DockerCLI/vendor/google.golang.org/protobuf/internal/filedesc/editions.go

// Copyright 2024 The Go Authors. All rights reserved.
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.

package filedesc

import (
	"fmt"

	"google.golang.org/protobuf/encoding/protowire"
	"google.golang.org/protobuf/internal/editiondefaults"
	"google.golang.org/protobuf/internal/genid"
	"google.golang.org/protobuf/reflect/protoreflect"
)

var defaultsCache = make(map[Edition]EditionFeatures)

func init() {
	unmarshalEditionDefaults(editiondefaults.Defaults)
}

func unmarshalGoFeature(b []byte, parent EditionFeatures) EditionFeatures {
	for len(b) > 0 {
		num, _, n := protowire.ConsumeTag(b)
		b = b[n:]
		switch num {
		case genid.GoFeatures_LegacyUnmarshalJsonEnum_field_number:
			v, m := protowire.ConsumeVarint(b)
			b = b[m:]
			parent.GenerateLegacyUnmarshalJSON = protowire.DecodeBool(v)
		default:
			panic(fmt.Sprintf("unkown field number %d while unmarshalling GoFeatures", num))
		}
	}
	return parent
}

func unmarshalFeatureSet(b []byte, parent EditionFeatures) EditionFeatures {
	for len(b) > 0 {
		num, typ, n := protowire.ConsumeTag(b)
		b = b[n:]
		switch typ {
		case protowire.VarintType:
			v, m := protowire.ConsumeVarint(b)
			b = b[m:]
			switch num {
			case genid.FeatureSet_FieldPresence_field_number:
				parent.IsFieldPresence = v == genid.FeatureSet_EXPLICIT_enum_value || v == genid.FeatureSet_LEGACY_REQUIRED_enum_value
				parent.IsLegacyRequired = v == genid.FeatureSet_LEGACY_REQUIRED_enum_value
			case genid.FeatureSet_EnumType_field_number:
				parent.IsOpenEnum = v == genid.FeatureSet_OPEN_enum_value
			case genid.FeatureSet_RepeatedFieldEncoding_field_number:
				parent.IsPacked = v == genid.FeatureSet_PACKED_enum_value
			case genid.FeatureSet_Utf8Validation_field_number:
				parent.IsUTF8Validated = v == genid.FeatureSet_VERIFY_enum_value
			case genid.FeatureSet_MessageEncoding_field_number:
				parent.IsDelimitedEncoded = v == genid.FeatureSet_DELIMITED_enum_value
			case genid.FeatureSet_JsonFormat_field_number:
				parent.IsJSONCompliant = v == genid.FeatureSet_ALLOW_enum_value
			default:
				panic(fmt.Sprintf("unkown field number %d while unmarshalling FeatureSet", num))
			}
		case protowire.BytesType:
			v, m := protowire.ConsumeBytes(b)
			b = b[m:]
			switch num {
			case genid.GoFeatures_LegacyUnmarshalJsonEnum_field_number:
				parent = unmarshalGoFeature(v, parent)
			}
		}
	}

	return parent
}

func featuresFromParentDesc(parentDesc protoreflect.Descriptor) EditionFeatures {
	var parentFS EditionFeatures
	switch p := parentDesc.(type) {
	case *File:
		parentFS = p.L1.EditionFeatures
	case *Message:
		parentFS = p.L1.EditionFeatures
	default:
		panic(fmt.Sprintf("unknown parent type %T", parentDesc))
	}
	return parentFS
}

func unmarshalEditionDefault(b []byte) {
	var ed Edition
	var fs EditionFeatures
	for len(b) > 0 {
		num, typ, n := protowire.ConsumeTag(b)
		b = b[n:]
		switch typ {
		case protowire.VarintType:
			v, m := protowire.ConsumeVarint(b)
			b = b[m:]
			switch num {
			case genid.FeatureSetDefaults_FeatureSetEditionDefault_Edition_field_number:
				ed = Edition(v)
			}
		case protowire.BytesType:
			v, m := protowire.ConsumeBytes(b)
			b = b[m:]
			switch num {
			case genid.FeatureSetDefaults_FeatureSetEditionDefault_Features_field_number:
				fs = unmarshalFeatureSet(v, fs)
			}
		}
	}
	defaultsCache[ed] = fs
}

