[Git][java-team/netty][buster] 9 commits: Add patches
Markus Koschany (@apo)
gitlab at salsa.debian.org
Wed Jan 11 21:53:10 GMT 2023
Markus Koschany pushed to branch buster at Debian Java Maintainers / netty
Commits:
1ebd590a by Markus Koschany at 2023-01-02T09:42:22+01:00
Add patches
- - - - -
85618c01 by Markus Koschany at 2023-01-02T09:43:06+01:00
Refresh the patches
- - - - -
4761cdad by Markus Koschany at 2023-01-02T09:43:42+01:00
Remove CVE-2021-43797.patch
- - - - -
8d97834c by Markus Koschany at 2023-01-02T09:55:04+01:00
Remove 2022 CVE patches
- - - - -
2ad1a10b by Markus Koschany at 2023-01-10T23:40:57+01:00
add patches
- - - - -
ed973871 by Markus Koschany at 2023-01-10T23:41:33+01:00
Update changelog
- - - - -
629d543f by Markus Koschany at 2023-01-11T22:06:09+01:00
Update changelog
- - - - -
8c2ee800 by Markus Koschany at 2023-01-11T22:25:32+01:00
Update patch headers
- - - - -
95a58605 by Markus Koschany at 2023-01-11T22:37:54+01:00
Update CVE-2022-41915.patch
- - - - -
19 changed files:
- debian/changelog
- debian/patches/01-ignore-npn.patch
- debian/patches/07-netty-all-epoll-dependency.patch
- debian/patches/08-codegen-without-groovy-plugin.patch
- debian/patches/13-ignore-conscrypt.patch
- debian/patches/CVE-2019-20444.patch
- debian/patches/CVE-2019-20445_1.patch
- debian/patches/CVE-2019-20445_2.patch
- debian/patches/CVE-2019-20445_3.patch
- debian/patches/CVE-2020-11612.patch
- debian/patches/CVE-2021-21290.patch
- debian/patches/CVE-2021-21295.patch
- debian/patches/CVE-2021-21409.patch
- + debian/patches/CVE-2021-37136.patch
- + debian/patches/CVE-2021-37137.patch
- + debian/patches/CVE-2021-43797.patch
- + debian/patches/CVE-2022-41881.patch
- + debian/patches/CVE-2022-41915.patch
- debian/patches/series
Changes:
=====================================
debian/changelog
=====================================
@@ -1,3 +1,14 @@
+netty (1:4.1.33-1+deb10u3) buster-security; urgency=high
+
+ * Team upload.
+ * Fix CVE-2021-37136, CVE-2021-37137, CVE-2021-43797, CVE-2022-41881 and
+ CVE-2022-41915. Several out-of-memory, stack overflow or HTTP request
+ smuggling vulnerabilities have been discovered in Netty which may allow
+ attackers to cause a denial of service or bypass restrictions when used as
+ a proxy.
+
+ -- Markus Koschany <apo at debian.org> Tue, 10 Jan 2023 23:41:29 +0100
+
netty (1:4.1.33-1+deb10u2) buster-security; urgency=high
* Team upload.
=====================================
debian/patches/01-ignore-npn.patch
=====================================
@@ -45,7 +45,7 @@ Forwarded: not-needed
--- a/handler/src/main/java/io/netty/handler/ssl/JdkSslContext.java
+++ b/handler/src/main/java/io/netty/handler/ssl/JdkSslContext.java
-@@ -383,6 +383,7 @@
+@@ -383,6 +383,7 @@ public class JdkSslContext extends SslCo
switch(config.protocol()) {
case NONE:
return JdkDefaultApplicationProtocolNegotiator.INSTANCE;
@@ -53,7 +53,7 @@ Forwarded: not-needed
case ALPN:
if (isServer) {
switch(config.selectorFailureBehavior()) {
-@@ -427,6 +428,7 @@
+@@ -427,6 +428,7 @@ public class JdkSslContext extends SslCo
.append(config.selectorFailureBehavior()).append(" failure behavior").toString());
}
}
=====================================
debian/patches/07-netty-all-epoll-dependency.patch
=====================================
@@ -7,7 +7,7 @@ Forwarded: not-needed
@@ -91,28 +91,6 @@
</dependencies>
</profile>
-
+
- <!-- The linux profile will only include the native jar for epol to the all jar.
- If you want to also include the native jar for kqueue use -Puber.
- -->
=====================================
debian/patches/08-codegen-without-groovy-plugin.patch
=====================================
@@ -15,7 +15,7 @@ Forwarded: not-needed
templateDirs.eachWithIndex { templateDir, i ->
convertSources templateDir, outputDirs[i]
-@@ -26,6 +26,7 @@
+@@ -26,6 +26,7 @@ void convertTemplates(String templateDir
def replaceFrom = "(^.*)K([^.]+)\\.template\$"
def replaceTo = "\\1" + keyName + "\\2.java"
def hashCodeFn = keyPrimitive.equals("long") ? "(int) (key ^ (key >>> 32))" : "(int) key"
=====================================
debian/patches/13-ignore-conscrypt.patch
=====================================
@@ -13,7 +13,7 @@ Forwarded: not-needed
</plugin>
--- a/handler/src/main/java/io/netty/handler/ssl/SslHandler.java
+++ b/handler/src/main/java/io/netty/handler/ssl/SslHandler.java
-@@ -243,48 +243,6 @@
+@@ -243,48 +243,6 @@ public class SslHandler extends ByteToMe
return ((ReferenceCountedOpenSslEngine) engine).jdkCompatibilityMode;
}
},
@@ -62,7 +62,7 @@ Forwarded: not-needed
JDK(false, MERGE_CUMULATOR) {
@Override
SSLEngineResult unwrap(SslHandler handler, ByteBuf in, int readerIndex, int len, ByteBuf out)
-@@ -330,8 +288,7 @@
+@@ -330,8 +288,7 @@ public class SslHandler extends ByteToMe
};
static SslEngineType forEngine(SSLEngine engine) {
@@ -74,7 +74,7 @@ Forwarded: not-needed
SslEngineType(boolean wantsDirectBuffer, Cumulator cumulator) {
--- a/handler/src/main/java/io/netty/handler/ssl/JdkAlpnApplicationProtocolNegotiator.java
+++ b/handler/src/main/java/io/netty/handler/ssl/JdkAlpnApplicationProtocolNegotiator.java
-@@ -27,7 +27,7 @@
+@@ -27,7 +27,7 @@ import javax.net.ssl.SSLEngine;
*/
@Deprecated
public final class JdkAlpnApplicationProtocolNegotiator extends JdkBaseApplicationProtocolNegotiator {
=====================================
debian/patches/CVE-2019-20444.patch
=====================================
@@ -9,11 +9,9 @@ Origin: https://github.com/netty/netty/commit/a7c18d44b46e02dadfe3da225a06e5091f
.../netty/handler/codec/http/HttpRequestDecoderTest.java | 16 ++++++++++++++++
2 files changed, 21 insertions(+)
-diff --git a/codec-http/src/main/java/io/netty/handler/codec/http/HttpObjectDecoder.java b/codec-http/src/main/java/io/netty/handler/codec/http/HttpObjectDecoder.java
-index 2e940d2..d3f5b79 100644
--- a/codec-http/src/main/java/io/netty/handler/codec/http/HttpObjectDecoder.java
+++ b/codec-http/src/main/java/io/netty/handler/codec/http/HttpObjectDecoder.java
-@@ -755,6 +755,11 @@ public abstract class HttpObjectDecoder extends ByteToMessageDecoder {
+@@ -755,6 +755,11 @@ public abstract class HttpObjectDecoder
}
}
@@ -25,8 +23,6 @@ index 2e940d2..d3f5b79 100644
for (colonEnd = nameEnd; colonEnd < length; colonEnd ++) {
if (sb.charAt(colonEnd) == ':') {
colonEnd ++;
-diff --git a/codec-http/src/test/java/io/netty/handler/codec/http/HttpRequestDecoderTest.java b/codec-http/src/test/java/io/netty/handler/codec/http/HttpRequestDecoderTest.java
-index 2b2d0cc..414a033 100644
--- a/codec-http/src/test/java/io/netty/handler/codec/http/HttpRequestDecoderTest.java
+++ b/codec-http/src/test/java/io/netty/handler/codec/http/HttpRequestDecoderTest.java
@@ -334,4 +334,20 @@ public class HttpRequestDecoderTest {
=====================================
debian/patches/CVE-2019-20445_1.patch
=====================================
@@ -11,11 +11,9 @@ Origin: https://github.com/netty/netty/commit/8494b046ec7e4f28dbd44bc699cc4c4c92
.../handler/codec/http/HttpRequestDecoderTest.java | 64 +++++++++++++++++++---
2 files changed, 99 insertions(+), 15 deletions(-)
-diff --git a/codec-http/src/main/java/io/netty/handler/codec/http/HttpObjectDecoder.java b/codec-http/src/main/java/io/netty/handler/codec/http/HttpObjectDecoder.java
-index d3f5b79..0a9ea14 100644
--- a/codec-http/src/main/java/io/netty/handler/codec/http/HttpObjectDecoder.java
+++ b/codec-http/src/main/java/io/netty/handler/codec/http/HttpObjectDecoder.java
-@@ -609,23 +609,61 @@ public abstract class HttpObjectDecoder extends ByteToMessageDecoder {
+@@ -609,23 +609,61 @@ public abstract class HttpObjectDecoder
if (name != null) {
headers.add(name, value);
}
@@ -83,8 +81,6 @@ index d3f5b79..0a9ea14 100644
}
private long contentLength() {
-diff --git a/codec-http/src/test/java/io/netty/handler/codec/http/HttpRequestDecoderTest.java b/codec-http/src/test/java/io/netty/handler/codec/http/HttpRequestDecoderTest.java
-index 414a033..717b580 100644
--- a/codec-http/src/test/java/io/netty/handler/codec/http/HttpRequestDecoderTest.java
+++ b/codec-http/src/test/java/io/netty/handler/codec/http/HttpRequestDecoderTest.java
@@ -323,29 +323,75 @@ public class HttpRequestDecoderTest {
=====================================
debian/patches/CVE-2019-20445_2.patch
=====================================
@@ -8,11 +8,9 @@ Origin: https://github.com/netty/netty/commit/629034624626b722128e0fcc6b3ec9d406
.../handler/codec/http/HttpRequestDecoderTest.java | 10 +++++-
2 files changed, 36 insertions(+), 16 deletions(-)
-diff --git a/codec-http/src/main/java/io/netty/handler/codec/http/HttpObjectDecoder.java b/codec-http/src/main/java/io/netty/handler/codec/http/HttpObjectDecoder.java
-index 0a9ea14..f81880c 100644
--- a/codec-http/src/main/java/io/netty/handler/codec/http/HttpObjectDecoder.java
+++ b/codec-http/src/main/java/io/netty/handler/codec/http/HttpObjectDecoder.java
-@@ -641,23 +641,9 @@ public abstract class HttpObjectDecoder extends ByteToMessageDecoder {
+@@ -641,23 +641,9 @@ public abstract class HttpObjectDecoder
HttpUtil.setTransferEncodingChunked(message, false);
return State.SKIP_CONTROL_CHARS;
} else if (HttpUtil.isTransferEncodingChunked(message)) {
@@ -37,7 +35,7 @@ index 0a9ea14..f81880c 100644
return State.READ_CHUNK_SIZE;
} else if (contentLength() >= 0) {
return State.READ_FIXED_LENGTH_CONTENT;
-@@ -666,6 +652,32 @@ public abstract class HttpObjectDecoder extends ByteToMessageDecoder {
+@@ -666,6 +652,32 @@ public abstract class HttpObjectDecoder
}
}
@@ -70,8 +68,6 @@ index 0a9ea14..f81880c 100644
private long contentLength() {
if (contentLength == Long.MIN_VALUE) {
contentLength = HttpUtil.getContentLength(message, -1L);
-diff --git a/codec-http/src/test/java/io/netty/handler/codec/http/HttpRequestDecoderTest.java b/codec-http/src/test/java/io/netty/handler/codec/http/HttpRequestDecoderTest.java
-index 717b580..5aa6fec 100644
--- a/codec-http/src/test/java/io/netty/handler/codec/http/HttpRequestDecoderTest.java
+++ b/codec-http/src/test/java/io/netty/handler/codec/http/HttpRequestDecoderTest.java
@@ -385,7 +385,15 @@ public class HttpRequestDecoderTest {
=====================================
debian/patches/CVE-2019-20445_3.patch
=====================================
@@ -7,8 +7,6 @@ Origin: https://github.com/netty/netty/commit/5f68897880467c00f29495b0aa46ed19bf
.../handler/codec/http/HttpRequestDecoderTest.java | 25 +++++++++++++++++++++-
1 file changed, 24 insertions(+), 1 deletion(-)
-diff --git a/codec-http/src/test/java/io/netty/handler/codec/http/HttpRequestDecoderTest.java b/codec-http/src/test/java/io/netty/handler/codec/http/HttpRequestDecoderTest.java
-index 5aa6fec..9a8912f 100644
--- a/codec-http/src/test/java/io/netty/handler/codec/http/HttpRequestDecoderTest.java
+++ b/codec-http/src/test/java/io/netty/handler/codec/http/HttpRequestDecoderTest.java
@@ -325,7 +325,30 @@ public class HttpRequestDecoderTest {
=====================================
debian/patches/CVE-2020-11612.patch
=====================================
@@ -14,11 +14,9 @@ Origin: https://github.com/netty/netty/commit/1543218d3e7afcb33a90b728b14370395a
.../netty/handler/codec/compression/ZlibTest.java | 57 +++++++++++++++++-
8 files changed, 247 insertions(+), 21 deletions(-)
-diff --git a/codec/src/main/java/io/netty/handler/codec/compression/JZlibDecoder.java b/codec/src/main/java/io/netty/handler/codec/compression/JZlibDecoder.java
-index 5d23bb8..ab01e56 100644
--- a/codec/src/main/java/io/netty/handler/codec/compression/JZlibDecoder.java
+++ b/codec/src/main/java/io/netty/handler/codec/compression/JZlibDecoder.java
-@@ -18,6 +18,7 @@ package io.netty.handler.codec.compression;
+@@ -18,6 +18,7 @@ package io.netty.handler.codec.compressi
import com.jcraft.jzlib.Inflater;
import com.jcraft.jzlib.JZlib;
import io.netty.buffer.ByteBuf;
@@ -26,7 +24,7 @@ index 5d23bb8..ab01e56 100644
import io.netty.channel.ChannelHandlerContext;
import java.util.List;
-@@ -34,7 +35,21 @@ public class JZlibDecoder extends ZlibDecoder {
+@@ -34,7 +35,21 @@ public class JZlibDecoder extends ZlibDe
* @throws DecompressionException if failed to initialize zlib
*/
public JZlibDecoder() {
@@ -49,7 +47,7 @@ index 5d23bb8..ab01e56 100644
}
/**
-@@ -43,6 +58,21 @@ public class JZlibDecoder extends ZlibDecoder {
+@@ -43,6 +58,21 @@ public class JZlibDecoder extends ZlibDe
* @throws DecompressionException if failed to initialize zlib
*/
public JZlibDecoder(ZlibWrapper wrapper) {
@@ -71,7 +69,7 @@ index 5d23bb8..ab01e56 100644
if (wrapper == null) {
throw new NullPointerException("wrapper");
}
-@@ -53,7 +83,7 @@ public class JZlibDecoder extends ZlibDecoder {
+@@ -53,7 +83,7 @@ public class JZlibDecoder extends ZlibDe
}
}
@@ -80,7 +78,7 @@ index 5d23bb8..ab01e56 100644
* Creates a new instance with the specified preset dictionary. The wrapper
* is always {@link ZlibWrapper#ZLIB} because it is the only format that
* supports the preset dictionary.
