diff --git a/SPECS/trident/CVE-2025-58160.patch b/SPECS/trident/CVE-2025-58160.patch new file mode 100644 index 00000000000..0a462ae2952 --- /dev/null +++ b/SPECS/trident/CVE-2025-58160.patch @@ -0,0 +1,480 @@ +From 4c52ca5266a3920fc5dfeebda2accf15ee7fb278 Mon Sep 17 00:00:00 2001 +From: Carl Lerche +Date: Fri, 29 Aug 2025 12:08:48 -0700 +Subject: [PATCH] fmt: fix ANSI escape sequence injection vulnerability (#3368) + +Fixes a security vulnerability where ANSI escape sequences in user input +could be injected into terminal output, potentially allowing attackers to +manipulate terminal behavior through log messages and error displays. + +The vulnerability occurred when user-controlled content was formatted using +Display (`{}`) instead of Debug (`{:?}`) formatting, allowing raw ANSI +sequences to pass through unescaped. + +Changes: +- Add streaming ANSI escape wrapper to avoid string allocations +- Escape message content in default and pretty formatters +- Escape error Display content in all error formatting paths +- Add comprehensive integration tests for all formatter types + +The fix specifically targets untrusted user input while preserving the +ability for applications to deliberately include formatting in trusted +contexts like thread names. + +Security impact: Prevents terminal injection attacks such as title bar +manipulation, screen clearing, and other malicious terminal control +sequences that could be injected through log messages. + +Upstream Patch Reference: https://github.com/tokio-rs/tracing/commit/4c52ca5266a3920fc5dfeebda2accf15ee7fb278.patch +--- + vendor/tracing-subscriber/.cargo-checksum.json | 2 +- + .../src/fmt/format/escape.rs | 51 ++++ + .../tracing-subscriber/src/fmt/format/mod.rs | 14 +- + .../src/fmt/format/pretty.rs | 9 +- + .../tracing-subscriber/tests/ansi_escaping.rs | 281 ++++++++++++++++++ + 5 files changed, 349 insertions(+), 8 deletions(-) + create mode 100644 vendor/tracing-subscriber/src/fmt/format/escape.rs + create mode 100644 vendor/tracing-subscriber/tests/ansi_escaping.rs + +diff --git a/vendor/tracing-subscriber/.cargo-checksum.json b/vendor/tracing-subscriber/.cargo-checksum.json +index d137f6dd..700fee2b 100644 +--- a/vendor/tracing-subscriber/.cargo-checksum.json ++++ b/vendor/tracing-subscriber/.cargo-checksum.json +@@ -1 +1 @@ +-{"files":{".cargo_vcs_info.json":"6dc84548589eba4aa175637af1e0920a6c4c6178f1ccf8aafb81157f3826e1ce","CHANGELOG.md":"77d8a489fb9095d8a725f43ba4d14949b5eadb63ecca0ae0049063ad0d01f0e3","Cargo.toml":"60cba7fe2711f96028b2ec0e61443298d87bbcbab5c2f6e1e3e55a2755498189","Cargo.toml.orig":"afeaa81b49a78bf0c663b5561601e3962b1307de21e338ef81770efe9ae566c2","LICENSE":"898b1ae9821e98daf8964c8d6c7f61641f5f5aa78ad500020771c0939ee0dea1","README.md":"fa353483e37d811dc3ac87a3b14e099d7302d02cc68210e1d051900741780cb2","benches/enter.rs":"4a94a04e2abd07950ef2f0b646f4dcdf4ff00abf6396edb5a53c8b41b7691b1a","benches/filter.rs":"6374005ffa47fa19880bb95e3e37406f40ea72a02c5136f4d5eb4c663d452b18","benches/filter_log.rs":"612716bdf9a188093e84d014a4847f18157f148f7d64e54150cd5c91ac709a8a","benches/fmt.rs":"5a0ff37967ffef3a221eebb78855d031e2e883a8a67528c8e794cc6f16cbee8a","benches/support/mod.rs":"82d20104f557b884b3da5d7e12d705fc6032021131f44254ab78593236a23254","src/field/debug.rs":"4ab50198a0b042d92fefa77b5cac0aef7ba6936149fa555f4b6e2036dcd7f2d7","src/field/delimited.rs":"5e7967637dc3181c097637dcb2a95f35db16583b5fc293b30211db5779ab21ab","src/field/display.rs":"da8cfcb22a39f451f075e2c3a9ce5193c6afe19853cdbd643239657cac5b7e47","src/field/mod.rs":"cedb83f56b55495fc082b25ec63896ebc84d09cda5653b887506b202056c10ce","src/filter/directive.rs":"2fa641b29551d0550a2d441203a8d803d55698db9104163ac555bf04ffcd3842","src/filter/env/builder.rs":"55b2e83895824a80ccbb542c7429c03c802d94c9ec043756a953fbbda63c4397","src/filter/env/directive.rs":"b3168cd8bbb3bb46b9a4358d9d4582d493bfdfdc54c039a7c492b70f287f7635","src/filter/env/field.rs":"3d86924f560f191bff094eb77e5e4191ed5c4331dad63896bc03f52b806ea964","src/filter/env/mod.rs":"6fc028fac9fbe15545bfa085268cf25b70d4c14987a81146666b1c8151510e73","src/filter/filter_fn.rs":"f4f57cc670b6a5d976e13b687323f04f76ca96147ddad317c5911dd0737aad9b","src/filter/layer_filters/combinator.rs":"695de9d8b0a04df09bea08cc40403e09ff66613c07f72c403f7bc65b89e1fd36","src/filter/layer_filters/mod.rs":"1dc249caf2df7a5284f848b682113ef9ed666abd73b12323a532693f11627dc3","src/filter/level.rs":"cc449757aac47caaf19dd5ba4d74c8efbcd7531fcd6c13da0c5f6fdda12cc9ca","src/filter/mod.rs":"56eed2056c061a752b2fa878547e0489df76dba5ec0c084015630195df5e0ab7","src/filter/targets.rs":"f587ad41d70e4c770f5732e498d88f34ed9d05946ef5c79bcf8ba0553db56668","src/fmt/fmt_layer.rs":"9bb88a5dfcf09315dfdc9c05b3901d6ee314fdf91092896a630e72945547a70c","src/fmt/format/json.rs":"ce085e6d0592e7f37fe1637b6d01d2b465ade9384a5c0d7fccbe92dc2f5e0718","src/fmt/format/mod.rs":"f1cd5d245b9ff663d31963771624832ece7a224fd07e8ce9e8b08f25a45cac46","src/fmt/format/pretty.rs":"54d96f587ee38de58f69018256b582a6e17c4ffabbaf901df7b1565be5489b70","src/fmt/mod.rs":"91d75e49cfc6b5db4c0821da3a4d5fce2f4656b2e9eb33510309a34a18e25964","src/fmt/time/chrono_crate.rs":"63dee60e1bc935a99598bed5576efc8c1533695622733311b043ec9678295f88","src/fmt/time/datetime.rs":"4ee23558bf412380c7d94bd49b0b30c0f3b7318e5a52af9ae71cae064542e1b1","src/fmt/time/mod.rs":"723d7dd23dea4b938d5d8834133ab112c3cf66bc61e7378603ae3f65c4edf2ef","src/fmt/time/time_crate.rs":"764b79ab3d8de82cd6f4d133e71a7c181dfb5cacd7437d116b55a68b0378de55","src/fmt/writer.rs":"199ac2b6b639b716609309554d599f0b8214e34b9a56535a6f0e7abf353c9241","src/layer/context.rs":