/recipes-devtools/ruby/ruby/fix-CVE-2019-16254.patch
>>>>> @@ -0,0 +1,106 @@
>>>>> +From 18d5289b4579822e391b3f5c16541e6552e9f06c Mon Sep 17 00:00:00 2001
>>>>> +From: Yusuke Endoh <mame@ruby-lang.org>
>>>>> +Date: Tue, 1 Oct 2019 12:29:18 +0900
>>>>> +Subject: [PATCH] WEBrick: prevent response splitting and header
>>>>> injection
>>>>> +
>>>>> +This is a follow up to d9d4a28f1cdd05a0e8dabb36d747d40bbcc30f16.
>>>>> +The commit prevented CRLR, but did not address an isolated CR or an
>>>>> +isolated LF.
>>>>> +
>>>>> +Upstream-Status: Backport
>>>>> https://github.com/ruby/ruby/commit/3ce238b5f9795581eb84114dcfbdf4aa086bfecc
>>>>> +CVE: CVE-2019-16254
>>>>> +
>>>>> +Co-Authored-By: NARUSE, Yui <naruse@airemix.jp>
>>>>> +Signed-off-by: Rahul Chauhan <rahulchauhankitps@gmail.com>
>>>>> +---
>>>>> + lib/webrick/httpresponse.rb | 3 ++-
>>>>> + test/webrick/test_httpresponse.rb | 46
>>>>> +++++++++++++++++++++++++++++++++++++--
>>>>> + 2 files changed, 46 insertions(+), 3 deletions(-)
>>>>> +
>>>>> +diff --git a/lib/webrick/httpresponse.rb b/lib/webrick/httpresponse.rb
>>>>> +index 6d77692..d26324c 100644
>>>>> +--- a/lib/webrick/httpresponse.rb
>>>>> ++++ b/lib/webrick/httpresponse.rb
>>>>> +@@ -367,7 +367,8 @@ def set_error(ex, backtrace=false)
>>>>> + private
>>>>> +
>>>>> + def check_header(header_value)
>>>>> +- if header_value =~ /\r\n/
>>>>> ++ header_value = header_value.to_s
>>>>> ++ if /[\r\n]/ =~ header_value
>>>>> + raise InvalidHeader
>>>>> + else
>>>>> + header_value
>>>>> +diff --git a/test/webrick/test_httpresponse.rb
>>>>> b/test/webrick/test_httpresponse.rb
>>>>> +index 6263e0a..24a6968 100644
>>>>> +--- a/test/webrick/test_httpresponse.rb
>>>>> ++++ b/test/webrick/test_httpresponse.rb
>>>>> +@@ -29,7 +29,7 @@ def setup
>>>>> + @res.keep_alive = true
>>>>> + end
>>>>> +
>>>>> +- def test_prevent_response_splitting_headers
>>>>> ++ def test_prevent_response_splitting_headers_crlf
>>>>> + res['X-header'] = "malicious\r\nCookie: hack"
>>>>> + io = StringIO.new
>>>>> + res.send_response io
>>>>> +@@ -39,7 +39,7 @@ def test_prevent_response_splitting_headers
>>>>> + refute_match 'hack', io.string
>>>>> + end
>>>>> +
>>>>> +- def test_prevent_response_splitting_cookie_headers
>>>>> ++ def test_prevent_response_splitting_cookie_headers_crlf
>>>>> + user_input = "malicious\r\nCookie: hack"
>>>>> + res.cookies << WEBrick::Cookie.new('author', user_input)
>>>>> + io = StringIO.new
>>>>> +@@ -50,6 +50,48 @@ def test_prevent_response_splitting_cookie_headers
>>>>> + refute_match 'hack', io.string
>>>>> + end
>>>>> +
>>>>> ++ def test_prevent_response_splitting_headers_cr
>>>>> ++ res['X-header'] = "malicious\rCookie: hack"
>>>>> ++ io = StringIO.new
>>>>> ++ res.send_response io
>>>>> ++ io.rewind
>>>>> ++ res = Net::HTTPResponse.read_new(Net::BufferedIO.new(io))