-@@ -61,6 +91,23 @@ public class JZlibDecoder extends ZlibDecoder {
+@@ -61,6 +91,23 @@ public class JZlibDecoder extends ZlibDe
* @throws DecompressionException if failed to initialize zlib
*/
public JZlibDecoder(byte[] dictionary) {
@@ -104,7 +102,7 @@ index 5d23bb8..ab01e56 100644
if (dictionary == null) {
throw new NullPointerException("dictionary");
}
-@@ -110,11 +157,11 @@ public class JZlibDecoder extends ZlibDecoder {
+@@ -110,11 +157,11 @@ public class JZlibDecoder extends ZlibDe
final int oldNextInIndex = z.next_in_index;
// Configure output.
@@ -118,7 +116,7 @@ index 5d23bb8..ab01e56 100644
z.avail_out = decompressed.writableBytes();
z.next_out = decompressed.array();
z.next_out_index = decompressed.arrayOffset() + decompressed.writerIndex();
-@@ -170,4 +217,9 @@ public class JZlibDecoder extends ZlibDecoder {
+@@ -170,4 +217,9 @@ public class JZlibDecoder extends ZlibDe
z.next_out = null;
}
}
@@ -128,8 +126,6 @@ index 5d23bb8..ab01e56 100644
+ finished = true;
+ }
}
-diff --git a/codec/src/main/java/io/netty/handler/codec/compression/JdkZlibDecoder.java b/codec/src/main/java/io/netty/handler/codec/compression/JdkZlibDecoder.java
-index c90cc4b..6665d86 100644
--- a/codec/src/main/java/io/netty/handler/codec/compression/JdkZlibDecoder.java
+++ b/codec/src/main/java/io/netty/handler/codec/compression/JdkZlibDecoder.java
@@ -16,6 +16,7 @@
@@ -140,7 +136,7 @@ index c90cc4b..6665d86 100644
import io.netty.channel.ChannelHandlerContext;
import java.util.List;
-@@ -64,7 +65,19 @@ public class JdkZlibDecoder extends ZlibDecoder {
+@@ -64,7 +65,19 @@ public class JdkZlibDecoder extends Zlib
* Creates a new instance with the default wrapper ({@link ZlibWrapper#ZLIB}).
*/
public JdkZlibDecoder() {
@@ -161,7 +157,7 @@ index c90cc4b..6665d86 100644
}
/**
-@@ -73,7 +86,20 @@ public class JdkZlibDecoder extends ZlibDecoder {
+@@ -73,7 +86,20 @@ public class JdkZlibDecoder extends Zlib
* supports the preset dictionary.
*/
public JdkZlibDecoder(byte[] dictionary) {
@@ -183,7 +179,7 @@ index c90cc4b..6665d86 100644
}
/**
-@@ -82,18 +108,41 @@ public class JdkZlibDecoder extends ZlibDecoder {
+@@ -82,18 +108,41 @@ public class JdkZlibDecoder extends Zlib
* supported atm.
*/
public JdkZlibDecoder(ZlibWrapper wrapper) {
@@ -229,7 +225,7 @@ index c90cc4b..6665d86 100644
if (wrapper == null) {
throw new NullPointerException("wrapper");
}
-@@ -177,7 +226,7 @@ public class JdkZlibDecoder extends ZlibDecoder {
+@@ -177,7 +226,7 @@ public class JdkZlibDecoder extends Zlib
inflater.setInput(array);
}
@@ -238,7 +234,7 @@ index c90cc4b..6665d86 100644
try {
boolean readFooter = false;
while (!inflater.needsInput()) {
-@@ -208,7 +257,7 @@ public class JdkZlibDecoder extends ZlibDecoder {
+@@ -208,7 +257,7 @@ public class JdkZlibDecoder extends Zlib
}
break;
} else {
@@ -247,20 +243,18 @@ index c90cc4b..6665d86 100644
}
}
-@@ -238,6 +287,11 @@ public class JdkZlibDecoder extends ZlibDecoder {
- }
+@@ -239,6 +288,11 @@ public class JdkZlibDecoder extends Zlib
}
-+ @Override
+ @Override
+ protected void decompressionBufferExhausted(ByteBuf buffer) {
+ finished = true;
+ }
+
- @Override
++ @Override
protected void handlerRemoved0(ChannelHandlerContext ctx) throws Exception {
super.handlerRemoved0(ctx);
-diff --git a/codec/src/main/java/io/netty/handler/codec/compression/ZlibDecoder.java b/codec/src/main/java/io/netty/handler/codec/compression/ZlibDecoder.java
-index d01bc6b..26fd3e7 100644
+ if (inflater != null) {
--- a/codec/src/main/java/io/netty/handler/codec/compression/ZlibDecoder.java
+++ b/codec/src/main/java/io/netty/handler/codec/compression/ZlibDecoder.java
@@ -16,6 +16,8 @@
@@ -272,11 +266,10 @@ index d01bc6b..26fd3e7 100644
import io.netty.handler.codec.ByteToMessageDecoder;
/**
-@@ -23,9 +25,72 @@ import io.netty.handler.codec.ByteToMessageDecoder;
- */
+@@ -24,8 +26,71 @@ import io.netty.handler.codec.ByteToMess
public abstract class ZlibDecoder extends ByteToMessageDecoder {
-+ /**
+ /**
+ * Maximum allowed size of the decompression buffer.
+ */
+ protected final int maxAllocation;
@@ -301,7 +294,7 @@ index d01bc6b..26fd3e7 100644
+ this.maxAllocation = maxAllocation;
+ }
+
- /**
++ /**
* Returns {@code true} if and only if the end of the compressed stream
* has been reached.
*/
@@ -345,11 +338,9 @@ index d01bc6b..26fd3e7 100644
+ }
+
}
-diff --git a/codec/src/test/java/io/netty/handler/codec/compression/JZlibTest.java b/codec/src/test/java/io/netty/handler/codec/compression/JZlibTest.java
-index 28f3919..015559e 100644
--- a/codec/src/test/java/io/netty/handler/codec/compression/JZlibTest.java
+++ b/codec/src/test/java/io/netty/handler/codec/compression/JZlibTest.java
-@@ -23,7 +23,7 @@ public class JZlibTest extends ZlibTest {
+@@ -23,7 +23,7 @@ public class JZlibTest extends ZlibTest
}
@Override
@@ -359,11 +350,9 @@ index 28f3919..015559e 100644
+ return new JZlibDecoder(wrapper, maxAllocation);
}
}
-diff --git a/codec/src/test/java/io/netty/handler/codec/compression/JdkZlibTest.java b/codec/src/test/java/io/netty/handler/codec/compression/JdkZlibTest.java
-index 54a48a9..5ff19f1 100644
--- a/codec/src/test/java/io/netty/handler/codec/compression/JdkZlibTest.java
+++ b/codec/src/test/java/io/netty/handler/codec/compression/JdkZlibTest.java
-@@ -38,8 +38,8 @@ public class JdkZlibTest extends ZlibTest {
+@@ -38,8 +38,8 @@ public class JdkZlibTest extends ZlibTes
}
@Override
@@ -374,11 +363,9 @@ index 54a48a9..5ff19f1 100644
}
@Test(expected = DecompressionException.class)
-diff --git a/codec/src/test/java/io/netty/handler/codec/compression/ZlibCrossTest1.java b/codec/src/test/java/io/netty/handler/codec/compression/ZlibCrossTest1.java
-index 9e16e1a..3c31274 100644
--- a/codec/src/test/java/io/netty/handler/codec/compression/ZlibCrossTest1.java
+++ b/codec/src/test/java/io/netty/handler/codec/compression/ZlibCrossTest1.java
-@@ -23,7 +23,7 @@ public class ZlibCrossTest1 extends ZlibTest {
+@@ -23,7 +23,7 @@ public class ZlibCrossTest1 extends Zlib
}
@Override
@@ -388,11 +375,9 @@ index 9e16e1a..3c31274 100644
+ return new JZlibDecoder(wrapper, maxAllocation);
}
}
-diff --git a/codec/src/test/java/io/netty/handler/codec/compression/ZlibCrossTest2.java b/codec/src/test/java/io/netty/handler/codec/compression/ZlibCrossTest2.java
-index 8717019..00c6e18 100644
--- a/codec/src/test/java/io/netty/handler/codec/compression/ZlibCrossTest2.java
+++ b/codec/src/test/java/io/netty/handler/codec/compression/ZlibCrossTest2.java
-@@ -25,8 +25,8 @@ public class ZlibCrossTest2 extends ZlibTest {
+@@ -25,8 +25,8 @@ public class ZlibCrossTest2 extends Zlib
}
@Override
@@ -403,8 +388,6 @@ index 8717019..00c6e18 100644
}
@Test(expected = DecompressionException.class)
-diff --git a/codec/src/test/java/io/netty/handler/codec/compression/ZlibTest.java b/codec/src/test/java/io/netty/handler/codec/compression/ZlibTest.java
-index 7c25ec4..9d79c81 100644
--- a/codec/src/test/java/io/netty/handler/codec/compression/ZlibTest.java
+++ b/codec/src/test/java/io/netty/handler/codec/compression/ZlibTest.java
@@ -15,7 +15,9 @@
=====================================
debian/patches/CVE-2021-21290.patch
=====================================
@@ -18,11 +18,9 @@ Origin: https://github.com/netty/netty/commit/c735357bf29d07856ad171c6611a2e1a0e
.../io/netty/channel/unix/tests/UnixTestUtils.java | 3 ++-
11 files changed, 40 insertions(+), 13 deletions(-)
-diff --git a/buffer/src/test/java/io/netty/buffer/AbstractByteBufTest.java b/buffer/src/test/java/io/netty/buffer/AbstractByteBufTest.java
-index 59194ab..2679d1e 100644
--- a/buffer/src/test/java/io/netty/buffer/AbstractByteBufTest.java
+++ b/buffer/src/test/java/io/netty/buffer/AbstractByteBufTest.java
-@@ -4487,7 +4487,7 @@ public abstract class AbstractByteBufTest {
+@@ -4487,7 +4487,7 @@ public abstract class AbstractByteBufTes
@Test
public void testReadBytesAndWriteBytesWithFileChannel() throws IOException {
@@ -31,7 +29,7 @@ index 59194ab..2679d1e 100644
RandomAccessFile randomAccessFile = null;
try {
randomAccessFile = new RandomAccessFile(file, "rw");
-@@ -4530,7 +4530,7 @@ public abstract class AbstractByteBufTest {
+@@ -4530,7 +4530,7 @@ public abstract class AbstractByteBufTes
@Test
public void testGetBytesAndSetBytesWithFileChannel() throws IOException {
@@ -40,11 +38,9 @@ index 59194ab..2679d1e 100644
RandomAccessFile randomAccessFile = null;
try {
randomAccessFile = new RandomAccessFile(file, "rw");
-diff --git a/buffer/src/test/java/io/netty/buffer/ReadOnlyDirectByteBufferBufTest.java b/buffer/src/test/java/io/netty/buffer/ReadOnlyDirectByteBufferBufTest.java
-index d51ce11..6e40f08 100644
--- a/buffer/src/test/java/io/netty/buffer/ReadOnlyDirectByteBufferBufTest.java
+++ b/buffer/src/test/java/io/netty/buffer/ReadOnlyDirectByteBufferBufTest.java
-@@ -286,7 +286,7 @@ public class ReadOnlyDirectByteBufferBufTest {
+@@ -286,7 +286,7 @@ public class ReadOnlyDirectByteBufferBuf
@Test
public void testWrapMemoryMapped() throws Exception {
@@ -53,11 +49,9 @@ index d51ce11..6e40f08 100644
FileChannel output = null;
FileChannel input = null;
ByteBuf b1 = null;
-diff --git a/codec-http/src/main/java/io/netty/handler/codec/http/multipart/AbstractDiskHttpData.java b/codec-http/src/main/java/io/netty/handler/codec/http/multipart/AbstractDiskHttpData.java
-index 544bc7c..c28dbae 100644
--- a/codec-http/src/main/java/io/netty/handler/codec/http/multipart/AbstractDiskHttpData.java
+++ b/codec-http/src/main/java/io/netty/handler/codec/http/multipart/AbstractDiskHttpData.java
-@@ -20,6 +20,7 @@ import io.netty.handler.codec.http.HttpConstants;
+@@ -20,6 +20,7 @@ import io.netty.handler.codec.http.HttpC
import io.netty.util.internal.EmptyArrays;
import io.netty.util.internal.logging.InternalLogger;
import io.netty.util.internal.logging.InternalLoggerFactory;
@@ -65,7 +59,7 @@ index 544bc7c..c28dbae 100644
import java.io.File;
import java.io.FileInputStream;
-@@ -87,9 +88,9 @@ public abstract class AbstractDiskHttpData extends AbstractHttpData {
+@@ -87,9 +88,9 @@ public abstract class AbstractDiskHttpDa
File tmpFile;
if (getBaseDirectory() == null) {
// create a temporary file
@@ -77,11 +71,9 @@ index 544bc7c..c28dbae 100644
getBaseDirectory()));
}
if (deleteOnExit()) {
-diff --git a/codec-http/src/test/java/io/netty/handler/codec/http/HttpChunkedInputTest.java b/codec-http/src/test/java/io/netty/handler/codec/http/HttpChunkedInputTest.java
-index 002c8d0..8e75eb9 100644
--- a/codec-http/src/test/java/io/netty/handler/codec/http/HttpChunkedInputTest.java
+++ b/codec-http/src/test/java/io/netty/handler/codec/http/HttpChunkedInputTest.java
-@@ -25,6 +25,7 @@ import io.netty.handler.stream.ChunkedNioFile;
+@@ -25,6 +25,7 @@ import io.netty.handler.stream.ChunkedNi
import io.netty.handler.stream.ChunkedNioStream;
import io.netty.handler.stream.ChunkedStream;
import io.netty.handler.stream.ChunkedWriteHandler;
@@ -98,8 +90,6 @@ index 002c8d0..8e75eb9 100644
TMP.deleteOnExit();
out = new FileOutputStream(TMP);
out.write(BYTES);
-diff --git a/common/src/main/java/io/netty/util/internal/NativeLibraryLoader.java b/common/src/main/java/io/netty/util/internal/NativeLibraryLoader.java
-index 31b4a46..a47a7f5 100644
--- a/common/src/main/java/io/netty/util/internal/NativeLibraryLoader.java
+++ b/common/src/main/java/io/netty/util/internal/NativeLibraryLoader.java
@@ -180,7 +180,7 @@ public final class NativeLibraryLoader {
@@ -111,8 +101,6 @@ index 31b4a46..a47a7f5 100644
in = url.openStream();
out = new FileOutputStream(tmpFile);
-diff --git a/common/src/main/java/io/netty/util/internal/PlatformDependent.java b/common/src/main/java/io/netty/util/internal/PlatformDependent.java
-index 1baeecb..fd2af44 100644
--- a/common/src/main/java/io/netty/util/internal/PlatformDependent.java
+++ b/common/src/main/java/io/netty/util/internal/PlatformDependent.java
@@ -33,6 +33,7 @@ import java.lang.reflect.Field;
@@ -123,7 +111,7 @@ index 1baeecb..fd2af44 100644
import java.security.AccessController;
import java.security.PrivilegedAction;
import java.util.Deque;
-@@ -56,6 +57,7 @@ import static io.netty.util.internal.PlatformDependent0.hashCodeAsciiSanitize;
+@@ -56,6 +57,7 @@ import static io.netty.util.internal.Pla
import static io.netty.util.internal.PlatformDependent0.unalignedAccess;
import static java.lang.Math.max;
import static java.lang.Math.min;
@@ -156,8 +144,6 @@ index 1baeecb..fd2af44 100644
/**
* Package private for testing purposes only!