"11841166e9d7be48ff11bb4f686699687069a48f937031ae36d37039109477a2","src/layer/layered.rs":"85c427dfe90823a5c7120fe0e9fd7e0d74e464ab6bb5b3fd37632d522dba9c75","src/layer/mod.rs":"82cc14cf1354f0adae2a1cd77eaec6575bb89826f02cddafb3a889166fd3288a","src/layer/tests.rs":"3e974d627c4bc4269cfa10c82c890e596c9d46af8e6bc03c6c117bde1237e948","src/lib.rs":"3db3be954a59de1356b99181fbc023abc8284e8bc016442d00fbf480f2f32999","src/macros.rs":"6993489ad52c487e2b4df2f1102970af3ef918dfef0479ddcc5e904be7679d65","src/prelude.rs":"088635def33be9a4c4b6ed934dc22540c555e27d62f7625a43aa9c0e525ca467","src/registry/extensions.rs":"0418b39287bbc06cc95b8cecd6a25aa808b8e04714d842340ff75db458cafe5b","src/registry/mod.rs":"02555c64f70829899b3c7a44357167a83a59755f6e0d1cb70e920b58dbb4323c","src/registry/sharded.rs":"f560c6e229a168b2fed74bf0fcaaf913c88f280ee1f6ccd8335aabbb6cc9accd","src/registry/stack.rs":"9ef333d6a8a28a064e80ff1e376dbb07bc597009010ec332b2dc3ab435d737c2","src/reload.rs":"446142aaf38d54866f9ebf119e231af438192a04576d7de1b6bf8fc720d78b24","src/sync.rs":"7f78f3de5b618a999be0e61f936a233975e7769f1ebb55a0e48c3d199e9c45e3","src/util.rs":"55b4e9d63112f9d5a12a287273a9b1212741058384332d3edc024168cacfd627","tests/cached_layer_filters_dont_break_other_layers.rs":"781b58dbb6a1a1c12e44458566e73baada0ab74ce5cf1d39d7fb1534f2337410","tests/duplicate_spans.rs":"3bf35184fb7d1dc5f33e5098820febbec37ef3ccd06b693d11b5585affb60ff4","tests/env_filter/main.rs":"c49205b926bfb75f45c90170525a34856c8be8ed37fdb644c1eb98db8702ea24","tests/env_filter/per_layer.rs":"bf11fd923dc375785a43c60509bf8e3820dd56043c142c1cfee7a465515b7289","tests/event_enabling.rs":"15e301a8ff6c74c454547dad15a47b5f11fc54e539162191f21462b6d5080830","tests/field_filter.rs":"08883ba496404558966cd1d7a995f7ec0539afde6ff143530c74429b84b26089","tests/filter_log.rs":"f7f4a871cd4d6336c01388776ef7c85ee28457bab833a67e3d6c9f123942b124","tests/fmt_max_level_hint.rs":"d4c6d6f976ae41ab8052fa610a7337ad7150802cbd5634cb30fc45c1f215cfcd","tests/hinted_layer_filters_dont_break_other_layers.rs":"264372daa411a2b0475b70bd03d2a76b699ed3f4eced7e974b415100968c5b94","tests/layer_filter_interests_are_cached.rs":"0d6005ea0d5add4c5be1e9425ced63d1fe6db47ae5b5d11fa47b7c74ef247be8","tests/layer_filters/boxed.rs":"c6ab82b5818e98fdc75a87f7dbb7c1574fa1ae26453df55db85644c3f35edc08","tests/layer_filters/combinators.rs":"37f92286cbf9b2767c53103d47d1cde110f5f52ea2af796cd04a0a929f026286","tests/layer_filters/downcast_raw.rs":"9b90ead571543cbe14e89b4fe637360d9baf3069f6f656ed3bdf65e7318648f1","tests/layer_filters/filter_scopes.rs":"da8201e4ca522cbf7f9ff8b19519d29286ad69660139c5b549ad0366e89a937c","tests/layer_filters/main.rs":"dd59150ecc35da9ec76ab837eff364cd7d55eaf40802cf7ce8b7d229c4985827","tests/layer_filters/option.rs":"557cc5f82fa30c1f2025d314226fe600303a362d98a43fb8b7c9db7fea9e2c16","tests/layer_filters/per_event.rs":"d042e51d4659cf0121c7765afd2cb132cc3b68c7069d569a642747a3cb1a26d2","tests/layer_filters/targets.rs":"c1445c4003164fc7748cdaa8b8cb00b738363880a8057b0205eb63102315847d","tests/layer_filters/trees.rs":"3ca0c2c3fd9b4bb7e799fc2d7698677ee71ec829f60a0a447db4b7a549a052df","tests/layer_filters/vec.rs":"c89e100e995b0f777e13fafefe11096071a19d4dacc8eb8c2fba75e51abaeec8","tests/multiple_layer_filter_interests_cached.rs":"617f67af50e99bada5e06130845109468020be807fb238d5e9c193dcce4eb04a","tests/option.rs":"0268ca64fb3068bfa95126a477009611253130f902fc558a4605649945bdae29","tests/option_filter_interest_caching.rs":"696fad992d96f4571d74b73ace72274e17ebe1b929c511f6b18030d04d95d717","tests/registry_max_level_hint.rs":"ba386d32b8d13832d7009163241c3d0723488c0393d85647eb9368776251e4fc","tests/registry_with_subscriber.rs":"61a545e1bf3f75efd0dd18c20bb93e8a1f2e0158b342179a94228c4cbd5bb9cc","tests/reload.rs":"48152dbd8d36d187c6aef83f938a22032122984b2fbc9617a3364b76fa829abc","tests/reload_max_log_level.rs":"98dd2698af2ea151406f690d071dc7c1b662ddb24ea876affd6ca128d0338611","tests/same_len_filters.rs":"0019a7089b06f5e6738bd0501cfd00e973395cdcf982c203b8f222c23642f73e","tests/unhinted_layer_filters_dont_break_other_layers.rs":"f36746f221817e76a280658331c9e8a0a959f755fc4dc05580224514eee79221","tests/utils.rs":"774e41c08ec6ee831e25142d21389f82e84cc7707aaddb5bd12d7429e4fb6a79","tests/vec.rs":"d1176f3e1b0954129792a28282b95084d417143b0cc4e35887b95cee3c675392","tests/vec_subscriber_filter_interests_cached.rs":"c5f894c93699bc67ec0635bfa3f2cbe6fcc8ab255ed8400e7927f86d3205ec8d"},"package":"e8189decb5ac0fa7bc8b96b7cb9b2701d60d48805aca84a238004d665fcc4008"} +\ No newline at end of file ++{"files":{".cargo_vcs_info.json":"6dc84548589eba4aa175637af1e0920a6c4c6178f1ccf8aafb81157f3826e1ce","CHANGELOG.md":"77d8a489fb9095d8a725f43ba4d14949b5eadb63ecca0ae0049063ad0d01f0e3","Cargo.toml":"60cba7fe2711f96028b2ec0e61443298d87bbcbab5c2f6e1e3e55a2755498189","Cargo.toml.orig":"afeaa81b49a78bf0c663b5561601e3962b1307de21e338ef81770efe9ae566c2","LICENSE":"898b1ae9821e98daf8964c8d6c7f61641f5f5aa78ad500020771c0939ee0dea1","README.md":"fa353483e37d811dc3ac87a3b14e099d7302d02cc68210e1d051900741780cb2","benches/enter.rs":"4a94a04e2abd07950ef2f0b646f4dcdf4ff00abf6396edb5a53c8b41b7691b1a","benches/filter.rs":"6374005ffa47fa19880bb95e3e37406f40ea72a02c5136f4d5eb4c663d452b18","benches/filter_log.rs":"612716bdf9a188093e84d014a4847f18157f148f7d64e54150cd5c91ac709a8a","benches/fmt.rs":"5a0ff37967ffef3a221eebb78855d031e2e883a8a67528c8e794cc6f16cbee8a","benches/support/mod.rs":"82d20104f557b884b3da5d7e12d705fc6032021131f44254ab78593236a23254","src/field/debug.rs":"4ab50198a0b042d92fefa77b5cac0aef7ba6936149fa555f4b6e2036dcd7f2d7","src/field/delimited.rs":"5e7967637dc3181c097637dcb2a95f35db16583b5fc293b30211db5779ab21ab","src/field/display.rs":"da8cfcb22a39f451f075e2c3a9ce5193c6afe19853cdbd643239657cac5b7e47","src/field/mod.rs":"cedb83f56b55495fc082b25ec63896ebc84d09cda5653b887506b202056c10ce","src/filter/directive.rs":"2fa641b29551d0550a2d441203a8d803d55698db9104163ac555bf04ffcd3842","src/filter/env/builder.rs":"55b2e83895824a80ccbb542c7429c03c802d94c9ec043756a953fbbda63c4397","src/filter/env/directive.rs":"b3168cd8bbb3bb46b9a4358d9d4582d493bfdfdc54c039a7c492b70f287f7635","src/filter/env/field.rs":"3d86924f560f191bff094eb77e5e4191ed5c4331dad63896bc03f52b806ea964","src/filter/env/mod.rs":"6fc028fac9fbe15545bfa085268cf25b70d4c14987a81146666b1c8151510e73","src/filter/filter_fn.rs":"f4f57cc670b6a5d976e13b687323f04f76ca96147ddad317c5911dd0737aad9b","src/filter/layer_filters/combinator.rs":"695de9d8b0a04df09bea08cc40403e09ff66613c07f72c403f7bc65b89e1fd36","src/filter/layer_filters/mod.rs":"1dc249caf2df7a5284f848b682113ef9ed666abd73b12323a532693f11627dc3","src/filter/level.rs":"cc449757aac47caaf19dd5ba4d74c8efbcd7531fcd6c13da0c5f6fdda12cc9ca","src/filter/mod.rs":"56eed2056c061a752b2fa878547e0489df76dba5ec0c084015630195df5e0ab7","src/filter/targets.rs":"f587ad41d70e4c770f5732e498d88f34ed9d05946ef5c79bcf8ba0553db56668","src/fmt/fmt_layer.rs":"9bb88a5dfcf09315dfdc9c05b3901d6ee314fdf91092896a630e72945547a70c","src/fmt/format/escape.rs":"fe0c2e1d71de41924fbeeb7922355a1c7fe4a4443c035ff9a6290fe4d414049a","src/fmt/format/json.rs":"ce085e6d0592e7f37fe1637b6d01d2b465ade9384a5c0d7fccbe92dc2f5e0718","src/fmt/format/mod.rs":"6187cc720768b644048e1e8e6671c23b83aef671cea4db795ab5a7639a3b3964","src/fmt/format/pretty.rs":"a3685c36ec5fa533826951cbcba3d0f646cf0c163e59fd94c2f7283e63370229","src/fmt/mod.rs":"91d75e49cfc6b5db4c0821da3a4d5fce2f4656b2e9eb33510309a34a18e25964","src/fmt/time/chrono_crate.rs":"63dee60e1bc935a99598bed5576efc8c1533695622733311b043ec9678295f88","src/fmt/time/datetime.rs":"4ee23558bf412380c7d94bd49b0b30c0f3b7318e5a52af9ae71cae064542e1b1","src/fmt/time/mod.rs":"723d7dd23dea4b938d5d8834133ab112c3cf66bc61e7378603ae3f65c4edf2ef","src/fmt/time/time_crate.rs":"764b79ab3d8de82cd6f4d133e71a7c181dfb5cacd7437d116b55a68b0378de55","src/fmt/writer.rs":"199ac2b6b639b716609309554d599f0b8214e34b9a56535a6f0e7abf353c9241","src/layer/context.rs":"11841166e9d7be48ff11bb4f686699687069a48f937031ae36d37039109477a2","src/layer/layered.rs":"85c427dfe90823a5c7120fe0e9fd7e0d74e464ab6bb5b3fd37632d522dba9c75","src/layer/mod.rs":"82cc14cf1354f0adae2a1cd77eaec6575bb89826f02cddafb3a889166fd3288a","src/layer/tests.rs":"3e974d627c4bc4269cfa10c82c890e596c9d46af8e6bc03c6c117bde1237e948","src/lib.rs":"3db3be954a59de1356b99181fbc023abc8284e8bc016442d00fbf480f2f32999","src/macros.rs":"6993489ad52c487e2b4df2f1102970af3ef918dfef0479ddcc5e904be7679d65","src/prelude.rs":"088635def33be9a4c4b6ed934dc22540c555e27d62f7625a43aa9c0e525ca467","src/registry/extensions.rs":"0418b39287bbc06cc95b8cecd6a25aa808b8e04714d842340ff75db458cafe5b","src/registry/mod.rs":"02555c64f70829899b3c7a44357167a83a59755f6e0d1cb70e920b58dbb4323c","src/registry/sharded.rs":"f560c6e229a168b2fed74bf0fcaaf913c88f280ee1f6ccd8335aabbb6cc9accd","src/registry/stack.rs":"9ef333d6a8a28a064e80ff1e376dbb07bc597009010ec332b2dc3ab435d737c2","src/reload.rs":"446142aaf38d54866f9ebf119e231af438192a04576d7de1b6bf8fc720d78b24","src/sync.rs":"7f78f3de5b618a999be0e61f936a233975e7769f1ebb55a0e48c3d199e9c45e3","src/util.rs":"55b4e9d63112f9d5a12a287273a9b1212741058384332d3edc024168cacfd627","tests/ansi_escaping.rs":"3267c070337f8012b4e50f2edf9b7659de0521382a8db199d2990e7d3807f36e","tests/cached_layer_filters_dont_break_other_layers.rs":"781b58dbb6a1a1c12e44458566e73baada0ab74ce5cf1d39d7fb1534f2337410","tests/duplicate_spans.rs":"3bf35184fb7d1dc5f33e5098820febbec37ef3ccd06b693d11b5585affb60ff4","tests/env_filter/main.rs":"c49205b926bfb75f45c90170525a34856c8be8ed37fdb644c1eb98db8702ea24","tests/env_filter/per_layer.rs":"bf11fd923dc375785a43c60509bf8e3820dd56043c142c1cfee7a465515b7289","tests/event_enabling.rs":"15e301a8ff6c74c454547dad15a47b5f11fc54e539162191f21462b6d5080830","tests/field_filter.rs":"08883ba496404558966cd1d7a995f7ec0539afde6ff143530c74429b84b26089","tests/filter_log.rs":"f7f4a871cd4d6336c01388776ef7c85ee28457bab833a67e3d6c9f123942b124","tests/fmt_max_level_hint.rs":"d4c6d6f976ae41ab8052fa610a7337ad7150802cbd5634cb30fc45c1f215cfcd","tests/hinted_layer_filters_dont_break_other_layers.rs":"264372daa411a2b0475b70bd03d2a76b699ed3f4eced7e974b415100968c5b94","tests/layer_filter_interests_are_cached.rs":"0d6005ea0d5add4c5be1e9425ced63d1fe6db47ae5b5d11fa47b7c74ef247be8","tests/layer_filters/boxed.rs":"c6ab82b5818e98fdc75a87f7dbb7c1574fa1ae26453df55db85644c3f35edc08","tests/layer_filters/combinators.rs":"37f92286cbf9b2767c53103d47d1cde110f5f52ea2af796cd04a0a929f026286","tests/layer_filters/downcast_raw.rs":"9b90ead571543cbe14e89b4fe637360d9baf3069f6f656ed3bdf65e7318648f1","tests/layer_filters/filter_scopes.rs":"da8201e4ca522cbf7f9ff8b19519d29286ad69660139c5b549ad0366e89a937c","tests/layer_filters/main.rs":"dd59150ecc35da9ec76ab837eff364cd7d55eaf40802cf7ce8b7d229c4985827","tests/layer_filters/option.rs":"557cc5f82fa30c1f2025d314226fe600303a362d98a43fb8b7c9db7fea9e2c16","tests/layer_filters/per_event.rs":"d042e51d4659cf0121c7765afd2cb132cc3b68c7069d569a642747a3cb1a26d2","tests/layer_filters/targets.rs":"c1445c4003164fc7748cdaa8b8cb00b738363880a8057b0205eb63102315847d","tests/layer_filters/trees.rs":"3ca0c2c3fd9b4bb7e799fc2d7698677ee71ec829f60a0a447db4b7a549a052df","tests/layer_filters/vec.rs":"c89e100e995b0f777e13fafefe11096071a19d4dacc8eb8c2fba