func unmarshalEditionDefaults(b []byte) {
	for len(b) > 0 {
		num, _, n := protowire.ConsumeTag(b)
		b = b[n:]
		switch num {
		case genid.FeatureSetDefaults_Defaults_field_number:
			def, m := protowire.ConsumeBytes(b)
			b = b[m:]
			unmarshalEditionDefault(def)
		case genid.FeatureSetDefaults_MinimumEdition_field_number,
			genid.FeatureSetDefaults_MaximumEdition_field_number:
			// We don't care about the minimum and maximum editions. If the
			// edition we are looking for later on is not in the cache we know
			// it is outside of the range between minimum and maximum edition.
			_, m := protowire.ConsumeVarint(b)
			b = b[m:]
		default:
			panic(fmt.Sprintf("unkown field number %d while unmarshalling EditionDefault", num))
		}
	}
}

func getFeaturesFor(ed Edition) EditionFeatures {
	if def, ok := defaultsCache[ed]; ok {
		return def
	}
	panic(fmt.Sprintf("unsupported edition: %v", ed))
}
vendor: google.golang.org/protobuf v1.33.0, github.com/golang/protobuf v1.5.4 full diffs: - https://github.com/protocolbuffers/protobuf-go/compare/v1.31.0...v1.33.0 - https://github.com/golang/protobuf/compare/v1.5.3...v1.5.4 From the Go security announcement list; > Version v1.33.0 of the google.golang.org/protobuf module fixes a bug in > the google.golang.org/protobuf/encoding/protojson package which could cause > the Unmarshal function to enter an infinite loop when handling some invalid > inputs. > > This condition could only occur when unmarshaling into a message which contains > a google.protobuf.Any value, or when the UnmarshalOptions.UnmarshalUnknown > option is set. Unmarshal now correctly returns an error when handling these > inputs. > > This is CVE-2024-24786. In a follow-up post; > A small correction: This vulnerability applies when the UnmarshalOptions.DiscardUnknown > option is set (as well as when unmarshaling into any message which contains a > google.protobuf.Any). There is no UnmarshalUnknown option. > > In addition, version 1.33.0 of google.golang.org/protobuf inadvertently > introduced an incompatibility with the older github.com/golang/protobuf > module. (https://github.com/golang/protobuf/issues/1596) Users of the older > module should update to github.com/golang/protobuf@v1.5.4. govulncheck results in our code shows that this does not affect the CLI: govulncheck ./... Scanning your code and 448 packages across 72 dependent modules for known vulnerabilities... === Symbol Results === No vulnerabilities found. Your code is affected by 0 vulnerabilities. This scan also found 1 vulnerability in packages you import and 0 vulnerabilities in modules you require, but your code doesn't appear to call these vulnerabilities. Use '-show verbose' for more details. Signed-off-by: Sebastiaan van Stijn <github@gone.nl> 2024-03-16 11:34:55 -04:00			`// Copyright 2024 The Go Authors. All rights reserved.`
			`// Use of this source code is governed by a BSD-style`
			`// license that can be found in the LICENSE file.`

			`package filedesc`

			`import (`
			`"fmt"`

			`"google.golang.org/protobuf/encoding/protowire"`
			`"google.golang.org/protobuf/internal/editiondefaults"`
			`"google.golang.org/protobuf/internal/genid"`
			`"google.golang.org/protobuf/reflect/protoreflect"`
			`)`

			`var defaultsCache = make(map[Edition]EditionFeatures)`

			`func init() {`
			`unmarshalEditionDefaults(editiondefaults.Defaults)`
			`}`

			`func unmarshalGoFeature(b []byte, parent EditionFeatures) EditionFeatures {`
			`for len(b) > 0 {`
			`num, _, n := protowire.ConsumeTag(b)`
			`b = b[n:]`
			`switch num {`
			`case genid.GoFeatures_LegacyUnmarshalJsonEnum_field_number:`
			`v, m := protowire.ConsumeVarint(b)`
			`b = b[m:]`
			`parent.GenerateLegacyUnmarshalJSON = protowire.DecodeBool(v)`
			`default:`
			`panic(fmt.Sprintf("unkown field number %d while unmarshalling GoFeatures", num))`
			`}`
			`}`
			`return parent`
			`}`