*/
-diff --git a/handler/src/main/java/io/netty/handler/ssl/util/SelfSignedCertificate.java b/handler/src/main/java/io/netty/handler/ssl/util/SelfSignedCertificate.java
-index 9f010ce..34212bd 100644
--- a/handler/src/main/java/io/netty/handler/ssl/util/SelfSignedCertificate.java
+++ b/handler/src/main/java/io/netty/handler/ssl/util/SelfSignedCertificate.java
@@ -20,6 +20,7 @@ import io.netty.buffer.ByteBuf;
@@ -176,7 +162,7 @@ index 9f010ce..34212bd 100644
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.NoSuchAlgorithmException;
-@@ -238,7 +240,7 @@ public final class SelfSignedCertificate {
+@@ -238,7 +240,7 @@ public final class SelfSignedCertificate
wrappedBuf.release();
}
@@ -185,7 +171,7 @@ index 9f010ce..34212bd 100644
keyFile.deleteOnExit();
OutputStream keyOut = new FileOutputStream(keyFile);
-@@ -269,7 +271,7 @@ public final class SelfSignedCertificate {
+@@ -269,7 +271,7 @@ public final class SelfSignedCertificate
wrappedBuf.release();
}
@@ -194,11 +180,9 @@ index 9f010ce..34212bd 100644
certFile.deleteOnExit();
OutputStream certOut = new FileOutputStream(certFile);
-diff --git a/handler/src/test/java/io/netty/handler/stream/ChunkedWriteHandlerTest.java b/handler/src/test/java/io/netty/handler/stream/ChunkedWriteHandlerTest.java
-index 5b03048..6caf0af 100644
--- a/handler/src/test/java/io/netty/handler/stream/ChunkedWriteHandlerTest.java
+++ b/handler/src/test/java/io/netty/handler/stream/ChunkedWriteHandlerTest.java
-@@ -26,6 +26,7 @@ import io.netty.channel.ChannelOutboundHandlerAdapter;
+@@ -26,6 +26,7 @@ import io.netty.channel.ChannelOutboundH
import io.netty.channel.embedded.EmbeddedChannel;
import io.netty.util.CharsetUtil;
import io.netty.util.ReferenceCountUtil;
@@ -215,11 +199,9 @@ index 5b03048..6caf0af 100644
TMP.deleteOnExit();
out = new FileOutputStream(TMP);
out.write(BYTES);
-diff --git a/testsuite/src/main/java/io/netty/testsuite/transport/socket/SocketFileRegionTest.java b/testsuite/src/main/java/io/netty/testsuite/transport/socket/SocketFileRegionTest.java
-index 53deb6c..d4f43f7 100644
--- a/testsuite/src/main/java/io/netty/testsuite/transport/socket/SocketFileRegionTest.java
+++ b/testsuite/src/main/java/io/netty/testsuite/transport/socket/SocketFileRegionTest.java
-@@ -100,7 +100,7 @@ public class SocketFileRegionTest extends AbstractSocketTest {
+@@ -100,7 +100,7 @@ public class SocketFileRegionTest extend
cb.option(ChannelOption.AUTO_READ, autoRead);
final int bufferSize = 1024;
@@ -228,11 +210,9 @@ index 53deb6c..d4f43f7 100644
file.deleteOnExit();
final FileOutputStream out = new FileOutputStream(file);
-diff --git a/transport-native-epoll/src/test/java/io/netty/channel/epoll/EpollSpliceTest.java b/transport-native-epoll/src/test/java/io/netty/channel/epoll/EpollSpliceTest.java
-index c53ff1e..eae1711 100644
--- a/transport-native-epoll/src/test/java/io/netty/channel/epoll/EpollSpliceTest.java
+++ b/transport-native-epoll/src/test/java/io/netty/channel/epoll/EpollSpliceTest.java
-@@ -29,6 +29,7 @@ import io.netty.channel.SimpleChannelInboundHandler;
+@@ -29,6 +29,7 @@ import io.netty.channel.SimpleChannelInb
import io.netty.channel.unix.FileDescriptor;
import io.netty.testsuite.util.TestUtils;
import io.netty.util.NetUtil;
@@ -249,8 +229,6 @@ index c53ff1e..eae1711 100644
file.deleteOnExit();
SpliceHandler sh = new SpliceHandler(file);
-diff --git a/transport-native-unix-common-tests/src/main/java/io/netty/channel/unix/tests/UnixTestUtils.java b/transport-native-unix-common-tests/src/main/java/io/netty/channel/unix/tests/UnixTestUtils.java
-index e4ebcb4..6124ec1 100644
--- a/transport-native-unix-common-tests/src/main/java/io/netty/channel/unix/tests/UnixTestUtils.java
+++ b/transport-native-unix-common-tests/src/main/java/io/netty/channel/unix/tests/UnixTestUtils.java
@@ -17,6 +17,7 @@ package io.netty.channel.unix.tests;
=====================================
debian/patches/CVE-2021-21295.patch
=====================================
@@ -11,8 +11,6 @@ Origin: https://github.com/netty/netty/commit/89c241e3b1795ff257af4ad6eadc616cb2
.../http2/DefaultHttp2ConnectionDecoderTest.java | 128 +++++++++++++++++++++
4 files changed, 329 insertions(+), 30 deletions(-)
-diff --git a/codec-http/src/main/java/io/netty/handler/codec/http/HttpObjectDecoder.java b/codec-http/src/main/java/io/netty/handler/codec/http/HttpObjectDecoder.java
-index f81880c..6a19f1e 100644
--- a/codec-http/src/main/java/io/netty/handler/codec/http/HttpObjectDecoder.java
+++ b/codec-http/src/main/java/io/netty/handler/codec/http/HttpObjectDecoder.java
@@ -100,11 +100,13 @@ import java.util.List;
@@ -29,18 +27,17 @@ index f81880c..6a19f1e 100644
private final HeaderParser headerParser;
private final LineParser lineParser;
-@@ -165,9 +167,17 @@ public abstract class HttpObjectDecoder extends ByteToMessageDecoder {
- this(maxInitialLineLength, maxHeaderSize, maxChunkSize, chunkedSupported, validateHeaders, 128);
+@@ -166,8 +168,16 @@ public abstract class HttpObjectDecoder
}
-+ protected HttpObjectDecoder(
+ protected HttpObjectDecoder(
+ int maxInitialLineLength, int maxHeaderSize, int maxChunkSize,
+ boolean chunkedSupported, boolean validateHeaders, int initialBufferSize) {
+ this(maxInitialLineLength, maxHeaderSize, maxChunkSize, chunkedSupported, validateHeaders, initialBufferSize,
+ DEFAULT_ALLOW_DUPLICATE_CONTENT_LENGTHS);
+ }
+
- protected HttpObjectDecoder(
++ protected HttpObjectDecoder(
int maxInitialLineLength, int maxHeaderSize, int maxChunkSize,
- boolean chunkedSupported, boolean validateHeaders, int initialBufferSize) {
+ boolean chunkedSupported, boolean validateHeaders, int initialBufferSize,
@@ -48,7 +45,7 @@ index f81880c..6a19f1e 100644
if (maxInitialLineLength <= 0) {
throw new IllegalArgumentException(
"maxInitialLineLength must be a positive integer: " +
-@@ -189,6 +199,7 @@ public abstract class HttpObjectDecoder extends ByteToMessageDecoder {
+@@ -189,6 +199,7 @@ public abstract class HttpObjectDecoder
this.maxChunkSize = maxChunkSize;
this.chunkedSupported = chunkedSupported;
this.validateHeaders = validateHeaders;
@@ -56,7 +53,7 @@ index f81880c..6a19f1e 100644
}
@Override
-@@ -614,34 +625,27 @@ public abstract class HttpObjectDecoder extends ByteToMessageDecoder {
+@@ -614,34 +625,27 @@ public abstract class HttpObjectDecoder
name = null;
value = null;
@@ -104,8 +101,6 @@ index f81880c..6a19f1e 100644
handleTransferEncodingChunkedWithContentLength(message);
}
return State.READ_CHUNK_SIZE;
-diff --git a/codec-http/src/main/java/io/netty/handler/codec/http/HttpUtil.java b/codec-http/src/main/java/io/netty/handler/codec/http/HttpUtil.java
-index 94af790..826976e 100644
--- a/codec-http/src/main/java/io/netty/handler/codec/http/HttpUtil.java
+++ b/codec-http/src/main/java/io/netty/handler/codec/http/HttpUtil.java
@@ -23,9 +23,12 @@ import java.util.ArrayList;
@@ -215,8 +210,6 @@ index 94af790..826976e 100644
+ }
+ }
}
-diff --git a/codec-http2/src/main/java/io/netty/handler/codec/http2/DefaultHttp2ConnectionDecoder.java b/codec-http2/src/main/java/io/netty/handler/codec/http2/DefaultHttp2ConnectionDecoder.java
-index 2d78fc9..ada4feb 100644
--- a/codec-http2/src/main/java/io/netty/handler/codec/http2/DefaultHttp2ConnectionDecoder.java
+++ b/codec-http2/src/main/java/io/netty/handler/codec/http2/DefaultHttp2ConnectionDecoder.java
@@ -16,8 +16,11 @@ package io.netty.handler.codec.http2;
@@ -240,7 +233,7 @@ index 2d78fc9..ada4feb 100644
private static final InternalLogger logger = InternalLoggerFactory.getInstance(DefaultHttp2ConnectionDecoder.class);
private Http2FrameListener internalFrameListener = new PrefaceFrameListener();
private final Http2Connection connection;
-@@ -57,6 +62,7 @@ public class DefaultHttp2ConnectionDecoder implements Http2ConnectionDecoder {
+@@ -57,6 +62,7 @@ public class DefaultHttp2ConnectionDecod
private final Http2FrameReader frameReader;
private Http2FrameListener listener;
private final Http2PromisedRequestVerifier requestVerifier;
@@ -248,7 +241,7 @@ index 2d78fc9..ada4feb 100644
public DefaultHttp2ConnectionDecoder(Http2Connection connection,
Http2ConnectionEncoder encoder,
-@@ -69,6 +75,7 @@ public class DefaultHttp2ConnectionDecoder implements Http2ConnectionDecoder {
+@@ -69,6 +75,7 @@ public class DefaultHttp2ConnectionDecod
Http2FrameReader frameReader,
Http2PromisedRequestVerifier requestVerifier) {
this.connection = checkNotNull(connection, "connection");
@@ -256,7 +249,7 @@ index 2d78fc9..ada4feb 100644
this.frameReader = checkNotNull(frameReader, "frameReader");
this.encoder = checkNotNull(encoder, "encoder");
this.requestVerifier = checkNotNull(requestVerifier, "requestVerifier");
-@@ -167,6 +174,23 @@ public class DefaultHttp2ConnectionDecoder implements Http2ConnectionDecoder {
+@@ -167,6 +174,23 @@ public class DefaultHttp2ConnectionDecod
listener.onUnknownFrame(ctx, frameType, streamId, flags, payload);
}
@@ -280,7 +273,7 @@ index 2d78fc9..ada4feb 100644
/**
* Handles all inbound frames from the network.