75e51abaeec8","tests/multiple_layer_filter_interests_cached.rs":"617f67af50e99bada5e06130845109468020be807fb238d5e9c193dcce4eb04a","tests/option.rs":"0268ca64fb3068bfa95126a477009611253130f902fc558a4605649945bdae29","tests/option_filter_interest_caching.rs":"696fad992d96f4571d74b73ace72274e17ebe1b929c511f6b18030d04d95d717","tests/registry_max_level_hint.rs":"ba386d32b8d13832d7009163241c3d0723488c0393d85647eb9368776251e4fc","tests/registry_with_subscriber.rs":"61a545e1bf3f75efd0dd18c20bb93e8a1f2e0158b342179a94228c4cbd5bb9cc","tests/reload.rs":"48152dbd8d36d187c6aef83f938a22032122984b2fbc9617a3364b76fa829abc","tests/reload_max_log_level.rs":"98dd2698af2ea151406f690d071dc7c1b662ddb24ea876affd6ca128d0338611","tests/same_len_filters.rs":"0019a7089b06f5e6738bd0501cfd00e973395cdcf982c203b8f222c23642f73e","tests/unhinted_layer_filters_dont_break_other_layers.rs":"f36746f221817e76a280658331c9e8a0a959f755fc4dc05580224514eee79221","tests/utils.rs":"774e41c08ec6ee831e25142d21389f82e84cc7707aaddb5bd12d7429e4fb6a79","tests/vec.rs":"d1176f3e1b0954129792a28282b95084d417143b0cc4e35887b95cee3c675392","tests/vec_subscriber_filter_interests_cached.rs":"c5f894c93699bc67ec0635bfa3f2cbe6fcc8ab255ed8400e7927f86d3205ec8d"},"package":"e8189decb5ac0fa7bc8b96b7cb9b2701d60d48805aca84a238004d665fcc4008"} +diff --git a/vendor/tracing-subscriber/src/fmt/format/escape.rs b/vendor/tracing-subscriber/src/fmt/format/escape.rs +new file mode 100644 +index 00000000..9f45d332 +--- /dev/null ++++ b/vendor/tracing-subscriber/src/fmt/format/escape.rs +@@ -0,0 +1,51 @@ ++//! ANSI escape sequence sanitization to prevent terminal injection attacks. ++ ++use std::fmt::{self, Write}; ++ ++/// A wrapper that implements `fmt::Debug` and `fmt::Display` and escapes ANSI sequences on-the-fly. ++/// This avoids creating intermediate strings while providing security against terminal injection. ++pub(super) struct Escape(pub(super) T); ++ ++/// Helper struct that escapes ANSI sequences as characters are written ++struct EscapingWriter<'a, 'b> { ++ inner: &'a mut fmt::Formatter<'b>, ++} ++ ++impl<'a, 'b> fmt::Write for EscapingWriter<'a, 'b> { ++ fn write_str(&mut self, s: &str) -> fmt::Result { ++ // Stream the string character by character, escaping ANSI and C1 control sequences ++ for ch in s.chars() { ++ match ch { ++ // C0 control characters that can be used in terminal escape sequences ++ '\x1b' => self.inner.write_str("\\x1b")?, // ESC ++ '\x07' => self.inner.write_str("\\x07")?, // BEL ++ '\x08' => self.inner.write_str("\\x08")?, // BS ++ '\x0c' => self.inner.write_str("\\x0c")?, // FF ++ '\x7f' => self.inner.write_str("\\x7f")?, // DEL ++ ++ // C1 control characters (\x80-\x9f) - 8-bit control codes ++ // These can be used as alternative escape sequences in some terminals ++ ch if ch as u32 >= 0x80 && ch as u32 <= 0x9f => { ++ write!(self.inner, "\\u{{{:x}}}", ch as u32)? ++ }, ++ ++ _ => self.inner.write_char(ch)?, ++ } ++ } ++ Ok(()) ++ } ++} ++ ++impl fmt::Debug for Escape { ++ fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result { ++ let mut escaping_writer = EscapingWriter { inner: f }; ++ write!(escaping_writer, "{:?}", self.0) ++ } ++} ++ ++impl fmt::Display for Escape { ++ fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result { ++ let mut escaping_writer = EscapingWriter { inner: f }; ++ write!(escaping_writer, "{}", self.0) ++ } ++} +diff --git a/vendor/tracing-subscriber/src/fmt/format/mod.rs b/vendor/tracing-subscriber/src/fmt/format/mod.rs +index f19cdbcc..1c327423 100644 +--- a/vendor/tracing-subscriber/src/fmt/format/mod.rs ++++ b/vendor/tracing-subscriber/src/fmt/format/mod.rs +@@ -48,6 +48,9 @@ use tracing_log::NormalizeEvent; + #[cfg(feature = "ansi")] + use nu_ansi_term::{Color, Style}; + ++mod escape; ++use escape::Escape; ++ + #[cfg(feature = "json")] + mod json; + #[cfg(feature = "json")] +@@ -1257,7 +1260,7 @@ impl field::Visit for DefaultVisitor<'_> { + field, + &format_args!( + "{} {}{}{}{}", +- value, ++ Escape(&format_args!("{}", value)), + italic.paint(field.name()), + italic.paint(".sources"), + self.writer.dimmed().paint("="), +@@ -1265,7 +1268,7 @@ impl field::Visit for DefaultVisitor<'_> { + ), + ) + } else { +- self.record_debug(field, &format_args!("{}", value)) ++ self.record_debug(field, &format_args!("{}", Escape(&format_args!("{}", value)))) + } + } + +@@ -1276,7 +1279,10 @@ impl field::Visit for DefaultVisitor<'_> { + + self.maybe_pad(); + self.result = match field.name() { +- "message" => write!(self.writer, "{:?}", value), ++ "message" => { ++ // Escape ANSI characters to prevent malicious patterns (e.g., terminal injection attacks) ++ write!(self.writer, "{:?}", Escape(value)) ++ }, + // Skip fields that are actually log metadata that have already been handled + #[cfg(feature = "tracing-log")] + name if name.starts_with("log.") => Ok(()), +@@ -1318,7 +1324,7 @@ impl Display for ErrorSourceList<'_> { + let mut list = f.debug_list(); + let mut curr = Some(self.0); + while let Some(curr_err) = curr { +- list.entry(&format_args!("{}", curr_err)); ++ list.entry(&Escape(&format_args!("{}", curr_err))); + curr = curr_err.source(); + } + list.finish() +diff --git a/vendor/tracing-subscriber/src/fmt/format/pretty.rs b/vendor/tracing-subscriber/src/fmt/format/pretty.rs +index a6713542..6dd9b909 100644 +--- a/vendor/tracing-subscriber/src/fmt/format/pretty.rs ++++ b/vendor/tracing-subscriber/src/fmt/format/pretty.rs +@@ -457,7 +457,7 @@ impl field::Visit for PrettyVisitor<'_> { + field, + &format_args!( + "{}, {}{}.sources{}: {}", +- value, ++ Escape(&format_args!