>>>>> ++ assert_equal '500', res.code
>>>>> ++ refute_match 'hack', io.string
>>>>> ++ end
>>>>> ++
>>>>> ++ def test_prevent_response_splitting_cookie_headers_cr
>>>>> ++ user_input = "malicious\rCookie: hack"
>>>>> ++ res.cookies << WEBrick::Cookie.new('author', user_input)
>>>>> ++ io = StringIO.new
>>>>> ++ res.send_response io
>>>>> ++ io.rewind
>>>>> ++ res = Net::HTTPResponse.read_new(Net::BufferedIO.new(io))
>>>>> ++ assert_equal '500', res.code
>>>>> ++ refute_match 'hack', io.string
>>>>> ++ end
>>>>> ++
>>>>> ++ def test_prevent_response_splitting_headers_lf
>>>>> ++ res['X-header'] = "malicious\nCookie: hack"
>>>>> ++ io = StringIO.new
>>>>> ++ res.send_response io
>>>>> ++ io.rewind
>>>>> ++ res = Net::HTTPResponse.read_new(Net::BufferedIO.new(io))
>>>>> ++ assert_equal '500', res.code
>>>>> ++ refute_match 'hack', io.string
>>>>> ++ end
>>>>> ++
>>>>> ++ def test_prevent_response_splitting_cookie_headers_lf
>>>>> ++ user_input = "malicious\nCookie: hack"
>>>>> ++ res.cookies << WEBrick::Cookie.new('author', user_input)
>>>>> ++ io = StringIO.new
>>>>> ++ res.send_response io
>>>>> ++ io.rewind
>>>>> ++ res = Net::HTTPResponse.read_new(Net::BufferedIO.new(io))
>>>>> ++ assert_equal '500', res.code
>>>>> ++ refute_match 'hack', io.string
>>>>> ++ end
>>>>> ++
>>>>> + def test_304_does_not_log_warning
>>>>> + res.status = 304
>>>>> + res.setup_header
>>>>> +--
>>>>> +2.7.4
>>>>> diff --git a/meta/recipes-devtools/ruby/ruby_2.5.5.bb
>>>>> b/meta/recipes-devtools/ruby/ruby_2.5.5.bb
>>>>> index 223b037..58bb97f 100644
>>>>> --- a/meta/recipes-devtools/ruby/ruby_2.5.5.bb
>>>>> +++ b/meta/recipes-devtools/ruby/ruby_2.5.5.bb
>>>>> @@ -3,6 +3,7 @@ require ruby.inc
>>>>> SRC_URI += " \
>>>>>
>>>>> file://0001-configure.ac-check-finite-isinf-isnan-as-macros-firs.patch \
>>>>> file://run-ptest \
>>>>> + file://fix-CVE-2019-16254.patch \
>>>>> "
>>>>>
>>>>> SRC_URI[md5sum] = "7e156fb526b8f4bb1b30a3dd8a7ce400"
>>>>> --
>>>>> 2.7.4
>>>>>
>>>>> --
>>>> _______________________________________________
>>>> Openembedded-core mailing list
>>>> Openembedded-core@lists.openembedded.org
>>>> http://lists.openembedded.org/mailman/listinfo/openembedded-core
>>>>
>>>
[-- Attachment #2: Type: text/html, Size: 10103 bytes --]
^ permalink raw reply [flat|nested] 7+ messages in thread
end of thread, other threads:[~2020-02-11 13:35 UTC | newest]
Thread overview: 7+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2020-02-10 18:16 [PATCH] ruby: fix CVE-2019-16254 Rahul Chauhan
2020-02-10 18:32 ` ✗ patchtest: failure for " Patchwork
2020-02-11 13:06 ` [PATCH] " rahul chauhan
2020-02-11 13:16 ` Alexander Kanavin
2020-02-11 13:27 ` rahul chauhan
2020-02-11 13:34 ` Alexander Kanavin
2020-02-11 13:35 ` rahul chauhan
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.