*/
-@@ -176,7 +200,8 @@ public class DefaultHttp2ConnectionDecoder implements Http2ConnectionDecoder {
+@@ -176,7 +200,8 @@ public class DefaultHttp2ConnectionDecod
boolean endOfStream) throws Http2Exception {
Http2Stream stream = connection.stream(streamId);
Http2LocalFlowController flowController = flowController();
@@ -290,7 +283,7 @@ index 2d78fc9..ada4feb 100644
final boolean shouldIgnore;
try {
-@@ -203,7 +228,6 @@ public class DefaultHttp2ConnectionDecoder implements Http2ConnectionDecoder {
+@@ -203,7 +228,6 @@ public class DefaultHttp2ConnectionDecod
// All bytes have been consumed.
return bytesToReturn;
}
@@ -298,7 +291,7 @@ index 2d78fc9..ada4feb 100644
Http2Exception error = null;
switch (stream.state()) {
case OPEN:
-@@ -231,6 +255,8 @@ public class DefaultHttp2ConnectionDecoder implements Http2ConnectionDecoder {
+@@ -231,6 +255,8 @@ public class DefaultHttp2ConnectionDecod
throw error;
}
@@ -307,7 +300,7 @@ index 2d78fc9..ada4feb 100644
// Call back the application and retrieve the number of bytes that have been
// immediately processed.
bytesToReturn = listener.onDataRead(ctx, streamId, data, padding, endOfStream);
-@@ -311,14 +337,34 @@ public class DefaultHttp2ConnectionDecoder implements Http2ConnectionDecoder {
+@@ -311,14 +337,34 @@ public class DefaultHttp2ConnectionDecod
stream.state());
}
@@ -349,7 +342,7 @@ index 2d78fc9..ada4feb 100644
}
}
-@@ -675,4 +721,40 @@ public class DefaultHttp2ConnectionDecoder implements Http2ConnectionDecoder {
+@@ -675,4 +721,40 @@ public class DefaultHttp2ConnectionDecod
onUnknownFrame0(ctx, frameType, streamId, flags, payload);
}
}
@@ -390,8 +383,6 @@ index 2d78fc9..ada4feb 100644
+ }
+ }
}
-diff --git a/codec-http2/src/test/java/io/netty/handler/codec/http2/DefaultHttp2ConnectionDecoderTest.java b/codec-http2/src/test/java/io/netty/handler/codec/http2/DefaultHttp2ConnectionDecoderTest.java
-index 7e87d52..d7d3cbf 100644
--- a/codec-http2/src/test/java/io/netty/handler/codec/http2/DefaultHttp2ConnectionDecoderTest.java
+++ b/codec-http2/src/test/java/io/netty/handler/codec/http2/DefaultHttp2ConnectionDecoderTest.java
@@ -21,17 +21,21 @@ import io.netty.channel.ChannelFuture;
@@ -416,7 +407,7 @@ index 7e87d52..d7d3cbf 100644
import java.util.concurrent.atomic.AtomicInteger;
import static io.netty.buffer.Unpooled.EMPTY_BUFFER;
-@@ -129,6 +133,21 @@ public class DefaultHttp2ConnectionDecoderTest {
+@@ -129,6 +133,21 @@ public class DefaultHttp2ConnectionDecod
when(stream.id()).thenReturn(STREAM_ID);
when(stream.state()).thenReturn(OPEN);
when(stream.open(anyBoolean())).thenReturn(stream);
@@ -438,7 +429,7 @@ index 7e87d52..d7d3cbf 100644
when(pushStream.id()).thenReturn(PUSH_STREAM_ID);
doAnswer(new Answer<Boolean>() {
@Override
-@@ -743,6 +762,115 @@ public class DefaultHttp2ConnectionDecoderTest {
+@@ -743,6 +762,115 @@ public class DefaultHttp2ConnectionDecod
verify(listener).onGoAwayRead(eq(ctx), eq(1), eq(2L), eq(EMPTY_BUFFER));
}
=====================================
debian/patches/CVE-2021-21409.patch
=====================================
@@ -8,11 +8,9 @@ Origin: https://github.com/netty/netty/commit/b0fa4d5aab4215f3c22ce6123dd8dd5f38
.../io/netty/handler/codec/http2/DefaultHttp2ConnectionDecoder.java | 5 ++++-
1 file changed, 4 insertions(+), 1 deletion(-)
-diff --git a/codec-http2/src/main/java/io/netty/handler/codec/http2/DefaultHttp2ConnectionDecoder.java b/codec-http2/src/main/java/io/netty/handler/codec/http2/DefaultHttp2ConnectionDecoder.java
-index ada4feb..92fd1bd 100644
--- a/codec-http2/src/main/java/io/netty/handler/codec/http2/DefaultHttp2ConnectionDecoder.java
+++ b/codec-http2/src/main/java/io/netty/handler/codec/http2/DefaultHttp2ConnectionDecoder.java
-@@ -296,10 +296,13 @@ public class DefaultHttp2ConnectionDecoder implements Http2ConnectionDecoder {
+@@ -296,10 +296,13 @@ public class DefaultHttp2ConnectionDecod
short weight, boolean exclusive, int padding, boolean endOfStream) throws Http2Exception {
Http2Stream stream = connection.stream(streamId);
boolean allowHalfClosedRemote = false;
@@ -26,7 +24,7 @@ index ada4feb..92fd1bd 100644
}
if (shouldIgnoreHeadersOrDataFrame(ctx, streamId, stream, "HEADERS")) {
-@@ -337,7 +340,7 @@ public class DefaultHttp2ConnectionDecoder implements Http2ConnectionDecoder {
+@@ -337,7 +340,7 @@ public class DefaultHttp2ConnectionDecod
stream.state());
}
=====================================
debian/patches/CVE-2021-37136.patch
=====================================
@@ -0,0 +1,80 @@
+From: Markus Koschany <apo at debian.org>
+Date: Sun, 1 Jan 2023 17:07:49 +0100
+Subject: CVE-2021-37136
+
+Bug-Debian: https://bugs.debian.org/1014769
+Origin: https://github.com/netty/netty/commit/41d3d61a61608f2223bb364955ab2045dd5e4020
+---
+ .../handler/codec/compression/Bzip2BlockDecompressor.java | 5 +++++
+ .../netty/handler/codec/compression/Bzip2Constants.java | 2 ++
+ .../io/netty/handler/codec/compression/Bzip2Decoder.java | 15 ++++++++-------
+ 3 files changed, 15 insertions(+), 7 deletions(-)
+
+diff --git a/codec/src/main/java/io/netty/handler/codec/compression/Bzip2BlockDecompressor.java b/codec/src/main/java/io/netty/handler/codec/compression/Bzip2BlockDecompressor.java
+index ae05568..5a0b497 100644
+--- a/codec/src/main/java/io/netty/handler/codec/compression/Bzip2BlockDecompressor.java
++++ b/codec/src/main/java/io/netty/handler/codec/compression/Bzip2BlockDecompressor.java
+@@ -228,6 +228,11 @@ final class Bzip2BlockDecompressor {
+ bwtBlock[bwtBlockLength++] = nextByte;
+ }
+ }
++ if (bwtBlockLength > MAX_BLOCK_LENGTH) {
++ throw new DecompressionException("block length exceeds max block length: "
++ + bwtBlockLength + " > " + MAX_BLOCK_LENGTH);
++ }
++
+ this.bwtBlockLength = bwtBlockLength;
+ initialiseInverseBWT();
+ return true;
+diff --git a/codec/src/main/java/io/netty/handler/codec/compression/Bzip2Constants.java b/codec/src/main/java/io/netty/handler/codec/compression/Bzip2Constants.java
+index c0283a7..21b9a2b 100644
+--- a/codec/src/main/java/io/netty/handler/codec/compression/Bzip2Constants.java
++++ b/codec/src/main/java/io/netty/handler/codec/compression/Bzip2Constants.java
+@@ -49,6 +49,8 @@ final class Bzip2Constants {
+ static final int MIN_BLOCK_SIZE = 1;
+ static final int MAX_BLOCK_SIZE = 9;
+
++ static final int MAX_BLOCK_LENGTH = MAX_BLOCK_SIZE * BASE_BLOCK_SIZE;
++
+ /**
+ * Maximum possible Huffman alphabet size.
+ */
+diff --git a/codec/src/main/java/io/netty/handler/codec/compression/Bzip2Decoder.java b/codec/src/main/java/io/netty/handler/codec/compression/Bzip2Decoder.java
+index b66ff59..3fc1001 100644
+--- a/codec/src/main/java/io/netty/handler/codec/compression/Bzip2Decoder.java
++++ b/codec/src/main/java/io/netty/handler/codec/compression/Bzip2Decoder.java
+@@ -291,26 +291,27 @@ public class Bzip2Decoder extends ByteToMessageDecoder {
+ }
+
+ final int blockLength = blockDecompressor.blockLength();
+- final ByteBuf uncompressed = ctx.alloc().buffer(blockLength);
+- boolean success = false;
++ ByteBuf uncompressed = ctx.alloc().buffer(blockLength);
+ try {
+ int uncByte;
+ while ((uncByte = blockDecompressor.read()) >= 0) {
+ uncompressed.writeByte(uncByte);
+ }
+-
++ // We did read all the data, lets reset the state and do the CRC check.
++ currentState = State.INIT_BLOCK;
+ int currentBlockCRC = blockDecompressor.checkCRC();
+ streamCRC = (streamCRC << 1 | streamCRC >>> 31) ^ currentBlockCRC;
+
+ out.add(uncompressed);
+- success = true;
++ uncompressed = null;
+ } finally {
+- if (!success) {
++ if (uncompressed != null) {
+ uncompressed.release();
+ }
+ }
+- currentState = State.INIT_BLOCK;
+- break;
++ // Return here so the ByteBuf that was put in the List will be forwarded to the user and so can be
++ // released as soon as possible.
++ return;
+ case EOF:
+ in.skipBytes(in.readableBytes());
+ return;
=====================================
debian/patches/CVE-2021-37137.patch
=====================================
@@ -0,0 +1,183 @@
+From: Markus Koschany <apo at debian.org>
+Date: Sun, 1 Jan 2023 18:28:34 +0100
+Subject: CVE-2021-37137
+
+Bug-Debian: https://bugs.debian.org/1014769
+Origin: https://github.com/netty/netty/commit/6da4956b31023ae967451e1d94ff51a746a9194f
+---
+ .../io/netty/handler/codec/compression/Snappy.java | 30 ++++++++++----
+ .../codec/compression/SnappyFrameDecoder.java | 46 ++++++++++++++++++----
+ 2 files changed, 62 insertions(+), 14 deletions(-)
+
+diff --git a/codec/src/main/java/io/netty/handler/codec/compression/Snappy.java b/codec/src/main/java/io/netty/handler/codec/compression/Snappy.java
+index 9264244..fcdc22a 100644
+--- a/codec/src/main/java/io/netty/handler/codec/compression/Snappy.java
++++ b/codec/src/main/java/io/netty/handler/codec/compression/Snappy.java
+@@ -38,12 +38,11 @@ public final class Snappy {
+ private static final int COPY_2_BYTE_OFFSET = 2;
+ private static final int COPY_4_BYTE_OFFSET = 3;
+
+- private State state = State.READY;
++ private State state = State.READING_PREAMBLE;
+ private byte tag;
+ private int written;
+
+ private enum State {
+- READY,
+ READING_PREAMBLE,
+ READING_TAG,
+ READING_LITERAL,
+@@ -51,7 +50,7 @@ public final class Snappy {
+ }
+
+ public void reset() {
+- state = State.READY;
++ state = State.READING_PREAMBLE;
+ tag = 0;
+ written = 0;
+ }
+@@ -270,9 +269,6 @@ public final class Snappy {
+ public void decode(ByteBuf in, ByteBuf out) {
+ while (in.isReadable()) {
+ switch (state) {
+- case READY:
+- state = State.READING_PREAMBLE;
+- // fall through
+ case READING_PREAMBLE:
+ int uncompressedLength = readPreamble(in);
+ if (uncompressedLength == PREAMBLE_NOT_FULL) {
+@@ -281,7 +277,6 @@ public final class Snappy {
+ }
+ if (uncompressedLength == 0) {
+ // Should never happen, but it does mean we have nothing further to do
+- state = State.READY;
+ return;
+ }
+ out.ensureWritable(uncompressedLength);
+@@ -378,6 +373,27 @@ public final class Snappy {
+ return 0;
+ }
+
++ /**
++ * Get the length varint (a series of bytes, where the lower 7 bits
++ * are data and the upper bit is a flag to indicate more bytes to be
++ * read).
++ *
++ * @param in The input buffer to get the preamble from
++ * @return The calculated length based on the input buffer, or 0 if
++ * no preamble is able to be calculated
++ */
++ int getPreamble(ByteBuf in) {
++ if (state == State.READING_PREAMBLE) {
++ int readerIndex = in.readerIndex();
++ try {
++ return readPreamble(in);
++ } finally {
++ in.readerIndex(readerIndex);
++ }
++ }
++ return 0;
++ }
++
+ /**
+ * Reads a literal from the input buffer directly to the output buffer.
+ * A "literal" is an uncompressed segment of data stored directly in the
+diff --git a/codec/src/main/java/io/netty/handler/codec/compression/SnappyFrameDecoder.java b/codec/src/main/java/io/netty/handler/codec/compression/SnappyFrameDecoder.java
+index 4762e72..59fdc68 100644
+--- a/codec/src/main/java/io/netty/handler/codec/compression/SnappyFrameDecoder.java
++++ b/codec/src/main/java/io/netty/handler/codec/compression/SnappyFrameDecoder.java
+@@ -45,13 +45,19 @@ public class SnappyFrameDecoder extends ByteToMessageDecoder {
+ }
+
+ private static final int SNAPPY_IDENTIFIER_LEN = 6;
++ // See https://github.com/google/snappy/blob/1.1.9/framing_format.txt#L95
+ private static final int MAX_UNCOMPRESSED_DATA_SIZE = 65536 + 4;
++ // See https://github.com/google/snappy/blob/1.1.9/framing_format.txt#L82
++ private static final int MAX_DECOMPRESSED_DATA_SIZE = 65536;
++ // See https://github.com/google/snappy/blob/1.1.9/framing_format.txt#L82
++ private static final int MAX_COMPRESSED_CHUNK_SIZE = 16777216 - 1;
+
+ private final Snappy snappy = new Snappy();
+ private final boolean validateChecksums;
+
+ private boolean started;
+ private boolean corrupted;
++ private int numBytesToSkip;
+
+ /**
+ * Creates a new snappy-framed decoder with validation of checksums
+@@ -82,6 +88,16 @@ public class SnappyFrameDecoder extends ByteToMessageDecoder {
+ return;
+ }
+
++ if (numBytesToSkip != 0) {
++ // The last chunkType we detected was RESERVED_SKIPPABLE and we still have some bytes to skip.
++ int skipBytes = Math.min(numBytesToSkip, in.readableBytes());
++ in.skipBytes(skipBytes);
++ numBytesToSkip -= skipBytes;
++
++ // Let's return and try again.
