Skip to content

Cherry-pick fix for greenpig#312

Merged
istio-testing merged 3 commits intoistio:release-1.8from
bianpengyuan:greenpig-18
Apr 16, 2021
Merged

Cherry-pick fix for greenpig#312
istio-testing merged 3 commits intoistio:release-1.8from
bianpengyuan:greenpig-18

Conversation

@bianpengyuan
Copy link

@bianpengyuan bianpengyuan commented Apr 15, 2021

For an explanation of how to fill out the fields, please see the relevant section
in PULL_REQUESTS.md

Description:
Risk Level:
Testing:
Docs Changes:
Release Notes:
[Optional Fixes #Issue]
[Optional Deprecated:]

tonya11en and others added 3 commits April 15, 2021 20:13
@tonya11en @bianpengyuan
http: Fixing empty metadata map handling (istio#230) istio#250
45c6392 
Commit Message: Fixing a crash when the decoder receives an empty metadata map.

Additional Description:
Upon receiving an empty metadata map and trying to decode it an assertion is triggered in debug mode, and a seg-fault occurs in release mode.
The proposed fix ignores the empty metadata maps and updates a stats if one is received.

Risk Level: Medium for Envoy's running with Metadata support.
Testing: Added integration tests.
Docs Changes: Added a codec stats counter description.
Release Notes: Added bug fix description.
Platform Specific Features: N/A.
Fixes a fuzz bug: 25303

Signed-off-by: Tony Allen <tony@allen.gg>
@Shikugawa @bianpengyuan
grpc: fix grpc-timeout integer overflow (istio#255)
9515cee 
Fixes CVE-2021-28682, a remotely exploitable integer overflow.

Signed-off-by: Asra Ali <asraa@google.com>
Signed-off-by: Tony Allen <tony@allen.gg>
@Shikugawa @cpakulski @bianpengyuan
ssl: fix crash when peer sends an SSL Alert with an unknown code (ist…
6269a08 
…io#259)

Fixes CVE-2021-28683 (crash when peer sends an SSL Alert with an unknown code)

Signed-off-by: Shikugawa <Shikugawa@gmail.com>
Co-authored-by: Christoph Pakulski <christoph@tetrate.io>
Signed-off-by: Tony Allen <tony@allen.gg>
@google-cla
Copy link

google-cla bot commented Apr 15, 2021

We found a Contributor License Agreement for you (the sender of this pull request), but were unable to find agreements for all the commit author(s) or Co-authors. If you authored these, maybe you used a different email address in the git commits than was used to sign the CLA (login here to double check)? If these were authored by someone else, then they will need to sign a CLA as well, and confirm that they're okay with these being contributed to Google.
In order to pass this check, please resolve this problem and then comment @googlebot I fixed it.. If the bot doesn't comment, it means it doesn't think anything has changed.

ℹ️ Googlers: Go here for more info.

@google-cla google-cla bot added the cla: no label Apr 15, 2021
@bianpengyuan bianpengyuan requested a review from GregHanson April 15, 2021 20:19
@istio-testing istio-testing merged commit 3887a0c into istio:release-1.8 Apr 16, 2021
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

1 more reviewer

@GregHanson GregHanson GregHanson approved these changes

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

cla: yes size/L

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

5 participants

@bianpengyuan @GregHanson @istio-testing @tonya11en @Shikugawa