("{}", value)), + bold.prefix(), + field, + bold.infix(self.style), +@@ -465,7 +465,7 @@ impl field::Visit for PrettyVisitor<'_> { + ), + ) + } else { +- self.record_debug(field, &format_args!("{}", value)) ++ self.record_debug(field, &Escape(&format_args!("{}", value))) + } + } + +@@ -475,7 +475,10 @@ impl field::Visit for PrettyVisitor<'_> { + } + let bold = self.bold(); + match field.name() { +- "message" => self.write_padded(&format_args!("{}{:?}", self.style.prefix(), value,)), ++ "message" => { ++ // Escape ANSI characters to prevent malicious patterns (e.g., terminal injection attacks) ++ self.write_padded(&format_args!("{}{:?}", self.style.prefix(), Escape(value))) ++ }, + // Skip fields that are actually log metadata that have already been handled + #[cfg(feature = "tracing-log")] + name if name.starts_with("log.") => self.result = Ok(()), +diff --git a/vendor/tracing-subscriber/tests/ansi_escaping.rs b/vendor/tracing-subscriber/tests/ansi_escaping.rs +new file mode 100644 +index 00000000..120a44b5 +--- /dev/null ++++ b/vendor/tracing-subscriber/tests/ansi_escaping.rs +@@ -0,0 +1,281 @@ ++use std::sync::{Arc, Mutex}; ++use tracing_subscriber::fmt::MakeWriter; ++ ++/// Shared test writer that collects output for verification ++#[derive(Debug, Clone)] ++struct TestWriter { ++ buf: Arc>>, ++} ++ ++impl TestWriter { ++ fn new() -> Self { ++ Self { ++ buf: Arc::new(Mutex::new(Vec::new())), ++ } ++ } ++ ++ fn get_output(&self) -> String { ++ let buf = self.buf.lock().unwrap(); ++ String::from_utf8_lossy(&buf).to_string() ++ } ++} ++ ++impl std::io::Write for TestWriter { ++ fn write(&mut self, buf: &[u8]) -> std::io::Result { ++ self.buf.lock().unwrap().extend_from_slice(buf); ++ Ok(buf.len()) ++ } ++ ++ fn flush(&mut self) -> std::io::Result<()> { ++ Ok(()) ++ } ++} ++ ++impl<'a> MakeWriter<'a> for TestWriter { ++ type Writer = TestWriter; ++ ++ fn make_writer(&'a self) -> Self::Writer { ++ self.clone() ++ } ++} ++ ++/// Test that basic security expectations are met - this is a smoke test ++/// for the ANSI escaping functionality using public APIs only ++#[test] ++fn test_error_ansi_escaping() { ++ use std::fmt; ++ ++ #[derive(Debug)] ++ struct MaliciousError(&'static str); ++ ++ impl fmt::Display for MaliciousError { ++ fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result { ++ write!(f, "{}", self.0) ++ } ++ } ++ ++ impl std::error::Error for MaliciousError {} ++ ++ let writer = TestWriter::new(); ++ let subscriber = tracing_subscriber::fmt::Subscriber::builder() ++ .with_writer(writer.clone()) ++ .with_ansi(false) ++ .without_time() ++ .with_target(false) ++ .with_level(false) ++ .finish(); ++ ++ tracing::subscriber::with_default(subscriber, || { ++ let malicious_error = MaliciousError("\x1b]0;PWNED\x07\x1b[2J\x08\x0c\x7f"); ++ ++ // This demonstrates that errors are logged - the actual escaping ++ // is tested by our internal unit tests ++ tracing::error!(error = %malicious_error, "An error occurred"); ++ }); ++ ++ let output = writer.get_output(); ++ ++ // Just verify that something was logged ++ assert!( ++ output.contains("An error occurred"), ++ "Error message should be logged" ++ ); ++} ++ ++/// Test that ANSI escape sequences in log messages are properly escaped ++#[test] ++fn test_message_ansi_escaping() { ++ let writer = TestWriter::new(); ++ let subscriber = tracing_subscriber::fmt::Subscriber::builder() ++ .with_writer(writer.clone()) ++ .with_ansi(false) ++ .without_time() ++ .with_target(false) ++ .with_level(false) ++ .finish(); ++ ++ tracing::subscriber::with_default(subscriber, || { ++ let malicious_input = "\x1b]0;PWNED\x07\x1b[2J\x08\x0c\x7f"; ++ ++ // This should not cause ANSI injection ++ tracing::info!("User input: {}", malicious_input); ++ }); ++ ++ let output = writer.get_output(); ++ ++ // Verify ANSI sequences are escaped ++ assert!( ++ !output.contains('\x1b'), ++ "Message output should not contain raw ESC characters" ++ ); ++ assert!( ++ !output.contains('\x07'), ++ "Message output should not contain raw BEL characters" ++ ); ++} ++ ++/// Test that JSON formatter properly escapes ANSI sequences ++#[cfg(feature = "json")] ++#[test] ++fn test_json_ansi_escaping() { ++ let writer = TestWriter::new(); ++ let subscriber = tracing_subscriber::fmt::Subscriber::builder() ++ .json() ++ .with_writer(writer.clone()) ++ .finish(); ++ ++ tracing::subscriber::with_default(subscriber, || { ++ let malicious_input = "\x1b]0;PWNED\x07\x1b[2J"; ++ ++ // JSON formatter should escape ANSI sequences ++ tracing::info!("Testing: {}", malicious_input); ++ tracing::info!(user_input = %malicious_input, "Field test"); ++ }); ++ ++ let output = writer.get_output(); ++ ++ // JSON should escape ANSI sequences as Unicode escapes ++ assert!( ++ !output.contains('\x1b'), ++ "JSON output should not contain raw ESC characters" ++ ); ++ assert!( ++ !output.contains('\x07'), ++ "JSON output should not contain raw BEL characters" ++ ); ++} ++ ++/// Test that pretty formatter properly escapes ANSI sequences ++#[cfg(feature = "ansi")] ++#[test] ++fn test_pretty_ansi_escaping() { ++ let writer = TestWriter::new(); ++ let subscriber = tracing_subscriber::fmt::Subscriber::builder() ++ .pretty() ++ .with_writer(writer.clone()) ++ .with_ansi(false) ++ .without_time() ++ .with_target(false) ++ .finish(); ++ ++ tracing::subscriber::with_default(subscriber, || { ++ let malicious_input = "\x1b]0;PWNED\x07\x1b[2J"; ++ ++ // Pretty formatter should escape ANSI sequences ++ tracing::info!("Testing: {}", malicious_input); ++ }); ++ ++ let output = writer.get_output(); ++ ++ // Verify ANSI sequences are escaped ++ assert!