++ return;
++ }
++
+ try {
+ int idx = in.readerIndex();
+ final int inSize = in.readableBytes();
+@@ -123,12 +139,15 @@ public class SnappyFrameDecoder extends ByteToMessageDecoder {
+ throw new DecompressionException("Received RESERVED_SKIPPABLE tag before STREAM_IDENTIFIER");
+ }
+
+- if (inSize < 4 + chunkLength) {
+- // TODO: Don't keep skippable bytes
+- return;
+- }
++ in.skipBytes(4);
+
+- in.skipBytes(4 + chunkLength);
++ int skipBytes = Math.min(chunkLength, in.readableBytes());
++ in.skipBytes(skipBytes);
++ if (skipBytes != chunkLength) {
++ // We could skip all bytes, let's store the remaining so we can do so once we receive more
++ // data.
++ numBytesToSkip = chunkLength - skipBytes;
++ }
+ break;
+ case RESERVED_UNSKIPPABLE:
+ // The spec mandates that reserved unskippable chunks must immediately
+@@ -141,7 +160,8 @@ public class SnappyFrameDecoder extends ByteToMessageDecoder {
+ throw new DecompressionException("Received UNCOMPRESSED_DATA tag before STREAM_IDENTIFIER");
+ }
+ if (chunkLength > MAX_UNCOMPRESSED_DATA_SIZE) {
+- throw new DecompressionException("Received UNCOMPRESSED_DATA larger than 65540 bytes");
++ throw new DecompressionException("Received UNCOMPRESSED_DATA larger than " +
++ MAX_UNCOMPRESSED_DATA_SIZE + " bytes");
+ }
+
+ if (inSize < 4 + chunkLength) {
+@@ -162,13 +182,25 @@ public class SnappyFrameDecoder extends ByteToMessageDecoder {
+ throw new DecompressionException("Received COMPRESSED_DATA tag before STREAM_IDENTIFIER");
+ }
+
++ if (chunkLength > MAX_COMPRESSED_CHUNK_SIZE) {
++ throw new DecompressionException("Received COMPRESSED_DATA that contains" +
++ " chunk that exceeds " + MAX_COMPRESSED_CHUNK_SIZE + " bytes");
++ }
++
+ if (inSize < 4 + chunkLength) {
+ return;
+ }
+
+ in.skipBytes(4);
+ int checksum = in.readIntLE();
+- ByteBuf uncompressed = ctx.alloc().buffer();
++
++ int uncompressedSize = snappy.getPreamble(in);
++ if (uncompressedSize > MAX_DECOMPRESSED_DATA_SIZE) {
++ throw new DecompressionException("Received COMPRESSED_DATA that contains" +
++ " uncompressed data that exceeds " + MAX_DECOMPRESSED_DATA_SIZE + " bytes");
++ }
++
++ ByteBuf uncompressed = ctx.alloc().buffer(uncompressedSize, MAX_DECOMPRESSED_DATA_SIZE);
+ try {
+ if (validateChecksums) {
+ int oldWriterIndex = in.writerIndex();
=====================================
debian/patches/CVE-2021-43797.patch
=====================================
@@ -0,0 +1,260 @@
+From: Markus Koschany <apo at debian.org>
+Date: Mon, 2 Jan 2023 10:59:58 +0100
+Subject: CVE-2021-43797
+
+Bug-Debian: https://bugs.debian.org/1001437
+Origin: https://github.com/netty/netty/commit/07aa6b5938a8b6ed7a6586e066400e2643897323
+---
+ .../handler/codec/http/DefaultHttpHeaders.java | 8 ++
+ .../handler/codec/http/HttpRequestDecoderTest.java | 87 ++++++++++++++++++++--
+ .../codec/http/HttpResponseDecoderTest.java | 78 +++++++++++++++++++
+ 3 files changed, 167 insertions(+), 6 deletions(-)
+
+diff --git a/codec-http/src/main/java/io/netty/handler/codec/http/DefaultHttpHeaders.java b/codec-http/src/main/java/io/netty/handler/codec/http/DefaultHttpHeaders.java
+index 88af27f..ea58595 100644
+--- a/codec-http/src/main/java/io/netty/handler/codec/http/DefaultHttpHeaders.java
++++ b/codec-http/src/main/java/io/netty/handler/codec/http/DefaultHttpHeaders.java
+@@ -355,6 +355,10 @@ public class DefaultHttpHeaders extends HttpHeaders {
+
+ private static void validateHeaderNameElement(byte value) {
+ switch (value) {
++ case 0x1c:
++ case 0x1d:
++ case 0x1e:
++ case 0x1f:
+ case 0x00:
+ case '\t':
+ case '\n':
+@@ -380,6 +384,10 @@ public class DefaultHttpHeaders extends HttpHeaders {
+
+ private static void validateHeaderNameElement(char value) {
+ switch (value) {
++ case 0x1c:
++ case 0x1d:
++ case 0x1e:
++ case 0x1f:
+ case 0x00:
+ case '\t':
+ case '\n':
+diff --git a/codec-http/src/test/java/io/netty/handler/codec/http/HttpRequestDecoderTest.java b/codec-http/src/test/java/io/netty/handler/codec/http/HttpRequestDecoderTest.java
+index 9a8912f..72098ef 100644
+--- a/codec-http/src/test/java/io/netty/handler/codec/http/HttpRequestDecoderTest.java
++++ b/codec-http/src/test/java/io/netty/handler/codec/http/HttpRequestDecoderTest.java
+@@ -15,6 +15,7 @@
+ */
+ package io.netty.handler.codec.http;
+
++import io.netty.buffer.ByteBuf;
+ import io.netty.buffer.Unpooled;
+ import io.netty.channel.embedded.EmbeddedChannel;
+ import io.netty.handler.codec.TooLongFrameException;
+@@ -321,6 +322,75 @@ public class HttpRequestDecoderTest {
+ assertFalse(channel.finish());
+ }
+
++ @Test
++ public void testHeaderNameStartsWithControlChar1c() {
++ testHeaderNameStartsWithControlChar(0x1c);
++ }
++
++ @Test
++ public void testHeaderNameStartsWithControlChar1d() {
++ testHeaderNameStartsWithControlChar(0x1d);
++ }
++
++ @Test
++ public void testHeaderNameStartsWithControlChar1e() {
++ testHeaderNameStartsWithControlChar(0x1e);
++ }
++
++ @Test
++ public void testHeaderNameStartsWithControlChar1f() {
++ testHeaderNameStartsWithControlChar(0x1f);
++ }
++
++ @Test
++ public void testHeaderNameStartsWithControlChar0c() {
++ testHeaderNameStartsWithControlChar(0x0c);
++ }
++
++ private void testHeaderNameStartsWithControlChar(int controlChar) {
++ ByteBuf requestBuffer = Unpooled.buffer();
++ requestBuffer.writeCharSequence("GET /some/path HTTP/1.1\r\n" +
++ "Host: netty.io\r\n", CharsetUtil.US_ASCII);
++ requestBuffer.writeByte(controlChar);
++ requestBuffer.writeCharSequence("Transfer-Encoding: chunked\r\n\r\n", CharsetUtil.US_ASCII);
++ testInvalidHeaders0(requestBuffer);
++ }
++
++ @Test
++ public void testHeaderNameEndsWithControlChar1c() {
++ testHeaderNameEndsWithControlChar(0x1c);
++ }
++
++ @Test
++ public void testHeaderNameEndsWithControlChar1d() {
++ testHeaderNameEndsWithControlChar(0x1d);
++ }
++
++ @Test
++ public void testHeaderNameEndsWithControlChar1e() {
++ testHeaderNameEndsWithControlChar(0x1e);
++ }
++
++ @Test
++ public void testHeaderNameEndsWithControlChar1f() {
++ testHeaderNameEndsWithControlChar(0x1f);
++ }
++
++ @Test
++ public void testHeaderNameEndsWithControlChar0c() {
++ testHeaderNameEndsWithControlChar(0x0c);
++ }
++
++ private void testHeaderNameEndsWithControlChar(int controlChar) {
++ ByteBuf requestBuffer = Unpooled.buffer();
++ requestBuffer.writeCharSequence("GET /some/path HTTP/1.1\r\n" +
++ "Host: netty.io\r\n", CharsetUtil.US_ASCII);
++ requestBuffer.writeCharSequence("Transfer-Encoding", CharsetUtil.US_ASCII);
++ requestBuffer.writeByte(controlChar);
++ requestBuffer.writeCharSequence(": chunked\r\n\r\n", CharsetUtil.US_ASCII);
++ testInvalidHeaders0(requestBuffer);
++ }
++
+ @Test
+ public void testWhitespace() {
+ String requestStr = "GET /some/path HTTP/1.1\r\n" +
+@@ -330,9 +400,9 @@ public class HttpRequestDecoderTest {
+ }
+
+ @Test
+- public void testWhitespaceBeforeTransferEncoding01() {
++ public void testWhitespaceInTransferEncoding01() {
+ String requestStr = "GET /some/path HTTP/1.1\r\n" +
+- " Transfer-Encoding : chunked\r\n" +
++ "Transfer-Encoding : chunked\r\n" +
+ "Content-Length: 1\r\n" +
+ "Host: netty.io\r\n\r\n" +
+ "a";
+@@ -340,9 +410,9 @@ public class HttpRequestDecoderTest {
+ }
+
+ @Test
+- public void testWhitespaceBeforeTransferEncoding02() {
++ public void testWhitespaceInTransferEncoding02() {
+ String requestStr = "POST / HTTP/1.1" +
+- " Transfer-Encoding : chunked\r\n" +
++ "Transfer-Encoding : chunked\r\n" +
+ "Host: target.com" +
+ "Content-Length: 65\r\n\r\n" +
+ "0\r\n\r\n" +
+@@ -416,15 +486,20 @@ public class HttpRequestDecoderTest {
+ assertTrue(request.headers().contains("Transfer-Encoding", "chunked", false));
+ assertFalse(request.headers().contains("Content-Length"));
+ LastHttpContent c = channel.readInbound();
++ c.release();
+ assertFalse(channel.finish());
+ }
+
+ private static void testInvalidHeaders0(String requestStr) {
++ testInvalidHeaders0(Unpooled.copiedBuffer(requestStr, CharsetUtil.US_ASCII));
++ }
++
++ private static void testInvalidHeaders0(ByteBuf requestBuffer) {
+ EmbeddedChannel channel = new EmbeddedChannel(new HttpRequestDecoder());
+- assertTrue(channel.writeInbound(Unpooled.copiedBuffer(requestStr, CharsetUtil.US_ASCII)));
++ assertTrue(channel.writeInbound(requestBuffer));
+ HttpRequest request = channel.readInbound();
++ assertThat(request.decoderResult().cause(), instanceOf(IllegalArgumentException.class));
+ assertTrue(request.decoderResult().isFailure());
+- assertTrue(request.decoderResult().cause() instanceof IllegalArgumentException);
+ assertFalse(channel.finish());
+ }
+ }
+diff --git a/codec-http/src/test/java/io/netty/handler/codec/http/HttpResponseDecoderTest.java b/codec-http/src/test/java/io/netty/handler/codec/http/HttpResponseDecoderTest.java
+index 1f0b2ba..d9f3ac6 100644
+--- a/codec-http/src/test/java/io/netty/handler/codec/http/HttpResponseDecoderTest.java
++++ b/codec-http/src/test/java/io/netty/handler/codec/http/HttpResponseDecoderTest.java
+@@ -698,4 +698,82 @@ public class HttpResponseDecoderTest {
+ assertEquals("netty.io", response.headers().get(HttpHeaderNames.HOST));
+ assertFalse(channel.finish());
+ }
++
++ @Test
++ public void testHeaderNameStartsWithControlChar1c() {
++ testHeaderNameStartsWithControlChar(0x1c);
++ }
++
++ @Test
++ public void testHeaderNameStartsWithControlChar1d() {
++ testHeaderNameStartsWithControlChar(0x1d);
++ }
++
++ @Test
++ public void testHeaderNameStartsWithControlChar1e() {
++ testHeaderNameStartsWithControlChar(0x1e);
++ }
++
++ @Test
++ public void testHeaderNameStartsWithControlChar1f() {
++ testHeaderNameStartsWithControlChar(0x1f);
++ }
++
++ @Test
++ public void testHeaderNameStartsWithControlChar0c() {
++ testHeaderNameStartsWithControlChar(0x0c);
++ }
++
++ private void testHeaderNameStartsWithControlChar(int controlChar) {
++ ByteBuf responseBuffer = Unpooled.buffer();
++ responseBuffer.writeCharSequence("HTTP/1.1 200 OK\r\n" +
++ "Host: netty.io\r\n", CharsetUtil.US_ASCII);
++ responseBuffer.writeByte(controlChar);
++ responseBuffer.writeCharSequence("Transfer-Encoding: chunked\r\n\r\n", CharsetUtil.US_ASCII);
++ testInvalidHeaders0(responseBuffer);
++ }
++
++ @Test
++ public void testHeaderNameEndsWithControlChar1c() {
++ testHeaderNameEndsWithControlChar(0x1c);
++ }
++
++ @Test
++ public void testHeaderNameEndsWithControlChar1d() {
++ testHeaderNameEndsWithControlChar(0x1d);
++ }
++
++ @Test
++ public void testHeaderNameEndsWithControlChar1e() {
++ testHeaderNameEndsWithControlChar(0x1e);
++ }
++
++ @Test
++ public void testHeaderNameEndsWithControlChar1f() {
++ testHeaderNameEndsWithControlChar(0x1f);
++ }
++
++ @Test
++ public void testHeaderNameEndsWithControlChar0c() {
++ testHeaderNameEndsWithControlChar(0x0c);
++ }
++
++ private void testHeaderNameEndsWithControlChar(int controlChar) {
++ ByteBuf responseBuffer = Unpooled.buffer();
++ responseBuffer.writeCharSequence("HTTP/1.1 200 OK\r\n" +
++ "Host: netty.io\r\n", CharsetUtil.US_ASCII);
++ responseBuffer.writeCharSequence("Transfer-Encoding", CharsetUtil.US_ASCII);
++ responseBuffer.writeByte(controlChar);
++ responseBuffer.writeCharSequence(": chunked\r\n\r\n", CharsetUtil.US_ASCII);
++ testInvalidHeaders0(responseBuffer);
++ }
++
++ private static void testInvalidHeaders0(ByteBuf responseBuffer) {
++ EmbeddedChannel channel = new EmbeddedChannel(new HttpResponseDecoder());
++ assertTrue(channel.writeInbound(responseBuffer));
++ HttpResponse response = channel.readInbound();
++ assertThat(response.decoderResult().cause(), instanceOf(IllegalArgumentException.class));
++ assertTrue(response.decoderResult().isFailure());
++ assertFalse(channel.finish());
++ }
+ }
=====================================
debian/patches/CVE-2022-41881.patch
=====================================
@@ -0,0 +1,150 @@
+From: Markus Koschany <apo at debian.org>
+Date: Mon, 2 Jan 2023 11:09:08 +0100
+Subject: CVE-2022-41881
+
+Bug-Debian: https://bugs.debian.org/1027180
+Origin: https://github.com/netty/netty/commit/cd91cf3c99123bd1e53fd6a1de0e3d1922f05bb2
+---
+ .../handler/codec/haproxy/HAProxyMessage.java | 16 ++++--
+ .../codec/haproxy/HAProxyMessageDecoderTest.java | 65 ++++++++++++++++++++++
+ 2 files changed, 76 insertions(+), 5 deletions(-)
+
+diff --git a/codec-haproxy/src/main/java/io/netty/handler/codec/haproxy/HAProxyMessage.java b/codec-haproxy/src/main/java/io/netty/handler/codec/haproxy/HAProxyMessage.java
+index b40bf42..3f30c4a 100644
+--- a/codec-haproxy/src/main/java/io/netty/handler/codec/haproxy/HAProxyMessage.java
++++ b/codec-haproxy/src/main/java/io/netty/handler/codec/haproxy/HAProxyMessage.java
+@@ -30,6 +30,9 @@ import java.util.List;
+ */
+ public final class HAProxyMessage {
+
++ // Let's pick some conservative limit here.
