!50 fix CVE-2025-0838

From: @xinghe_1 
Reviewed-by: @yanan-rock 
Signed-off-by: @yanan-rock

0001-add-loongarch-suopport-for-abseil-cpp.patch

@@ -0,0 +1,34 @@
+From a8c98703c8b7b1fc3ae104dce0bfd05dc92a1d7d Mon Sep 17 00:00:00 2001
+From: Wenlong Zhang <zhangwenlong@loongson.cn> Huang Yang <huangyang@loongson.cn>
+Date: Mon, 14 Nov 2022 11:48:49 +0000
+Subject: [PATCH] add loongarch suopport for abseil-cpp
+
+Signed-off-by: Wenlong Zhang <zhangwenlong@loongson.cn>
+---
+ absl/base/internal/direct_mmap.h | 3 ++-
+ 1 file changed, 2 insertions(+), 1 deletion(-)
+
+diff --git a/absl/base/internal/direct_mmap.h b/absl/base/internal/direct_mmap.h
+index e492bb0..d11a64e 100644
+--- a/absl/base/internal/direct_mmap.h
++++ b/absl/base/internal/direct_mmap.h
+@@ -79,6 +79,7 @@ inline void* DirectMmap(void* start, size_t length, int prot, int flags, int fd,
+     (defined(__mips__) && _MIPS_SIM == _MIPS_SIM_ABI32) ||                   \
+     (defined(__PPC__) && !defined(__PPC64__)) ||                             \
+     (defined(__riscv) && __riscv_xlen == 32) ||                              \
++    defined(__loongarch64)	||					     \
+     (defined(__s390__) && !defined(__s390x__)) ||                            \
+     (defined(__sparc__) && !defined(__arch64__))
+   // On these architectures, implement mmap with mmap2.
+@@ -100,7 +101,7 @@ inline void* DirectMmap(void* start, size_t length, int prot, int flags, int fd,
+   return __mmap2(start, length, prot, flags, fd, offset / pagesize);
+ #else
+   return reinterpret_cast<void*>(
+-      syscall(SYS_mmap2, start, length, prot, flags, fd,
++      syscall(SYS_mmap, start, length, prot, flags, fd,
+               static_cast<off_t>(offset / pagesize)));
+ #endif
+ #elif defined(__s390x__)
+-- 
+2.33.0
+

abseil-cpp-20210324.2-sw.patch

@@ -0,0 +1,12 @@
+diff -Naur abseil-cpp-20210324.2.org/absl/debugging/internal/examine_stack.cc abseil-cpp-20210324.2.sw/absl/debugging/internal/examine_stack.cc
+--- abseil-cpp-20210324.2.org/absl/debugging/internal/examine_stack.cc	2022-03-10 01:13:54.492357080 +0000
++++ abseil-cpp-20210324.2.sw/absl/debugging/internal/examine_stack.cc	2022-03-10 01:15:26.202357080 +0000
+@@ -46,7 +46,7 @@
+     ucontext_t* context = reinterpret_cast<ucontext_t*>(vuc);
+ #if defined(__aarch64__)
+     return reinterpret_cast<void*>(context->uc_mcontext.pc);
+-#elif defined(__alpha__)
++#elif defined(__alpha__) || defined(__sw_64__)
+     return reinterpret_cast<void*>(context->uc_mcontext.sc_pc);
+ #elif defined(__arm__)
+     return reinterpret_cast<void*>(context->uc_mcontext.arm_pc);

abseil-cpp.spec

@@ -2,17 +2,26 @@
 %undefine __cmake_in_source_build
 
 # Installed library version
-%global lib_version 2103.0.1
+%global lib_version 2206.0.0
 
 Name:           abseil-cpp
-Version:        20210324.2
-Release:        1
+Version:        20220623.1
+Release:        6
 Summary:        C++ Common Libraries
 
 License:        ASL 2.0
 URL:            https://abseil.io
 Source0:        https://github.com/abseil/abseil-cpp/archive/%{version}/%{name}-%{version}.tar.gz
 
+Patch0:         backport-Do-not-leak-maes-msse4.1-into-pkgconfig.patch
+Patch1:         abseil-cpp-20210324.2-sw.patch
+Patch2:         backport-Add-missing-include-for-std-unique_ptr.patch
+Patch3:         backport-CVE-2025-0838.patch
+
+%ifarch loongarch64
+Patch100:	0001-add-loongarch-suopport-for-abseil-cpp.patch
+%endif
+
 BuildRequires:  cmake
 BuildRequires:  gcc-c++
 BuildRequires:  make
@@ -61,5 +70,32 @@ Development headers for %{name}
 %{_libdir}/pkgconfig/*.pc
 