( ++ !output.contains('\x1b'), ++ "Pretty output should not contain raw ESC characters" ++ ); ++ assert!( ++ !output.contains('\x07'), ++ "Pretty output should not contain raw BEL characters" ++ ); ++} ++ ++/// Comprehensive test for ANSI sanitization that prevents injection attacks ++#[test] ++fn ansi_sanitization_prevents_injection() { ++ let writer = TestWriter::new(); ++ let subscriber = tracing_subscriber::fmt::Subscriber::builder() ++ .with_writer(writer.clone()) ++ .with_ansi(false) ++ .without_time() ++ .with_target(false) ++ .with_level(false) ++ .finish(); ++ ++ #[derive(Debug)] ++ struct MaliciousError { ++ content: String, ++ } ++ ++ impl std::fmt::Display for MaliciousError { ++ fn fmt(&self, f: &mut std::fmt::Formatter<'_>) -> std::fmt::Result { ++ // This Display implementation contains ANSI escape sequences ++ write!(f, "Error: {}", self.content) ++ } ++ } ++ ++ tracing::subscriber::with_default(subscriber, || { ++ // Test 1: Field values should remain properly escaped by Debug (baseline) ++ let malicious_field_value = "\x1b]0;PWNED\x07\x1b[2J"; ++ tracing::error!(malicious_field = malicious_field_value, "Field test"); ++ ++ // Test 2: Message content vulnerability should be mitigated ++ let malicious_error = MaliciousError { ++ content: "\x1b]0;PWNED\x07\x1b[2J".to_string(), ++ }; ++ tracing::error!("{}", malicious_error); ++ }); ++ ++ let output = writer.get_output(); ++ ++ // Field values should contain escaped sequences like \u{1b} ++ assert!( ++ output.contains("\\u{1b}"), ++ "Field values should be escaped by Debug formatting" ++ ); ++ ++ // Message content should be sanitized ++ assert!( ++ output.contains("\\x1b"), ++ "Message content should be sanitized" ++ ); ++ assert!( ++ !output.contains("\x1b]0;PWNED"), ++ "Message content should not contain raw ANSI sequences" ++ ); ++ assert!( ++ !output.contains("\x07"), ++ "Message content should not contain raw control characters" ++ ); ++} ++ ++/// Test that C1 control characters (\x80-\x9f) are also properly escaped ++#[test] ++fn test_c1_control_characters_escaping() { ++ let writer = TestWriter::new(); ++ let subscriber = tracing_subscriber::fmt::Subscriber::builder() ++ .with_writer(writer.clone()) ++ .with_ansi(false) ++ .without_time() ++ .with_target(false) ++ .with_level(false) ++ .finish(); ++ ++ tracing::subscriber::with_default(subscriber, || { ++ // Test C1 control characters that can be used in 8-bit terminal escape sequences ++ let c1_controls = "\u{80}\u{85}\u{90}\u{9b}\u{9c}\u{9d}\u{9e}\u{9f}"; // Various C1 controls including CSI ++ ++ // This should escape C1 control characters to prevent 8-bit escape sequences ++ tracing::info!("C1 controls: {}", c1_controls); ++ }); ++ ++ let output = writer.get_output(); ++ ++ // Verify C1 control characters are escaped ++ assert!( ++ !output.contains('\u{80}'), ++ "Output should not contain raw C1 control characters" ++ ); ++ assert!( ++ !output.contains('\u{9b}'), ++ "Output should not contain raw CSI character" ++ ); ++ assert!( ++ !output.contains('\u{9c}'), ++ "Output should not contain raw ST character" ++ ); ++ ++ // Should contain Unicode escapes for C1 characters ++ assert!( ++ output.contains("\\u{80}") || output.contains("\\u{8"), ++ "Should contain escaped C1 characters" ++ ); ++} +-- +2.45.4 + diff --git a/SPECS/trident/CVE-2026-25541.patch b/SPECS/trident/CVE-2026-25541.patch new file mode 100644 index 00000000000..0d616f79405 --- /dev/null +++ b/SPECS/trident/CVE-2026-25541.patch @@ -0,0 +1,117 @@ +From d0293b0e35838123c51ca5dfdf468ecafee4398f Mon Sep 17 00:00:00 2001 +From: Alice Ryhl +Date: Tue, 3 Feb 2026 14:40:22 +0100 +Subject: [PATCH] Merge commit from fork + +* Add repro for integer overflow + +Signed-off-by: Alice Ryhl + +* Always check overflow in new_cap + offset + +Signed-off-by: Alice Ryhl +Upstream Patch Reference: https://github.com/tokio-rs/bytes/commit/d0293b0e35838123c51ca5dfdf468ecafee4398f.patch +--- + vendor/bytes/.cargo-checksum.json | 2 +- + vendor/bytes/ci/miri.sh | 3 +++ + vendor/bytes/src/bytes_mut.rs | 19 +++++++++++-------- + vendor/bytes/tests/test_bytes.rs | 13 +++++++++++++ + 4 files changed, 28 insertions(+), 9 deletions(-) + +diff --git a/vendor/bytes/.cargo-checksum.json b/vendor/bytes/.cargo-checksum.json +index 0e9b161f..c3fe0391 100644 +--- a/vendor/bytes/.cargo-checksum.json ++++ b/vendor/bytes/.cargo-checksum.json +@@ -1 +1 @@ +-{"files":{".cargo_vcs_info.json":"cd75d382735245c938f4b55135c737c0a67a8efd67f64d1699c7f3f577f4a6cc",".github/workflows/ci.yml":"f8d74892ed3672983a57b8d1f9a97101a4c4f000e962cc031cb5e854dcd16b2a","CHANGELOG.md":"a0692ff3c8c5693b4fdf96a44e3cb157fa1ffb7c07fe4d4123f6ff395540645c","Cargo.toml":"0064c85dbced0ad6704403b042ba5c437c82222852c6c78b063199092b49998b","Cargo.toml.orig":"7c76162cf745cc6f059a6c46465e759f62943d8f6f559fa763e4d42a4706fd9d","LICENSE":"45f522cacecb1023856e46df79ca625dfc550c94910078bd8aec6e02880b3d42","README.md":"c1b2b54999d4829f9f64fb41cbdf05a72d565be0dd078a8633d34631147498a1","SECURITY.md":"a3335079977c2f13bad59e323fdc1056bdae5adfe55f18d15ac2c930d741828c","benches/buf.rs":"72e6b6120b52d568da068f17c66a793d65602e400c595778581b63092e41d8dc","benches/bytes.rs":"7084e564f8568f52c9fdb76a06e58701aa7f0c776209d29a0f60c38a19748203","benches/bytes_mut.rs":"1326fe6224b26826228e02b4133151e756f38152c2d9cfe66adf83af76c3ec98","ci/miri.sh":"13b2db3432fcdf9e2db6ef9e6ec20d063c0ce63542981a6f77e09306e1e2198e","ci/test-stable.sh":"b21b9265d8d65c1f3d50c64e40d41c66a870d897325119d1f78d601727bbb562","ci/tsan.sh":"466b86b19225dd26c756cf2252cb1973f87a145642c99364b462ed7ceb55c7dd","clippy.toml":"8522f448