++ private static final int MAX_NESTING_LEVEL = 128;
++
+ /**
+ * Version 1 proxy protocol message for 'UNKNOWN' proxied protocols. Per spec, when the proxied protocol is
+ * 'UNKNOWN' we must discard all other header values.
+@@ -238,7 +241,7 @@ public final class HAProxyMessage {
+ }
+
+ private static List<HAProxyTLV> readTlvs(final ByteBuf header) {
+- HAProxyTLV haProxyTLV = readNextTLV(header);
++ HAProxyTLV haProxyTLV = readNextTLV(header, 0);
+ if (haProxyTLV == null) {
+ return Collections.emptyList();
+ }
+@@ -250,12 +253,15 @@ public final class HAProxyMessage {
+ if (haProxyTLV instanceof HAProxySSLTLV) {
+ haProxyTLVs.addAll(((HAProxySSLTLV) haProxyTLV).encapsulatedTLVs());
+ }
+- } while ((haProxyTLV = readNextTLV(header)) != null);
++ } while ((haProxyTLV = readNextTLV(header, 0)) != null);
+ return haProxyTLVs;
+ }
+
+- private static HAProxyTLV readNextTLV(final ByteBuf header) {
+-
++ private static HAProxyTLV readNextTLV(final ByteBuf header, int nestingLevel) {
++ if (nestingLevel > MAX_NESTING_LEVEL) {
++ throw new HAProxyProtocolException(
++ "Maximum TLV nesting level reached: " + nestingLevel + " (expected: < " + MAX_NESTING_LEVEL + ')');
++ }
+ // We need at least 4 bytes for a TLV
+ if (header.readableBytes() < 4) {
+ return null;
+@@ -276,7 +282,7 @@ public final class HAProxyMessage {
+
+ final List<HAProxyTLV> encapsulatedTlvs = new ArrayList<HAProxyTLV>(4);
+ do {
+- final HAProxyTLV haProxyTLV = readNextTLV(byteBuf);
++ final HAProxyTLV haProxyTLV = readNextTLV(byteBuf, nestingLevel + 1);
+ if (haProxyTLV == null) {
+ break;
+ }
+diff --git a/codec-haproxy/src/test/java/io/netty/handler/codec/haproxy/HAProxyMessageDecoderTest.java b/codec-haproxy/src/test/java/io/netty/handler/codec/haproxy/HAProxyMessageDecoderTest.java
+index 2d4039d..8d27e4a 100644
+--- a/codec-haproxy/src/test/java/io/netty/handler/codec/haproxy/HAProxyMessageDecoderTest.java
++++ b/codec-haproxy/src/test/java/io/netty/handler/codec/haproxy/HAProxyMessageDecoderTest.java
+@@ -16,6 +16,7 @@
+ package io.netty.handler.codec.haproxy;
+
+ import io.netty.buffer.ByteBuf;
++import io.netty.buffer.Unpooled;
+ import io.netty.channel.ChannelFuture;
+ import io.netty.channel.embedded.EmbeddedChannel;
+ import io.netty.handler.codec.ProtocolDetectionResult;
+@@ -26,6 +27,9 @@ import io.netty.util.CharsetUtil;
+ import org.junit.Before;
+ import org.junit.Test;
+
++import java.io.ByteArrayOutputStream;
++import java.nio.ByteBuffer;
++import java.nio.ByteOrder;
+ import java.util.List;
+
+ import static io.netty.buffer.Unpooled.*;
+@@ -1013,4 +1017,65 @@ public class HAProxyMessageDecoderTest {
+ assertNull(result.detectedProtocol());
+ incompleteHeader.release();
+ }
++
++ @Test
++ public void testNestedTLV() throws Exception {
++ ByteArrayOutputStream headerWriter = new ByteArrayOutputStream();
++ //src_ip = "AAAA", dst_ip = "BBBB", src_port = "CC", dst_port = "DD"
++ headerWriter.write(new byte[] {'A', 'A', 'A', 'A', 'B', 'B', 'B', 'B', 'C', 'C', 'D', 'D'});
++ //write TLVs
++ int countOfTLVs = 8100;
++ ByteBuffer tlvLengthBuf = ByteBuffer.allocate(2);
++ tlvLengthBuf.order(ByteOrder.BIG_ENDIAN);
++ short totalLength = (short) (countOfTLVs * (1 + 2 + 1 + 4));
++ for (int i = 0; i < countOfTLVs; i++) {
++ //write PP2_TYPE_SSL TLV
++ headerWriter.write(0x20); //PP2_TYPE_SSL
++ //notice that the TLV length cannot be bigger than 0xffff
++ totalLength -= 1 + 2; //exclude type and length themselves
++ tlvLengthBuf.clear();
++ tlvLengthBuf.putShort(totalLength);
++ //add to the header
++ headerWriter.write(tlvLengthBuf.array());
++ //write client field
++ headerWriter.write(1);
++ //write verify field
++ headerWriter.write(new byte[] {'V', 'V', 'V', 'V'});
++ //subtract the client and verify fields
++ totalLength -= 1 + 4;
++ }
++ byte[] header = headerWriter.toByteArray();
++ ByteBuffer numsWrite = ByteBuffer.allocate(2);
++ numsWrite.order(ByteOrder.BIG_ENDIAN);
++ numsWrite.putShort((short) header.length);
++
++ final ByteBuf data = Unpooled.buffer();
++ data.writeBytes(new byte[] {
++ (byte) 0x0D,
++ (byte) 0x0A,
++ (byte) 0x0D,
++ (byte) 0x0A,
++ (byte) 0x00,
++ (byte) 0x0D,
++ (byte) 0x0A,
++ (byte) 0x51,
++ (byte) 0x55,
++ (byte) 0x49,
++ (byte) 0x54,
++ (byte) 0x0A
++ });
++ //verCmd = 32
++ byte versionCmd = 0x20 | 1; //V2 | ProxyCmd
++ data.writeByte(versionCmd);
++ data.writeByte(17); //TPAF_TCP4_BYTE
++ data.writeBytes(numsWrite.array());
++ data.writeBytes(header);
++
++ assertThrows(HAProxyProtocolException.class, new Executable() {
++ @Override
++ public void execute() {
++ ch.writeInbound(data);
++ }
++ });
++ }
+ }
=====================================
debian/patches/CVE-2022-41915.patch
=====================================
@@ -0,0 +1,903 @@
+From: Markus Koschany <apo at debian.org>
+Date: Tue, 10 Jan 2023 23:39:17 +0100
+Subject: CVE-2022-41915
+
+Bug-Debian: https://bugs.debian.org/1027180
+Origin: https://github.com/netty/netty/commit/fe18adff1c2b333acb135ab779a3b9ba3295a1c4
+---
+ .../handler/codec/http/DefaultHttpHeadersTest.java | 25 +-
+ .../io/netty/handler/codec/DefaultHeaders.java | 391 +++++++++++++++++----
+ 2 files changed, 346 insertions(+), 70 deletions(-)
+
+diff --git a/codec-http/src/test/java/io/netty/handler/codec/http/DefaultHttpHeadersTest.java b/codec-http/src/test/java/io/netty/handler/codec/http/DefaultHttpHeadersTest.java
+index d0f6c41..44984a7 100644
+--- a/codec-http/src/test/java/io/netty/handler/codec/http/DefaultHttpHeadersTest.java
++++ b/codec-http/src/test/java/io/netty/handler/codec/http/DefaultHttpHeadersTest.java
+@@ -20,7 +20,7 @@ import io.netty.util.AsciiString;
+ import io.netty.util.internal.StringUtil;
+ import org.junit.Test;
+
+-import java.util.Arrays;
++import java.util.Collections;
+ import java.util.Iterator;
+ import java.util.List;
+ import java.util.Set;
+@@ -33,6 +33,7 @@ import static org.junit.Assert.*;
+
+ public class DefaultHttpHeadersTest {
+ private static final CharSequence HEADER_NAME = "testHeader";
++ private static final CharSequence ILLEGAL_VALUE = "testHeader\r\nContent-Length:45\r\n\r\n";
+
+ @Test(expected = IllegalArgumentException.class)
+ public void nullHeaderNameNotAllowed() {
+@@ -206,6 +207,28 @@ public class DefaultHttpHeadersTest {
+ assertDefaultValues(headers, HeaderValue.THREE);
+ }
+
++ @Test
++ public void setCharSequenceValidatesValue() {
++ final DefaultHttpHeaders headers = newDefaultDefaultHttpHeaders();
++ assertThrows(IllegalArgumentException.class, new Executable() {
++ @Override
++ public void execute() throws Throwable {
++ headers.set(HEADER_NAME, ILLEGAL_VALUE);
++ }
++ });
++ }
++
++ @Test
++ public void setIterableValidatesValue() {
++ final DefaultHttpHeaders headers = newDefaultDefaultHttpHeaders();
++ assertThrows(IllegalArgumentException.class, new Executable() {
++ @Override
++ public void execute() throws Throwable {
++ headers.set(HEADER_NAME, Collections.singleton(ILLEGAL_VALUE));
++ }
++ });
++ }
++
+ @Test
+ public void toStringOnEmptyHeaders() {
+ assertEquals("DefaultHttpHeaders[]", newDefaultDefaultHttpHeaders().toString());
+diff --git a/codec/src/main/java/io/netty/handler/codec/DefaultHeaders.java b/codec/src/main/java/io/netty/handler/codec/DefaultHeaders.java
+index df7266d..6abe71b 100644
+--- a/codec/src/main/java/io/netty/handler/codec/DefaultHeaders.java
++++ b/codec/src/main/java/io/netty/handler/codec/DefaultHeaders.java
+@@ -5,7 +5,7 @@
+ * "License"); you may not use this file except in compliance with the License. You may obtain a
+ * copy of the License at:
+ *
+- * http://www.apache.org/licenses/LICENSE-2.0
++ * https://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software distributed under the License
+ * is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express
+@@ -52,6 +52,7 @@ public class DefaultHeaders<K, V, T extends Headers<K, V, T>> implements Headers
+ private final byte hashMask;
+ private final ValueConverter<V> valueConverter;
+ private final NameValidator<K> nameValidator;
++ private final ValueValidator<V> valueValidator;
+ private final HashingStrategy<K> hashingStrategy;
+ int size;
+
+@@ -72,6 +73,22 @@ public class DefaultHeaders<K, V, T extends Headers<K, V, T>> implements Headers
+ };
+ }
+
++ public interface ValueValidator<V> {
++ /**
++ * Validate the given value. If the validation fails, then an implementation specific runtime exception may be
++ * thrown.
++ *
++ * @param value The value to validate.
++ */
++ void validate(V value);
++
++ ValueValidator<?> NO_VALIDATION = new ValueValidator<Object>() {
++ @Override
++ public void validate(Object value) {
++ }
++ };
++ }
++
+ @SuppressWarnings("unchecked")
+ public DefaultHeaders(ValueConverter<V> valueConverter) {
+ this(JAVA_HASHER, valueConverter);
+@@ -102,13 +119,30 @@ public class DefaultHeaders<K, V, T extends Headers<K, V, T>> implements Headers
+ */
+ @SuppressWarnings("unchecked")
+ public DefaultHeaders(HashingStrategy<K> nameHashingStrategy,
+- ValueConverter<V> valueConverter, NameValidator<K> nameValidator, int arraySizeHint) {
++ ValueConverter<V> valueConverter, NameValidator<K> nameValidator, int arraySizeHint) {
++ this(nameHashingStrategy, valueConverter, nameValidator, arraySizeHint,
++ (ValueValidator<V>) ValueValidator.NO_VALIDATION);
++ }
++
++ /**
++ * Create a new instance.
++ * @param nameHashingStrategy Used to hash and equality compare names.
++ * @param valueConverter Used to convert values to/from native types.
++ * @param nameValidator Used to validate name elements.
++ * @param arraySizeHint A hint as to how large the hash data structure should be.
++ * The next positive power of two will be used. An upper bound may be enforced.
++ * @param valueValidator The validation strategy for entry values.
++ */
++ @SuppressWarnings("unchecked")
++ public DefaultHeaders(HashingStrategy<K> nameHashingStrategy, ValueConverter<V> valueConverter,
++ NameValidator<K> nameValidator, int arraySizeHint, ValueValidator<V> valueValidator) {
+ this.valueConverter = checkNotNull(valueConverter, "valueConverter");
+ this.nameValidator = checkNotNull(nameValidator, "nameValidator");
+- this.hashingStrategy = checkNotNull(nameHashingStrategy, "nameHashingStrategy");
++ hashingStrategy = checkNotNull(nameHashingStrategy, "nameHashingStrategy");
++ this.valueValidator = checkNotNull(valueValidator, "valueValidator");
+ // Enforce a bound of [2, 128] because hashMask is a byte. The max possible value of hashMask is one less
+ // than the length of this array, and we want the mask to be > 0.
