package/openocd/0002-CVE-2018-5704-Prevent-some-forms-of-Cross-Protocol-S.patch - buildroot - Git at Google

 From 3a223ca3ebc7ac24d7726a0cd58e5695bc813657 Mon Sep 17 00:00:00 2001
 From: Andreas Fritiofson <andreas.fritiofson@gmail.com>
 Date: Sat, 13 Jan 2018 21:00:47 +0100
 Subject: [PATCH] CVE-2018-5704: Prevent some forms of Cross Protocol Scripting
  attacks

 OpenOCD can be targeted by a Cross Protocol Scripting attack from
 a web browser running malicious code, such as the following PoC:

 var x = new XMLHttpRequest();
 x.open("POST", "http://127.0.0.1:4444", true);
 x.send("exec xcalc\r\n");

 This mitigation should provide some protection from browser-based
 attacks and is based on the corresponding fix in Redis:

 https://github.com/antirez/redis/blob/8075572207b5aebb1385c4f233f5302544439325/src/networking.c#L1758


 Upstream-status: Under review: http://openocd.zylin.com/#/c/4335/
 Change-Id: Ia96ebe19b74b5805dc228bf7364c7971a90a4581
 Signed-off-by: Andreas Fritiofson <andreas.fritiofson@gmail.com>
 Reported-by: Josef Gajdusek <atx@atx.name>
 Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
 ---
  src/server/startup.tcl | 11 +++++++++++
  1 file changed, 11 insertions(+)

 diff --git a/src/server/startup.tcl b/src/server/startup.tcl
 index 64ace407..dd1b31e4 100644
 --- a/src/server/startup.tcl
 +++ b/src/server/startup.tcl
 @@ -8,3 +8,14 @@ proc ocd_gdb_restart {target_id} {
  	# one target
  	reset halt
  }
 +
 +proc prevent_cps {} {
 +	echo "Possible SECURITY ATTACK detected."
 +	echo "It looks like somebody is sending POST or Host: commands to OpenOCD."
 +	echo "This is likely due to an attacker attempting to use Cross Protocol Scripting"
 +	echo "to compromise your OpenOCD instance. Connection aborted."
 +	exit
 +}
 +
 +proc POST {args} { prevent_cps }
 +proc Host: {args} { prevent_cps }
 --
 2.11.0
	From 3a223ca3ebc7ac24d7726a0cd58e5695bc813657 Mon Sep 17 00:00:00 2001
	From: Andreas Fritiofson <andreas.fritiofson@gmail.com>
	Date: Sat, 13 Jan 2018 21:00:47 +0100
	Subject: [PATCH] CVE-2018-5704: Prevent some forms of Cross Protocol Scripting
	attacks

	OpenOCD can be targeted by a Cross Protocol Scripting attack from
	a web browser running malicious code, such as the following PoC:

	var x = new XMLHttpRequest();
	x.open("POST", "http://127.0.0.1:4444", true);
	x.send("exec xcalc\r\n");

	This mitigation should provide some protection from browser-based
	attacks and is based on the corresponding fix in Redis:

	https://github.com/antirez/redis/blob/8075572207b5aebb1385c4f233f5302544439325/src/networking.c#L1758


	Upstream-status: Under review: http://openocd.zylin.com/#/c/4335/
	Change-Id: Ia96ebe19b74b5805dc228bf7364c7971a90a4581
	Signed-off-by: Andreas Fritiofson <andreas.fritiofson@gmail.com>
	Reported-by: Josef Gajdusek <atx@atx.name>
	Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
	---
	src/server/startup.tcl \| 11 +++++++++++
	1 file changed, 11 insertions(+)

	diff --git a/src/server/startup.tcl b/src/server/startup.tcl
	index 64ace407..dd1b31e4 100644
	--- a/src/server/startup.tcl
	+++ b/src/server/startup.tcl
	@@ -8,3 +8,14 @@ proc ocd_gdb_restart {target_id} {
	# one target
	reset halt
	}
	+
	+proc prevent_cps {} {
	+ echo "Possible SECURITY ATTACK detected."
	+ echo "It looks like somebody is sending POST or Host: commands to OpenOCD."
	+ echo "This is likely due to an attacker attempting to use Cross Protocol Scripting"
	+ echo "to compromise your OpenOCD instance. Connection aborted."
	+ exit
	+}
	+
	+proc POST {args} { prevent_cps }
	+proc Host: {args} { prevent_cps }
	--
	2.11.0