File CVE-2021-31810.patch of Package ruby2.1.36279

Overview Repositories Revisions Requests Users Attributes Meta

File CVE-2021-31810.patch of Package ruby2.1.36279

From 150c08d5e4bc2823be9d85e2f1d5fcc96cffe1ca Mon Sep 17 00:00:00 2001
From: Ali Abdallah <ali.abdallah@suse.com>
Date: Wed, 6 Oct 2021 17:24:49 +0200
Subject: [PATCH 1/4] Backport upstream fix for CVE-2021-31810

backport upstream commit 3ca1399150ed4eacfd2fe1ee251b966f8d1ee469

[PATCH] Ignore IP addresses in PASV responses by default, and add new
 option use_pasv_ip

This fixes CVE-2021-81810.
Reported by Alexandr Savca.

Co-authored-by: Shugo Maeda <shugo@ruby-lang.org>
---
 lib/net/ftp.rb           | 12 +++++++++++-
 test/net/ftp/test_ftp.rb |  8 ++++++++
 2 files changed, 19 insertions(+), 1 deletion(-)

diff --git a/lib/net/ftp.rb b/lib/net/ftp.rb
index c0b73c9d1e..fc425810d3 100644
--- a/lib/net/ftp.rb
+++ b/lib/net/ftp.rb
@@ -86,6 +86,10 @@ module Net
     # When +true+, the connection is in passive mode.  Default: +false+.
     attr_accessor :passive
 
+    # When +true+, use the IP address in PASV responses.  Otherwise, it uses
+    # the same IP address for the control connection.  Default: +false+.
+    attr_accessor :use_pasv_ip
+
     # When +true+, all traffic to and from the server is written
     # to +$stdout+.  Default: +false+.
     attr_accessor :debug_mode
@@ -155,6 +159,7 @@ module Net
       @sock = NullSocket.new
       @logged_in = false
       @open_timeout = nil
+      @use_pasv_ip = false
       @read_timeout = 60
       if host
         connect(host)
@@ -976,7 +981,12 @@ module Net
         raise FTPReplyError, resp
       end
       if m = /$(?<host>\d+(,\d+){3}),(?<port>\d+,\d+)$/.match(resp)
-        return parse_pasv_ipv4_host(m["host"]), parse_pasv_port(m["port"])
+        if @use_pasv_ip
+          host = parse_pasv_ipv4_host(m["host"])
+        else
+          host = @sock.peeraddr[3]
+        end
+        return host, parse_pasv_port(m["port"])
       else
         raise FTPProtoError, resp
       end
diff --git a/test/net/ftp/test_ftp.rb b/test/net/ftp/test_ftp.rb
index 3b7aabebcb..71471ef416 100644
--- a/test/net/ftp/test_ftp.rb
+++ b/test/net/ftp/test_ftp.rb
@@ -47,6 +47,7 @@ class FTPTest < Test::Unit::TestCase
 
   def test_parse227
     ftp = Net::FTP.new
+    ftp.use_pasv_ip = true
     host, port = ftp.send(:parse227, "227 Entering Passive Mode (192,168,0,1,12,34)")
     assert_equal("192.168.0.1", host)
     assert_equal(3106, port)
@@ -65,6 +66,13 @@ class FTPTest < Test::Unit::TestCase
     assert_raise(Net::FTPProtoError) do
       ftp.send(:parse227, "227 ) foo bar (")
     end
+
+    ftp = Net::FTP.new
+    sock = OpenStruct.new
+    sock.peeraddr = [nil, nil, nil, "10.0.0.1"]
+    ftp.instance_variable_set(:@sock, sock)
+    host, port = ftp.send(:parse227, "227 Entering Passive Mode (192,168,0,1,12,34)")
+    assert_equal("10.0.0.1", host)
   end
 
   def test_parse228
-- 
2.32.0

Places

File CVE-2021-31810.patch of Package ruby2.1.36279

Places