+- entries = new DefaultHeaders.HeaderEntry[findNextPositivePowerOfTwo(max(2, min(arraySizeHint, 128)))];
++ entries = new HeaderEntry[findNextPositivePowerOfTwo(max(2, min(arraySizeHint, 128)))];
+ hashMask = (byte) (entries.length - 1);
+ head = new HeaderEntry<K, V>();
+ }
+@@ -197,52 +231,52 @@ public class DefaultHeaders<K, V, T extends Headers<K, V, T>> implements Headers
+
+ @Override
+ public boolean containsObject(K name, Object value) {
+- return contains(name, valueConverter.convertObject(checkNotNull(value, "value")));
++ return contains(name, fromObject(name, value));
+ }
+
+ @Override
+ public boolean containsBoolean(K name, boolean value) {
+- return contains(name, valueConverter.convertBoolean(value));
++ return contains(name, fromBoolean(name, value));
+ }
+
+ @Override
+ public boolean containsByte(K name, byte value) {
+- return contains(name, valueConverter.convertByte(value));
++ return contains(name, fromByte(name, value));
+ }
+
+ @Override
+ public boolean containsChar(K name, char value) {
+- return contains(name, valueConverter.convertChar(value));
++ return contains(name, fromChar(name, value));
+ }
+
+ @Override
+ public boolean containsShort(K name, short value) {
+- return contains(name, valueConverter.convertShort(value));
++ return contains(name, fromShort(name, value));
+ }
+
+ @Override
+ public boolean containsInt(K name, int value) {
+- return contains(name, valueConverter.convertInt(value));
++ return contains(name, fromInt(name, value));
+ }
+
+ @Override
+ public boolean containsLong(K name, long value) {
+- return contains(name, valueConverter.convertLong(value));
++ return contains(name, fromLong(name, value));
+ }
+
+ @Override
+ public boolean containsFloat(K name, float value) {
+- return contains(name, valueConverter.convertFloat(value));
++ return contains(name, fromFloat(name, value));
+ }
+
+ @Override
+ public boolean containsDouble(K name, double value) {
+- return contains(name, valueConverter.convertDouble(value));
++ return contains(name, fromDouble(name, value));
+ }
+
+ @Override
+ public boolean containsTimeMillis(K name, long value) {
+- return contains(name, valueConverter.convertTimeMillis(value));
++ return contains(name, fromTimeMillis(name, value));
+ }
+
+ @SuppressWarnings("unchecked")
+@@ -292,7 +326,8 @@ public class DefaultHeaders<K, V, T extends Headers<K, V, T>> implements Headers
+
+ @Override
+ public T add(K name, V value) {
+- nameValidator.validateName(name);
++ validateName(nameValidator, true, name);
++ validateValue(valueValidator, name, value);
+ checkNotNull(value, "value");
+ int h = hashingStrategy.hashCode(name);
+ int i = index(h);
+@@ -302,10 +337,11 @@ public class DefaultHeaders<K, V, T extends Headers<K, V, T>> implements Headers
+
+ @Override
+ public T add(K name, Iterable<? extends V> values) {
+- nameValidator.validateName(name);
++ validateName(nameValidator, true, name);
+ int h = hashingStrategy.hashCode(name);
+ int i = index(h);
+ for (V v: values) {
++ validateValue(valueValidator, name, v);
+ add0(h, i, name, v);
+ }
+ return thisT();
+@@ -313,10 +349,11 @@ public class DefaultHeaders<K, V, T extends Headers<K, V, T>> implements Headers
+
+ @Override
+ public T add(K name, V... values) {
+- nameValidator.validateName(name);
++ validateName(nameValidator, true, name);
+ int h = hashingStrategy.hashCode(name);
+ int i = index(h);
+ for (V v: values) {
++ validateValue(valueValidator, name, v);
+ add0(h, i, name, v);
+ }
+ return thisT();
+@@ -324,7 +361,7 @@ public class DefaultHeaders<K, V, T extends Headers<K, V, T>> implements Headers
+
+ @Override
+ public T addObject(K name, Object value) {
+- return add(name, valueConverter.convertObject(checkNotNull(value, "value")));
++ return add(name, fromObject(name, value));
+ }
+
+ @Override
+@@ -345,47 +382,47 @@ public class DefaultHeaders<K, V, T extends Headers<K, V, T>> implements Headers
+
+ @Override
+ public T addInt(K name, int value) {
+- return add(name, valueConverter.convertInt(value));
++ return add(name, fromInt(name, value));
+ }
+
+ @Override
+ public T addLong(K name, long value) {
+- return add(name, valueConverter.convertLong(value));
++ return add(name, fromLong(name, value));
+ }
+
+ @Override
+ public T addDouble(K name, double value) {
+- return add(name, valueConverter.convertDouble(value));
++ return add(name, fromDouble(name, value));
+ }
+
+ @Override
+ public T addTimeMillis(K name, long value) {
+- return add(name, valueConverter.convertTimeMillis(value));
++ return add(name, fromTimeMillis(name, value));
+ }
+
+ @Override
+ public T addChar(K name, char value) {
+- return add(name, valueConverter.convertChar(value));
++ return add(name, fromChar(name, value));
+ }
+
+ @Override
+ public T addBoolean(K name, boolean value) {
+- return add(name, valueConverter.convertBoolean(value));
++ return add(name, fromBoolean(name, value));
+ }
+
+ @Override
+ public T addFloat(K name, float value) {
+- return add(name, valueConverter.convertFloat(value));
++ return add(name, fromFloat(name, value));
+ }
+
+ @Override
+ public T addByte(K name, byte value) {
+- return add(name, valueConverter.convertByte(value));
++ return add(name, fromByte(name, value));
+ }
+
+ @Override
+ public T addShort(K name, short value) {
+- return add(name, valueConverter.convertShort(value));
++ return add(name, fromShort(name, value));
+ }
+
+ @Override
+@@ -427,7 +464,8 @@ public class DefaultHeaders<K, V, T extends Headers<K, V, T>> implements Headers
+
+ @Override
+ public T set(K name, V value) {
+- nameValidator.validateName(name);
++ validateName(nameValidator, false, name);
++ validateValue(valueValidator, name, value);
+ checkNotNull(value, "value");
+ int h = hashingStrategy.hashCode(name);
+ int i = index(h);
+@@ -438,7 +476,7 @@ public class DefaultHeaders<K, V, T extends Headers<K, V, T>> implements Headers
+
+ @Override
+ public T set(K name, Iterable<? extends V> values) {
+- nameValidator.validateName(name);
++ validateName(nameValidator, false, name);
+ checkNotNull(values, "values");
+
+ int h = hashingStrategy.hashCode(name);
+@@ -449,6 +487,7 @@ public class DefaultHeaders<K, V, T extends Headers<K, V, T>> implements Headers
+ if (v == null) {
+ break;
+ }
++ validateValue(valueValidator, name, v);
+ add0(h, i, name, v);
+ }
+
+@@ -457,7 +496,7 @@ public class DefaultHeaders<K, V, T extends Headers<K, V, T>> implements Headers
+
+ @Override
+ public T set(K name, V... values) {
+- nameValidator.validateName(name);
++ validateName(nameValidator, false, name);
+ checkNotNull(values, "values");
+
+ int h = hashingStrategy.hashCode(name);
+@@ -468,6 +507,7 @@ public class DefaultHeaders<K, V, T extends Headers<K, V, T>> implements Headers
+ if (v == null) {
+ break;
+ }
++ validateValue(valueValidator, name, v);
+ add0(h, i, name, v);
+ }
+
+@@ -476,14 +516,13 @@ public class DefaultHeaders<K, V, T extends Headers<K, V, T>> implements Headers
+
+ @Override
+ public T setObject(K name, Object value) {
+- checkNotNull(value, "value");
+- V convertedValue = checkNotNull(valueConverter.convertObject(value), "convertedValue");
++ V convertedValue = checkNotNull(fromObject(name, value), "convertedValue");
+ return set(name, convertedValue);
+ }
+
+ @Override
+ public T setObject(K name, Iterable<?> values) {
+- nameValidator.validateName(name);
++ validateName(nameValidator, false, name);
+
+ int h = hashingStrategy.hashCode(name);
+ int i = index(h);
+@@ -493,7 +532,9 @@ public class DefaultHeaders<K, V, T extends Headers<K, V, T>> implements Headers
+ if (v == null) {
+ break;
+ }
+- add0(h, i, name, valueConverter.convertObject(v));
++ V converted = fromObject(name, v);
++ validateValue(valueValidator, name, converted);
++ add0(h, i, name, converted);
+ }
+
+ return thisT();
+@@ -501,7 +542,7 @@ public class DefaultHeaders<K, V, T extends Headers<K, V, T>> implements Headers
+
+ @Override
+ public T setObject(K name, Object... values) {
+- nameValidator.validateName(name);
++ validateName(nameValidator, false, name);
+
+ int h = hashingStrategy.hashCode(name);
+ int i = index(h);
+@@ -511,7 +552,9 @@ public class DefaultHeaders<K, V, T extends Headers<K, V, T>> implements Headers
+ if (v == null) {
+ break;
+ }
+- add0(h, i, name, valueConverter.convertObject(v));
++ V converted = fromObject(name, v);
++ validateValue(valueValidator, name, converted);
++ add0(h, i, name, converted);
+ }
+
+ return thisT();
+@@ -519,47 +562,47 @@ public class DefaultHeaders<K, V, T extends Headers<K, V, T>> implements Headers
+
+ @Override
+ public T setInt(K name, int value) {
+- return set(name, valueConverter.convertInt(value));
++ return set(name, fromInt(name, value));
+ }
+
+ @Override
+ public T setLong(K name, long value) {
+- return set(name, valueConverter.convertLong(value));
++ return set(name, fromLong(name, value));
+ }
+
+ @Override
+ public T setDouble(K name, double value) {
+- return set(name, valueConverter.convertDouble(value));
++ return set(name, fromDouble(name, value));
+ }
+
+ @Override
+ public T setTimeMillis(K name, long value) {
+- return set(name, valueConverter.convertTimeMillis(value));
++ return set(name, fromTimeMillis(name, value));
+ }
+
+ @Override
+ public T setFloat(K name, float value) {
+- return set(name, valueConverter.convertFloat(value));
++ return set(name, fromFloat(name, value));
+ }
+
+ @Override
+ public T setChar(K name, char value) {
+- return set(name, valueConverter.convertChar(value));
++ return set(name, fromChar(name, value));
+ }
+
+ @Override
+ public T setBoolean(K name, boolean value) {
+- return set(name, valueConverter.convertBoolean(value));
++ return set(name, fromBoolean(name, value));
+ }
+
+ @Override
+ public T setByte(K name, byte value) {
+- return set(name, valueConverter.convertByte(value));
++ return set(name, fromByte(name, value));
+ }
+
+ @Override
+ public T setShort(K name, short value) {
+- return set(name, valueConverter.convertShort(value));
++ return set(name, fromShort(name, value));
+ }
+
+ @Override
+@@ -604,7 +647,7 @@ public class DefaultHeaders<K, V, T extends Headers<K, V, T>> implements Headers
+ public Boolean getBoolean(K name) {
+ V v = get(name);
+ try {
+- return v != null ? valueConverter.convertToBoolean(v) : null;
++ return v != null ? toBoolean(name, v) : null;
+ } catch (RuntimeException ignore) {
+ return null;
+ }
+@@ -620,7 +663,7 @@ public class DefaultHeaders<K, V, T extends Headers<K, V, T>> implements Headers
+ public Byte getByte(K name) {
+ V v = get(name);
+ try {
+- return v != null ? valueConverter.convertToByte(v) : null;
++ return v != null ? toByte(name, v) : null;
+ } catch (RuntimeException ignore) {
+ return null;
+ }
+@@ -636,7 +679,7 @@ public class DefaultHeaders<K, V, T extends Headers<K, V, T>> implements Headers
+ public Character getChar(K name) {
+ V v = get(name);
+ try {
+- return v != null ? valueConverter.convertToChar(v) : null;
++ return v != null ? toChar(name, v) : null;
+ } catch (RuntimeException ignore) {
+ return null;
+ }
+@@ -652,7 +695,7 @@ public class DefaultHeaders<K, V, T extends Headers<K, V, T>> implements Headers
+ public Short getShort(K name) {
+ V v = get(name);
+ try {
+- return v != null ? valueConverter.convertToShort(v) : null;
++ return v != null ? toShort(name, v) : null;
+ } catch (RuntimeException ignore) {
+ return null;
+ }
+@@ -668,7 +711,7 @@ public class DefaultHeaders<K, V, T extends Headers<K, V, T>> implements Headers
+ public Integer getInt(K name) {
+ V v = get(name);
+ try {
+- return v != null ? valueConverter.convertToInt(v) : null;
++ return v != null ? toInt(name, v) : null;
+ } catch (RuntimeException ignore) {
+ return null;
+ }
+@@ -684,7 +727,7 @@ public class DefaultHeaders<K, V, T extends Headers<K, V, T>> implements Headers
+ public Long getLong(K name) {
+ V v = get(name);
+ try {
+- return v != null ? valueConverter.convertToLong(v) : null;
++ return v != null ? toLong(name, v) : null;
+ } catch (RuntimeException ignore) {
+ return null;
+ }
+@@ -700,7 +743,7 @@ public class DefaultHeaders<K, V, T extends Headers<K, V, T>> implements Headers
+ public Float getFloat(K name) {
+ V v = get(name);
+ try {
+- return v != null ? valueConverter.convertToFloat(v) : null;
++ return v != null ? toFloat(name, v) : null;
+ } catch (RuntimeException ignore) {
+ return null;
+ }
+@@ -716,7 +759,7 @@ public class DefaultHeaders<K, V, T extends Headers<K, V, T>> implements Headers
+ public Double getDouble(K name) {
+ V v = get(name);
+ try {
+- return v != null ? valueConverter.convertToDouble(v) : null;
++ return v != null ? toDouble(name, v) : null;
+ } catch (RuntimeException ignore) {
+ return null;
+ }
+@@ -732,7 +775,7 @@ public class DefaultHeaders<K, V, T extends Headers<K, V, T>> implements Headers
+ public Long getTimeMillis(K name) {
+ V v = get(name);
+ try {
+- return v != null ? valueConverter.convertToTimeMillis(v) : null;
++ return v != null ? toTimeMillis(name, v) : null;
+ } catch (RuntimeException ignore) {
+ return null;
+ }
+@@ -748,7 +791,7 @@ public class DefaultHeaders<K, V, T extends Headers<K, V, T>> implements Headers
+ public Boolean getBooleanAndRemove(K name) {
+ V v = getAndRemove(name);
+ try {
+- return v != null ? valueConverter.convertToBoolean(v) : null;
++ return v != null ? toBoolean(name, v) : null;
+ } catch (RuntimeException ignore) {
+ return null;
+ }
+@@ -764,7 +807,7 @@ public class DefaultHeaders<K, V, T extends Headers<K, V, T>> implements Headers
+ public Byte getByteAndRemove(K name) {
+ V v = getAndRemove(name);
+ try {
+- return v != null ? valueConverter.convertToByte(v) : null;
++ return v != null ? toByte(name, v) : null;
+ } catch (RuntimeException ignore) {
+ return null;
+ }
+@@ -780,7 +823,7 @@ public class DefaultHeaders<K, V, T extends Headers<K, V, T>> implements Headers
+ public Character getCharAndRemove(K name) {
+ V v = getAndRemove(name);
+ try {
+- return v != null ? valueConverter.convertToChar(v) : null;
++ return v != null ? toChar(name, v) : null;
+ } catch (RuntimeException ignore) {
+ return null;
+ }
+@@ -796,7 +839,7 @@ public class DefaultHeaders<K, V, T extends Headers<K, V, T>> implements Headers
+ public Short getShortAndRemove(K name) {
+ V v = getAndRemove(name);
+ try {
+- return v != null ? valueConverter.convertToShort(v) : null;
++ return v != null ? toShort(name, v) : null;
+ } catch (RuntimeException ignore) {
+ return null;
+ }
+@@ -812,7 +855,7 @@ public class DefaultHeaders<K, V, T extends Headers<K, V, T>> implements Headers
+ public Integer getIntAndRemove(K name) {
+ V v = getAndRemove(name);
+ try {
+- return v != null ? valueConverter.convertToInt(v) : null;
++ return v != null ? toInt(name, v) : null;
+ } catch (RuntimeException ignore) {
+ return null;
+ }
+@@ -828,7 +871,7 @@ public class DefaultHeaders<K, V, T extends Headers<K, V, T>> implements Headers
+ public Long getLongAndRemove(K name) {
+ V v = getAndRemove(name);
+ try {
+- return v != null ? valueConverter.convertToLong(v) : null;
++ return v != null ? toLong(name, v) : null;
+ } catch (RuntimeException ignore) {
+ return null;
+ }
+@@ -844,7 +887,7 @@ public class DefaultHeaders<K, V, T extends Headers<K, V, T>> implements Headers
+ public Float getFloatAndRemove(K name) {
+ V v = getAndRemove(name);
+ try {
+- return v != null ? valueConverter.convertToFloat(v) : null;
++ return v != null ? toFloat(name, v) : null;
+ } catch (RuntimeException ignore) {
+ return null;
+ }
+@@ -860,7 +903,7 @@ public class DefaultHeaders<K, V, T extends Headers<K, V, T>> implements Headers
+ public Double getDoubleAndRemove(K name) {
+ V v = getAndRemove(name);
+ try {
+- return v != null ? valueConverter.convertToDouble(v) : null;
++ return v != null ? toDouble(name, v) : null;
+ } catch (RuntimeException ignore) {
+ return null;
+ }
+@@ -876,7 +919,7 @@ public class DefaultHeaders<K, V, T extends Headers<K, V, T>> implements Headers
+ public Long getTimeMillisAndRemove(K name) {
+ V v = getAndRemove(name);
+ try {
+- return v != null ? valueConverter.convertToTimeMillis(v) : null;
++ return v != null ? toTimeMillis(name, v) : null;
+ } catch (RuntimeException ignore) {
+ return null;
+ }
+@@ -957,6 +1000,22 @@ public class DefaultHeaders<K, V, T extends Headers<K, V, T>> implements Headers
+ return HeadersUtils.toString(getClass(), iterator(), size());
+ }
+
++ /**
++ * Call out to the given {@link NameValidator} to validate the given name.