dfa3b33ac334ce47d233ebb6b58e8ae115e45107a64fc1b4510fe560","src/buf/buf_impl.rs":"5ef03026b2eac1a6ce8d85df7b135f6f69c11fdb73c76ac449e8e7734c5aef07","src/buf/buf_mut.rs":"20bfb57681d1f0cb7c7610e12b9a06233235ba6f20100f7eb2f23a5f4cf0de90","src/buf/chain.rs":"c933958f04c4ecd39a18db34c04ea51cc601180d43ee6924fed2fb44b96fe8c7","src/buf/iter.rs":"d4dca5b7f9b1cb441f22ac1862e28b10086721879163a810955aefb5cd7f3e58","src/buf/limit.rs":"e005ba140b70f68654877c96b981a220477e415ff5c92438c1b0cb9bc866d872","src/buf/mod.rs":"3f60295316d44b510b942abb31a0d975ae488bd4b52c87f5252d73f88f82715a","src/buf/reader.rs":"cda8bc221a1de06c7395d5c6e80f8a5924198eafbc2decc0909082ce8781d789","src/buf/take.rs":"ce7f4644986797dae3e6bdaa8f65c8ff0a9b0d4b80f749c735ed4777b96dcb2c","src/buf/uninit_slice.rs":"52629b93ff7a08db45fc69395580b34fa3609fd9309ea01f86e58488b02b08a3","src/buf/vec_deque.rs":"8d552c26ac6ce28a471f74c388e4749432e86b1d8f5a9759b9fc32a2549d395f","src/buf/writer.rs":"b137608cb40944a5c3e061a73087c5a48e50048dae002d0334a23cf4d3547065","src/bytes.rs":"140ea293c520a0a6c80f7f3aa7ce9a6d33782f6be19a416929450b3fbfcba107","src/bytes_mut.rs":"76e6a2e68ffa433b694671f673aa16dc2d4a414e73d1037fd8f3d801251901ce","src/fmt/debug.rs":"4d217b8f43e489925bb6904010df617efc63b50a3cc1ab126eec54b43b66eb3e","src/fmt/hex.rs":"54c05ab7d95d7381e499079d63773fabd2672f3c4929b56b02ab87d4495902b5","src/fmt/mod.rs":"b38222dcfff70eb3ffb6ce305b95f3fcfd9fa68cca85693eb2ed01d3da7ddb88","src/lib.rs":"226bb979808d8dcc8ff1643029b74a672b1779d6b7153a9e180777b77906191f","src/loom.rs":"eb3f577d8cce39a84155c241c4dc308f024631f02085833f7fe9f0ea817bcea9","src/serde.rs":"3ecd7e828cd4c2b7db93c807cb1548fad209e674df493edf7cda69a7b04d405d","tests/test_buf.rs":"827a965d3635eed132317248172add380679a3aaa0a26752bb77ea6ff8a458d5","tests/test_buf_mut.rs":"3e6a12a4f546dbf1a0e1346ab2b7ff707fdaf01a06b21714ca64b141484a76c3","tests/test_bytes.rs":"778b718447d04401033e8319b30a34ed9b5a264d79677afe3b301d6bebf1b419","tests/test_bytes_odd_alloc.rs":"ad5df84a35038359413199762c65017989d905e6e965a7b863beaa9962a7e1e8","tests/test_bytes_vec_alloc.rs":"dd7e3c3a71abcfdcad7e3b2f52a6bd106ad6ea0d4bc634372e81dae097233cf0","tests/test_chain.rs":"e9f094539bb42b3135f50033c44122a6b44cf0f953e51e8b488f43243f1e7f10","tests/test_debug.rs":"13299107172809e8cbbd823964ac9450cd0d6b6de79f2e6a2e0f44b9225a0593","tests/test_iter.rs":"665e1837c1294d7695ffa352a666ce8673fb46fa603164556524e87d5517a6cb","tests/test_reader.rs":"bf83669d4e0960dad6aa47b46a9a454814fab626eb83572aba914c3d71618f43","tests/test_serde.rs":"2691f891796ba259de0ecf926de05c514f4912cc5fcd3e6a1591efbcd23ed4d0","tests/test_take.rs":"db01bf6855097f318336e90d12c0725a92cee426d330e477a6bd1d32dac34a27"},"package":"325918d6fe32f23b19878fe4b34794ae41fc19ddbe53b10571a4874d44ffd39b"} +\ No newline at end of file ++{"files":{".cargo_vcs_info.json":"cd75d382735245c938f4b55135c737c0a67a8efd67f64d1699c7f3f577f4a6cc",".github/workflows/ci.yml":"f8d74892ed3672983a57b8d1f9a97101a4c4f000e962cc031cb5e854dcd16b2a","CHANGELOG.md":"a0692ff3c8c5693b4fdf96a44e3cb157fa1ffb7c07fe4d4123f6ff395540645c","Cargo.toml":"0064c85dbced0ad6704403b042ba5c437c82222852c6c78b063199092b49998b","Cargo.toml.orig":"7c76162cf745cc6f059a6c46465e759f62943d8f6f559fa763e4d42a4706fd9d","LICENSE":"45f522cacecb1023856e46df79ca625dfc550c94910078bd8aec6e02880b3d42","README.md":"c1b2b54999d4829f9f64fb41cbdf05a72d565be0dd078a8633d34631147498a1","SECURITY.md":"a3335079977c2f13bad59e323fdc1056bdae5adfe55f18d15ac2c930d741828c","benches/buf.rs":"72e6b6120b52d568da068f17c66a793d65602e400c595778581b63092e41d8dc","benches/bytes.rs":"7084e564f8568f52c9fdb76a06e58701aa7f0c776209d29a0f60c38a19748203","benches/bytes_mut.rs":"1326fe6224b26826228e02b4133151e756f38152c2d9cfe66adf83af76c3ec98","ci/miri.sh":"e74475e7aec647a490a1f491b5dac6a60e3c03926a7c7e1898fa3e7c626415c7","ci/test-stable.sh":"b21b9265d8d65c1f3d50c64e40d41c66a870d897325119d1f78d601727bbb562","ci/tsan.sh":"466b86b19225dd26c756cf2252cb1973f87a145642c99364b462ed7ceb55c7dd","clippy.toml":"8522f448dfa3b33ac334ce47d233ebb6b58e8ae115e45107a64fc1b4510fe560","src/buf/buf_impl.rs":"5ef03026b2eac1a6ce8d85df7b135f6f69c11fdb73c76ac449e8e7734c5aef07","src/buf/buf_mut.rs":"20bfb57681d1f0cb7c7610e12b9a06233235ba6f20100f7eb2f23a5f4cf0de90","src/buf/chain.rs":"c933958f04c4ecd39a18db34c04ea51cc601180d43ee6924fed2fb44b96fe8c7","src/buf/iter.rs":"d4dca5b7f9b1cb441f22ac1862e28b10086721879163a810955aefb5cd7f3e58","src/buf/limit.rs":"e005ba140b70f68654877c96b981a220477e415ff5c92438c1b0cb9bc866d872","src/buf/mod.rs":"3f60295316d44b510b942abb31a0d975ae488bd4b52c87f5252d73f88f82715a","src/buf/reader.rs":"cda8bc221a1de06c7395d5c6e80f8a5924198eafbc2decc0909082ce8781d789","src/buf/take.rs":"ce7f4644986797dae3e6bdaa8f65c8ff0a9b0d4b80f749c735ed4777b96dcb2c","src/buf/uninit_slice.rs":"52629b93ff7a08db45fc69395580b34fa3609fd9309ea01f86e58488b02b08a3","src/buf/vec_deque.rs":"8d552c26ac6ce28a471f74c388e4749432e86b1d8f5a9759b9fc32a2549d395f","src/buf/writer.rs":"b137608cb40944a5c3e061a73087c5a48e50048dae002d0334a23cf4d3547065","src/bytes.rs":"140ea293c520a0a6c80f7f3aa7ce9a6d33782f6be19a416929450b3fbfcba107","src/bytes_mut.rs":"f4ca4087f012aec626212ba2a442344bfd18ef32647012193c9be76ba5c672bb","src/fmt/debug.rs":"4d217b8f43e489925bb6904010df617efc63b50a3cc1ab126eec54b43b66eb3e","src/fmt/hex.rs":"54c05ab7d95d7381e499079d63773fabd2672f3c4929b56b02ab87d4495902b5","src/fmt/mod.rs":"b38222dcfff70eb3ffb6ce305b95f3fcfd9fa68cca85693eb2ed01d3da7ddb88","src/lib.rs":"226bb979808d8dcc8ff1643029b74a672b1779d6b7153a9e180777b77906191f","src/loom.rs":"eb3f577d8cce39a84155c241c4dc308f024631f02085833f7fe9f0ea817