			`func unmarshalFeatureSet(b []byte, parent EditionFeatures) EditionFeatures {`
			`for len(b) > 0 {`
			`num, typ, n := protowire.ConsumeTag(b)`
			`b = b[n:]`
			`switch typ {`
			`case protowire.VarintType:`
			`v, m := protowire.ConsumeVarint(b)`
			`b = b[m:]`
			`switch num {`
			`case genid.FeatureSet_FieldPresence_field_number:`
			`parent.IsFieldPresence = v == genid.FeatureSet_EXPLICIT_enum_value \|\| v == genid.FeatureSet_LEGACY_REQUIRED_enum_value`
			`parent.IsLegacyRequired = v == genid.FeatureSet_LEGACY_REQUIRED_enum_value`
			`case genid.FeatureSet_EnumType_field_number:`
			`parent.IsOpenEnum = v == genid.FeatureSet_OPEN_enum_value`
			`case genid.FeatureSet_RepeatedFieldEncoding_field_number:`
			`parent.IsPacked = v == genid.FeatureSet_PACKED_enum_value`
			`case genid.FeatureSet_Utf8Validation_field_number:`
			`parent.IsUTF8Validated = v == genid.FeatureSet_VERIFY_enum_value`
			`case genid.FeatureSet_MessageEncoding_field_number:`
			`parent.IsDelimitedEncoded = v == genid.FeatureSet_DELIMITED_enum_value`
			`case genid.FeatureSet_JsonFormat_field_number:`
			`parent.IsJSONCompliant = v == genid.FeatureSet_ALLOW_enum_value`
			`default:`
			`panic(fmt.Sprintf("unkown field number %d while unmarshalling FeatureSet", num))`
			`}`
			`case protowire.BytesType:`
			`v, m := protowire.ConsumeBytes(b)`
			`b = b[m:]`
			`switch num {`
			`case genid.GoFeatures_LegacyUnmarshalJsonEnum_field_number:`
			`parent = unmarshalGoFeature(v, parent)`
			`}`
			`}`
			`}`

			`return parent`
			`}`

			`func featuresFromParentDesc(parentDesc protoreflect.Descriptor) EditionFeatures {`
			`var parentFS EditionFeatures`
			`switch p := parentDesc.(type) {`
			`case *File:`
			`parentFS = p.L1.EditionFeatures`
			`case *Message:`
			`parentFS = p.L1.EditionFeatures`
			`default:`
			`panic(fmt.Sprintf("unknown parent type %T", parentDesc))`
			`}`
			`return parentFS`
			`}`

			`func unmarshalEditionDefault(b []byte) {`
			`var ed Edition`
			`var fs EditionFeatures`
			`for len(b) > 0 {`
			`num, typ, n := protowire.ConsumeTag(b)`
			`b = b[n:]`
			`switch typ {`
			`case protowire.VarintType:`
			`v, m := protowire.ConsumeVarint(b)`
			`b = b[m:]`
			`switch num {`
			`case genid.FeatureSetDefaults_FeatureSetEditionDefault_Edition_field_number:`
			`ed = Edition(v)`
			`}`
			`case protowire.BytesType:`
			`v, m := protowire.ConsumeBytes(b)`
			`b = b[m:]`
			`switch num {`
			`case genid.FeatureSetDefaults_FeatureSetEditionDefault_Features_field_number:`
			`fs = unmarshalFeatureSet(v, fs)`
			`}`
			`}`
			`}`
			`defaultsCache[ed] = fs`
			`}`

			`func unmarshalEditionDefaults(b []byte) {`
			`for len(b) > 0 {`
			`num, _, n := protowire.ConsumeTag(b)`
			`b = b[n:]`
			`switch num {`
			`case genid.FeatureSetDefaults_Defaults_field_number:`
			`def, m := protowire.ConsumeBytes(b)`
			`b = b[m:]`
			`unmarshalEditionDefault(def)`
			`case genid.FeatureSetDefaults_MinimumEdition_field_number,`
			`genid.FeatureSetDefaults_MaximumEdition_field_number:`
			`// We don't care about the minimum and maximum editions. If the`
			`// edition we are looking for later on is not in the cache we know`
			`// it is outside of the range between minimum and maximum edition.`
			`_, m := protowire.ConsumeVarint(b)`
			`b = b[m:]`
			`default:`
			`panic(fmt.Sprintf("unkown field number %d while unmarshalling EditionDefault", num))`
			`}`
			`}`
			`}`

			`func getFeaturesFor(ed Edition) EditionFeatures {`
			`if def, ok := defaultsCache[ed]; ok {`
			`return def`
			`}`
			`panic(fmt.Sprintf("unsupported edition: %v", ed))`
			`}`