++ *
++ * @param validator the validator to use
++ * @param forAdd {@code true } if this validation is for adding to the headers, or {@code false} if this is for
++ * setting (overwriting) the given header.
++ * @param name the name to validate.
++ */
++ protected void validateName(NameValidator<K> validator, boolean forAdd, K name) {
++ validator.validateName(name);
++ }
++
++ protected void validateValue(ValueValidator<V> validator, K name, V value) {
++ validator.validate(value);
++ }
++
+ protected HeaderEntry<K, V> newHeaderEntry(int h, K name, V value, HeaderEntry<K, V> next) {
+ return new HeaderEntry<K, V>(h, name, value, next, head);
+ }
+@@ -965,6 +1024,14 @@ public class DefaultHeaders<K, V, T extends Headers<K, V, T>> implements Headers
+ return valueConverter;
+ }
+
++ protected NameValidator<K> nameValidator() {
++ return nameValidator;
++ }
++
++ protected ValueValidator<V> valueValidator() {
++ return valueValidator;
++ }
++
+ private int index(int hash) {
+ return hash & hashMask;
+ }
+@@ -1012,11 +1079,188 @@ public class DefaultHeaders<K, V, T extends Headers<K, V, T>> implements Headers
+ return value;
+ }
+
++ HeaderEntry<K, V> remove0(HeaderEntry<K, V> entry, HeaderEntry<K, V> previous) {
++ int i = index(entry.hash);
++ HeaderEntry<K, V> firstEntry = entries[i];
++ if (firstEntry == entry) {
++ entries[i] = entry.next;
++ previous = entries[i];
++ } else if (previous == null) {
++ // If we don't have any existing starting point, then start from the beginning.
++ previous = firstEntry;
++ HeaderEntry<K, V> next = firstEntry.next;
++ while (next != null && next != entry) {
++ previous = next;
++ next = next.next;
++ }
++ assert next != null: "Entry not found in its hash bucket: " + entry;
++ previous.next = entry.next;
++ } else {
++ previous.next = entry.next;
++ }
++ entry.remove();
++ --size;
++ return previous;
++ }
++
+ @SuppressWarnings("unchecked")
+ private T thisT() {
+ return (T) this;
+ }
+
++ private V fromObject(K name, Object value) {
++ try {
++ return valueConverter.convertObject(checkNotNull(value, "value"));
++ } catch (IllegalArgumentException e) {
++ throw new IllegalArgumentException("Failed to convert object value for header '" + name + '\'', e);
++ }
++ }
++
++ private V fromBoolean(K name, boolean value) {
++ try {
++ return valueConverter.convertBoolean(value);
++ } catch (IllegalArgumentException e) {
++ throw new IllegalArgumentException("Failed to convert boolean value for header '" + name + '\'', e);
++ }
++ }
++
++ private V fromByte(K name, byte value) {
++ try {
++ return valueConverter.convertByte(value);
++ } catch (IllegalArgumentException e) {
++ throw new IllegalArgumentException("Failed to convert byte value for header '" + name + '\'', e);
++ }
++ }
++
++ private V fromChar(K name, char value) {
++ try {
++ return valueConverter.convertChar(value);
++ } catch (IllegalArgumentException e) {
++ throw new IllegalArgumentException("Failed to convert char value for header '" + name + '\'', e);
++ }
++ }
++
++ private V fromShort(K name, short value) {
++ try {
++ return valueConverter.convertShort(value);
++ } catch (IllegalArgumentException e) {
++ throw new IllegalArgumentException("Failed to convert short value for header '" + name + '\'', e);
++ }
++ }
++
++ private V fromInt(K name, int value) {
++ try {
++ return valueConverter.convertInt(value);
++ } catch (IllegalArgumentException e) {
++ throw new IllegalArgumentException("Failed to convert int value for header '" + name + '\'', e);
++ }
++ }
++
++ private V fromLong(K name, long value) {
++ try {
++ return valueConverter.convertLong(value);
++ } catch (IllegalArgumentException e) {
++ throw new IllegalArgumentException("Failed to convert long value for header '" + name + '\'', e);
++ }
++ }
++
++ private V fromFloat(K name, float value) {
++ try {
++ return valueConverter.convertFloat(value);
++ } catch (IllegalArgumentException e) {
++ throw new IllegalArgumentException("Failed to convert float value for header '" + name + '\'', e);
++ }
++ }
++
++ private V fromDouble(K name, double value) {
++ try {
++ return valueConverter.convertDouble(value);
++ } catch (IllegalArgumentException e) {
++ throw new IllegalArgumentException("Failed to convert double value for header '" + name + '\'', e);
++ }
++ }
++
++ private V fromTimeMillis(K name, long value) {
++ try {
++ return valueConverter.convertTimeMillis(value);
++ } catch (IllegalArgumentException e) {
++ throw new IllegalArgumentException("Failed to convert millsecond value for header '" + name + '\'', e);
++ }
++ }
++
++ private boolean toBoolean(K name, V value) {
++ try {
++ return valueConverter.convertToBoolean(value);
++ } catch (IllegalArgumentException e) {
++ throw new IllegalArgumentException("Failed to convert header value to boolean for header '" + name + '\'');
++ }
++ }
++
++ private byte toByte(K name, V value) {
++ try {
++ return valueConverter.convertToByte(value);
++ } catch (IllegalArgumentException e) {
++ throw new IllegalArgumentException("Failed to convert header value to byte for header '" + name + '\'');
++ }
++ }
++
++ private char toChar(K name, V value) {
++ try {
++ return valueConverter.convertToChar(value);
++ } catch (IllegalArgumentException e) {
++ throw new IllegalArgumentException("Failed to convert header value to char for header '" + name + '\'');
++ }
++ }
++
++ private short toShort(K name, V value) {
++ try {
++ return valueConverter.convertToShort(value);
++ } catch (IllegalArgumentException e) {
++ throw new IllegalArgumentException("Failed to convert header value to short for header '" + name + '\'');
++ }
++ }
++
++ private int toInt(K name, V value) {
++ try {
++ return valueConverter.convertToInt(value);
++ } catch (IllegalArgumentException e) {
++ throw new IllegalArgumentException("Failed to convert header value to int for header '" + name + '\'');
++ }
++ }
++
++ private long toLong(K name, V value) {
++ try {
++ return valueConverter.convertToLong(value);
++ } catch (IllegalArgumentException e) {
++ throw new IllegalArgumentException("Failed to convert header value to long for header '" + name + '\'');
++ }
++ }
++
++ private float toFloat(K name, V value) {
++ try {
++ return valueConverter.convertToFloat(value);
++ } catch (IllegalArgumentException e) {
++ throw new IllegalArgumentException("Failed to convert header value to float for header '" + name + '\'');
++ }
++ }
++
++ private double toDouble(K name, V value) {
++ try {
++ return valueConverter.convertToDouble(value);
++ } catch (IllegalArgumentException e) {
++ throw new IllegalArgumentException("Failed to convert header value to double for header '" + name + '\'');
++ }
++ }
++
++ private long toTimeMillis(K name, V value) {
++ try {
++ return valueConverter.convertToTimeMillis(value);
++ } catch (IllegalArgumentException e) {
++ throw new IllegalArgumentException(
++ "Failed to convert header value to millsecond for header '" + name + '\'');
++ }
++ }
++
+ /**
+ * Returns a deep copy of this instance.
+ */
+@@ -1027,7 +1271,7 @@ public class DefaultHeaders<K, V, T extends Headers<K, V, T>> implements Headers
+ return copy;
+ }
+
+- private final class HeaderIterator implements Iterator<Map.Entry<K, V>> {
++ private final class HeaderIterator implements Iterator<Entry<K, V>> {
+ private HeaderEntry<K, V> current = head;
+
+ @Override
+@@ -1055,6 +1299,8 @@ public class DefaultHeaders<K, V, T extends Headers<K, V, T>> implements Headers
+ private final class ValueIterator implements Iterator<V> {
+ private final K name;
+ private final int hash;
++ private HeaderEntry<K, V> removalPrevious;
++ private HeaderEntry<K, V> previous;
+ private HeaderEntry<K, V> next;
+
+ ValueIterator(K name) {
+@@ -1073,14 +1319,21 @@ public class DefaultHeaders<K, V, T extends Headers<K, V, T>> implements Headers
+ if (!hasNext()) {
+ throw new NoSuchElementException();
+ }
+- HeaderEntry<K, V> current = next;
++ if (previous != null) {
++ removalPrevious = previous;
++ }
++ previous = next;
+ calculateNext(next.next);
+- return current.value;
++ return previous.value;
+ }
+
+ @Override
+ public void remove() {
+- throw new UnsupportedOperationException("read only");
++ if (previous == null) {
++ throw new IllegalStateException();
++ }
++ removalPrevious = remove0(previous, removalPrevious);
++ previous = null;
+ }
+
+ private void calculateNext(HeaderEntry<K, V> entry) {
+@@ -1095,7 +1348,7 @@ public class DefaultHeaders<K, V, T extends Headers<K, V, T>> implements Headers
+ }
+ }
+
+- protected static class HeaderEntry<K, V> implements Map.Entry<K, V> {
++ protected static class HeaderEntry<K, V> implements Entry<K, V> {
+ protected final int hash;
+ protected final K key;
+ protected V value;
+@@ -1176,7 +1429,7 @@ public class DefaultHeaders<K, V, T extends Headers<K, V, T>> implements Headers
+ if (!(o instanceof Map.Entry)) {
+ return false;
+ }
+- Map.Entry<?, ?> other = (Map.Entry<?, ?>) o;
++ Entry<?, ?> other = (Entry<?, ?>) o;
+ return (getKey() == null ? other.getKey() == null : getKey().equals(other.getKey())) &&
+ (getValue() == null ? other.getValue() == null : getValue().equals(other.getValue()));
+ }
=====================================
debian/patches/series
=====================================
@@ -18,3 +18,8 @@ CVE-2020-11612.patch
CVE-2021-21290.patch
CVE-2021-21295.patch
CVE-2021-21409.patch
+CVE-2021-37136.patch
+CVE-2021-37137.patch
+CVE-2021-43797.patch
+CVE-2022-41881.patch
+CVE-2022-41915.patch
View it on GitLab: https://salsa.debian.org/java-team/netty/-/compare/c9d651daeca3303cb9d659b41b18e8b6411ee77b...95a586050ebca67868165377a7b8d7b55b790f4f
--
View it on GitLab: https://salsa.debian.org/java-team/netty/-/compare/c9d651daeca3303cb9d659b41b18e8b6411ee77b...95a586050ebca67868165377a7b8d7b55b790f4f
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/pkg-java-commits/attachments/20230111/486d23ae/attachment.htm>
More information about the pkg-java-commits
mailing list