[AUTO-CHERRYPICK] [Medium] reaper: Fix CVE-2024-52798 - branch main (#12535)

CBL-Mariner-Bot · v-smalavathu · jslobodzian · web-flow · commit c920e5efb7c9 · 2025-02-25T14:01:36.000-05:00
Co-authored-by: Sreenivasulu Malavathula (HCL Technologies Ltd) &lt;v-smalavathu@microsoft.com&gt;
Co-authored-by: jslobodzian &lt;joslobo@microsoft.com&gt;
diff --git a/SPECS/reaper/CVE-2024-52798.patch b/SPECS/reaper/CVE-2024-52798.patch
@@ -0,0 +1,46 @@
+From 4d91e1915e5e1c9a0e65cb9e47fae3867438ac47 Mon Sep 17 00:00:00 2001
+From: Sreenivasulu Malavathula <v-smalavathu@microsoft.com>
+Date: Sun, 9 Feb 2025 09:15:14 -0600
+Subject: [PATCH] Address CVE-2024-52798
+
+---
+ src/ui/node_modules/path-to-regexp/index.js | 15 +++++++++++----
+ 1 file changed, 11 insertions(+), 4 deletions(-)
+
+diff --git a/src/ui/node_modules/path-to-regexp/index.js b/src/ui/node_modules/path-to-regexp/index.js
+index 39b7caac..4922e0a3 100644
+--- a/src/ui/node_modules/path-to-regexp/index.js
++++ b/src/ui/node_modules/path-to-regexp/index.js
+@@ -72,20 +72,26 @@ function pathToRegexp(path, keys, options) {
+   path = path.replace(
+     /\\.|(\/)?(\.)?:(\w+)(\(.*?\))?(\*)?(\?)?|[.*]|\/\(/g,
+     function (match, slash, format, key, capture, star, optional, offset) {
+-      pos = offset + match.length;
+-
+       if (match[0] === '\\') {
+         backtrack += match;
++	pos += 2;
+         return match;
+       }
+
+       if (match === '.') {
+         backtrack += '\\.';
+         extraOffset += 1;
++	pos += 1;
+         return '\\.';
+       }
+
+-      backtrack = slash || format ? '' : path.slice(pos, offset);
++      if (slash || format) {
++        backtrack = '';
++      } else {
++        backtrack += path.slice(pos, offset);
++      }
++
++      pos = offset + match.length;
+
+       if (match === '*') {
+         extraOffset += 3;
+--
+2.45.2
+
diff --git a/SPECS/reaper/reaper.spec b/SPECS/reaper/reaper.spec
@@ -45,7 +45,8 @@ Patch9:         CVE-2024-48949.patch
 Patch10:        CVE-2024-45590.patch
 Patch11:        CVE-2024-21538.patch
 Patch12:        CVE-2020-28458.patch
-Patch13:        CVE-2020-24025.patch
+Patch13:        CVE-2024-52798.patch
+Patch14:        CVE-2020-24025.patch
 
 BuildRequires:  git
 BuildRequires:  javapackages-tools
@@ -184,7 +185,7 @@ fi
 
 %changelog
 * Mon Feb 17 2025 Kanishk Bansal <kanbansal@microsoft.com> - 3.1.1-16
-- Patch CVE-2020-24025
+- Patch CVE-2020-24025 and CVE-2024-52798 
 
 * Sat Nov 16 2024 Sudipta Pandit <sudpandit@microsoft.com> - 3.1.1-15
 - Patch CVE-2024-21538 in node modules