 %changelog
+* Mon Feb 24 2025 xinghe <xinghe2@h-partners.com> - 20220623.1-6
+- Type:cves
+- CVE:CVE-2025-0838
+- SUG:NA
+- DESC:fix CVE-2025-0838
+
+* Tue Apr 16 2024 xinghe <xinghe2@h-partners.com> - 20220623.1-5
+- Type:bugfix
+- CVE:NA
+- SUG:NA
+- DESC:Add missing include for std::unique_ptr
+
+* Mon Nov 14 2022 Wenlong Zhang <zhangwenlong@loongson.cn> - 20220623.1-3
+- add loongarch support for abseil-cpp
+
+* Fri Nov 11 2022 wuzx<wuzx1226@qq.com> - 20220623.1-2
+- Type:feature
+- CVE:NA
+- SUG:NA
+- DESC:Add sw64 architecture
+
+* Wed Nov 02 2022 xinghe <xinghe2@h-partners.com> - 20220623.1-1
+- Type:enhancement
+- ID:NA
+- SUG:NA
+- DESC: update to 20220623.1
+
 * Wed Jun 23 2021 gaihuiying <gaihuiying1@huawei.com> - 20210324.2-1
 - package init

backport-Add-missing-include-for-std-unique_ptr.patch

@@ -0,0 +1,26 @@
+From 701185dbce17a2f49334027ca3cb5788a5d06c6d Mon Sep 17 00:00:00 2001
+From: Abseil Team <absl-team@google.com>
+Date: Fri, 22 Jul 2022 12:41:32 -0700
+Subject: [PATCH] Add missing include for std::unique_ptr
+
+PiperOrigin-RevId: 462681925
+Change-Id: Ic5610cb4124b7f60a00817ca2f1d52674b27c168
+
+Conflict: NA
+Reference: https://github.com/abseil/abseil-cpp/commit/701185dbce17a2f49334027ca3cb5788a5d06c6d
+---
+ absl/status/internal/status_internal.h | 1 +
+ 1 file changed, 1 insertion(+)
+
+diff --git a/absl/status/internal/status_internal.h b/absl/status/internal/status_internal.h
+index 19a4a7aaa09..873eb5c245d 100644
+--- a/absl/status/internal/status_internal.h
++++ b/absl/status/internal/status_internal.h
+@@ -14,6 +14,7 @@
+ #ifndef ABSL_STATUS_INTERNAL_STATUS_INTERNAL_H_
+ #define ABSL_STATUS_INTERNAL_STATUS_INTERNAL_H_
+ 
++#include <memory>
+ #include <string>
+ #include <utility>
+ 