bcea9","src/serde.rs":"3ecd7e828cd4c2b7db93c807cb1548fad209e674df493edf7cda69a7b04d405d","tests/test_buf.rs":"827a965d3635eed132317248172add380679a3aaa0a26752bb77ea6ff8a458d5","tests/test_buf_mut.rs":"3e6a12a4f546dbf1a0e1346ab2b7ff707fdaf01a06b21714ca64b141484a76c3","tests/test_bytes.rs":"281a674ca0e6c0a96208e420aff8c398496b5d5ad30f55c0a8629235f1d97986","tests/test_bytes_odd_alloc.rs":"ad5df84a35038359413199762c65017989d905e6e965a7b863beaa9962a7e1e8","tests/test_bytes_vec_alloc.rs":"dd7e3c3a71abcfdcad7e3b2f52a6bd106ad6ea0d4bc634372e81dae097233cf0","tests/test_chain.rs":"e9f094539bb42b3135f50033c44122a6b44cf0f953e51e8b488f43243f1e7f10","tests/test_debug.rs":"13299107172809e8cbbd823964ac9450cd0d6b6de79f2e6a2e0f44b9225a0593","tests/test_iter.rs":"665e1837c1294d7695ffa352a666ce8673fb46fa603164556524e87d5517a6cb","tests/test_reader.rs":"bf83669d4e0960dad6aa47b46a9a454814fab626eb83572aba914c3d71618f43","tests/test_serde.rs":"2691f891796ba259de0ecf926de05c514f4912cc5fcd3e6a1591efbcd23ed4d0","tests/test_take.rs":"db01bf6855097f318336e90d12c0725a92cee426d330e477a6bd1d32dac34a27"},"package":"325918d6fe32f23b19878fe4b34794ae41fc19ddbe53b10571a4874d44ffd39b"} +diff --git a/vendor/bytes/ci/miri.sh b/vendor/bytes/ci/miri.sh +index 7df29f36..ca7f41df 100755 +--- a/vendor/bytes/ci/miri.sh ++++ b/vendor/bytes/ci/miri.sh +@@ -8,3 +8,6 @@ export MIRIFLAGS="-Zmiri-strict-provenance" + + cargo miri test + cargo miri test --target mips64-unknown-linux-gnuabi64 ++ ++# run with wrapping integer overflow instead of panic ++cargo miri test --release +diff --git a/vendor/bytes/src/bytes_mut.rs b/vendor/bytes/src/bytes_mut.rs +index a0d77bc2..bd9e3edc 100644 +--- a/vendor/bytes/src/bytes_mut.rs ++++ b/vendor/bytes/src/bytes_mut.rs +@@ -696,9 +696,14 @@ impl BytesMut { + + let offset = offset_from(self.ptr.as_ptr(), ptr); + ++ let new_cap_plus_offset = match new_cap.checked_add(offset) { ++ Some(new_cap_plus_offset) => new_cap_plus_offset, ++ None => panic!("overflow"), ++ }; ++ + // Compare the condition in the `kind == KIND_VEC` case above + // for more details. +- if v_capacity >= new_cap + offset { ++ if v_capacity >= new_cap_plus_offset { + self.cap = new_cap; + // no copy is necessary + } else if v_capacity >= new_cap && offset >= len { +@@ -714,14 +719,12 @@ impl BytesMut { + if !allocate { + return false; + } +- // calculate offset +- let off = (self.ptr.as_ptr() as usize) - (v.as_ptr() as usize); + + // new_cap is calculated in terms of `BytesMut`, not the underlying + // `Vec`, so it does not take the offset into account. + // + // Thus we have to manually add it here. +- new_cap = new_cap.checked_add(off).expect("overflow"); ++ new_cap = new_cap_plus_offset; + + // The vector capacity is not sufficient. The reserve request is + // asking for more than the initial buffer capacity. Allocate more +@@ -743,13 +746,13 @@ impl BytesMut { + // the unused capacity of the vector is copied over to the new + // allocation, so we need to ensure that we don't have any data we + // care about in the unused capacity before calling `reserve`. +- debug_assert!(off + len <= v.capacity()); +- v.set_len(off + len); ++ debug_assert!(offset + len <= v.capacity()); ++ v.set_len(offset + len); + v.reserve(new_cap - v.len()); + + // Update the info +- self.ptr = vptr(v.as_mut_ptr().add(off)); +- self.cap = v.capacity() - off; ++ self.ptr = vptr(v.as_mut_ptr().add(offset)); ++ self.cap = v.capacity() - offset; + } + + return true; +diff --git a/vendor/bytes/tests/test_bytes.rs b/vendor/bytes/tests/test_bytes.rs +index fdc36ce8..980c273f 100644 +--- a/vendor/bytes/tests/test_bytes.rs ++++ b/vendor/bytes/tests/test_bytes.rs +@@ -1631,3 +1631,16 @@ fn owned_safe_drop_on_as_ref_panic() { + assert!(result.is_err()); + assert_eq!(drop_counter.get(), 1); + } ++ ++#[test] ++#[should_panic] ++fn bytes_mut_reserve_overflow() { ++ let mut a = BytesMut::from(&b"hello world"[..]); ++ let mut b = a.split_off(5); ++ // Ensure b becomes the unique owner of the backing storage ++ drop(a); ++ // Trigger overflow in new_cap + offset inside reserve ++ b.reserve(usize::MAX - 6); ++ // This call relies on the corrupted cap and may cause UB & HBO ++ b.put_u8(b'h'); ++} +-- +2.45.4 + diff --git a/SPECS/trident/trident.spec b/SPECS/trident/trident.spec index 6f6c225d3b7..326197c0017 100644 --- a/SPECS/trident/trident.spec +++ b/SPECS/trident/trident.spec @@ -10,7 +10,7 @@ Summary: Declarative, security-first OS lifecycle agent designed primaril Name: trident # Use hard-coded versions for distro build Version: 0.21.0 -Release: 1%{?dist} +Release: 2%{?dist} License: MIT Vendor: Microsoft Corporation Group: Applications/System @@ -32,7 +32,8 @@ Source1: %{name}-%{version}-cargo.tar.gz %else Source1: osmodifier %endif - +Patch0: CVE-2025-58160.patch +Patch1: CVE-2026-25541.patch BuildRequires: openssl-devel BuildRequires: protobuf-compiler BuildRequires: protobuf-devel @@ -212,7 +213,7 @@ be removed once the fix is merged in AZL 4.0. %if %{undefined rpm_ver} # Use cargo with source and vendor tarballs for distro build %prep -%autosetup -n %{name}-%{version} -p1 +%autosetup -n %{name}-%{version} -N # Do vendor expansion here manually by # calling `tar x` and setting up @@ -227,6 +228,7 @@ replace-with = "vendored-sources" [source.vendored-sources] directory = "vendor" EOF +%autopatch -p1 %endif %build @@ -300,6 +302,9 @@ mkdir -p "$pcrlockroot" ) %changelog +* Fri Mar 6 2026 Archana Shettigar 0.21.0-2 +- Patch for CVE-2025-58160 & CVE-2026-25541 + * Mon Mar 2 2026 Brian Fjeldstad 0.21.0-1 - Original version for Azure Linux (license: MIT). - License verified.