backport-CVE-2025-0838.patch

@@ -0,0 +1,110 @@
+From 3c4b18dc14949d1c6dac8bae2e459c71b21e3416 Mon Sep 17 00:00:00 2001
+From: Derek Mauro <dmauro@google.com>
+Date: Wed, 22 Jan 2025 15:58:56 -0500
+Subject: [PATCH] Fix potential integer overflow in hash container
+ create/resize
+
+The sized constructors, reserve(), and rehash() methods of
+absl::{flat,node}_hash_{set,map} did not impose an upper bound on
+their size argument. As a result, it was possible for a caller to pass
+a very large size that would cause an integer overflow when computing
+the size of the container's backing store. Subsequent accesses to the
+container might then access out-of-bounds memory.
+
+The fix is in two parts:
+
+1) Update max_size() to return the maximum number of items that can be
+stored in the container
+
+2) Validate the size arguments to the constructors, reserve(), and
+rehash() methods, and abort the program when the argument is invalid
+
+We've looked at uses of these containers in Google codebases like
+Chrome, and determined this vulnerability is likely to be difficult to
+exploit. This is primarily because container sizes are rarely
+attacker-controlled.
+
+The bug was discovered by Dmitry Vyukov <dvyukov@google.com>.
+
+Conflict: remove absl/base/config.h and context adapt
+Reference: https://github.com/abseil/abseil-cpp/commit/3c4b18dc14949d1c6dac8bae2e459c71b21e3416
+---
+ absl/container/internal/raw_hash_set.h       | 15 ++++++++++++++-
+ absl/container/internal/raw_hash_set_test.cc |  8 ++++++++
+ 2 files changed, 22 insertions(+), 1 deletion(-)
+
+diff --git a/absl/container/internal/raw_hash_set.h b/absl/container/internal/raw_hash_set.h
+index ea912f8..40c2c67 100644
+--- a/absl/container/internal/raw_hash_set.h
++++ b/absl/container/internal/raw_hash_set.h
+@@ -745,6 +745,12 @@ inline size_t NormalizeCapacity(size_t n) {
+   return n ? ~size_t{} >> countl_zero(n) : 1;
+ }
+ 
++template <size_t kSlotSize>
++size_t MaxValidCapacity() {
++  return NormalizeCapacity((std::numeric_limits<size_t>::max)() / 4 /
++                           kSlotSize);
++}
++
+ // General notes on capacity/growth methods below:
+ // - We use 7/8th as maximum load factor. For 16-wide groups, that gives an
+ //   average of two empty slots per group.
+@@ -1148,6 +1154,8 @@ class raw_hash_set {
+       : ctrl_(EmptyGroup()),
+         settings_(0, HashtablezInfoHandle(), hash, eq, alloc) {
+     if (bucket_count) {
++      ABSL_RAW_CHECK(bucket_count <= MaxValidCapacity<sizeof(slot_type)>(),
++		     "Hash table size overflow");
+       capacity_ = NormalizeCapacity(bucket_count);
+       initialize_slots();
+     }
+@@ -1341,7 +1349,9 @@ class raw_hash_set {
+   bool empty() const { return !size(); }
+   size_t size() const { return size_; }
+   size_t capacity() const { return capacity_; }
+-  size_t max_size() const { return (std::numeric_limits<size_t>::max)(); }
++  size_t max_size() const {
++    return CapacityToGrowth(MaxValidCapacity<sizeof(slot_type)>());
++  }
+ 
+   ABSL_ATTRIBUTE_REINITIALIZES void clear() {
+     // Iterating over this container is O(bucket_count()). When bucket_count()
+@@ -1678,6 +1688,8 @@ class raw_hash_set {
+     auto m = NormalizeCapacity(n | GrowthToLowerboundCapacity(size()));
+     // n == 0 unconditionally rehashes as per the standard.
+     if (n == 0 || m > capacity_) {
++      ABSL_RAW_CHECK(m <= MaxValidCapacity<sizeof(slot_type)>(),
++		     "Hash table size overflow");
+       resize(m);
+ 
+       // This is after resize, to ensure that we have completed the allocation
+@@ -1688,6 +1700,7 @@ class raw_hash_set {
+ 
+   void reserve(size_t n) {
+     if (n > size() + growth_left()) {
++      ABSL_RAW_CHECK(n <= max_size(), "Hash table size overflow");
+       size_t m = GrowthToLowerboundCapacity(n);
+       resize(NormalizeCapacity(m));
+ 
+diff --git a/absl/container/internal/raw_hash_set_test.cc b/absl/container/internal/raw_hash_set_test.cc
+index f77ffbc..078bbad 100644
+--- a/absl/container/internal/raw_hash_set_test.cc
++++ b/absl/container/internal/raw_hash_set_test.cc
+@@ -2181,6 +2181,14 @@ TEST(Table, AlignOne) {
+   }
+ }
+ 
++TEST(Table, MaxSizeOverflow) {
++  size_t overflow = (std::numeric_limits<size_t>::max)();
++  EXPECT_DEATH_IF_SUPPORTED(IntTable t(overflow), "Hash table size overflow");
++  IntTable t;
++  EXPECT_DEATH_IF_SUPPORTED(t.reserve(overflow), "Hash table size overflow");
++  EXPECT_DEATH_IF_SUPPORTED(t.rehash(overflow), "Hash table size overflow");
++}
++
+ }  // namespace
+ }  // namespace container_internal
+ ABSL_NAMESPACE_END
+-- 
+2.43.0

backport-Do-not-leak-maes-msse4.1-into-pkgconfig.patch

@@ -0,0 +1,26 @@
+From 09e96049995584c3489e4bd1467313e3e85af99c Mon Sep 17 00:00:00 2001
+From: Bruno Pitrus <brunopitrus@hotmail.com>
+Date: Mon, 11 Jul 2022 18:27:39 +0200
+Subject: [PATCH] Do not leak -maes -msse4.1 into pkgconfig
+
+Conflict: NA
+Reference: https://github.com/abseil/abseil-cpp/commit/09e96049995584c3489e4bd1467313e3e85af99c
+---
+ CMake/AbseilHelpers.cmake | 2 ++
+ 1 file changed, 2 insertions(+)
+
+diff --git a/CMake/AbseilHelpers.cmake b/CMake/AbseilHelpers.cmake
+index ebe9ddc8..9cd87c51 100644
+--- a/CMake/AbseilHelpers.cmake
++++ b/CMake/AbseilHelpers.cmake
+@@ -166,6 +166,8 @@ function(absl_cc_library)
+           set(PC_CFLAGS "${PC_CFLAGS} ${cflag}")
+         elseif(${cflag} MATCHES "^(-W|/w[1234eo])")
+           # Don't impose our warnings on others.
++        elseif(${cflag} MATCHES "^-m")
++          # Don't impose CPU instruction requirements on others, as the code performs feature detection on runtime.
+         else()
+           set(PC_CFLAGS "${PC_CFLAGS} ${cflag}")
+         endif()
+--
+2.33.0