deleted file mode 100644
@@ -1,794 +0,0 @@
-From 9f182ae260cc60e8cc5417abbe9481821642afa0 Mon Sep 17 00:00:00 2001
-From: Protobuf Team Bot <protobuf-github-bot@google.com>
-Date: Tue, 17 Sep 2024 12:03:36 -0700
-Subject: [PATCH] Add recursion check when parsing unknown fields in Java.
-
-PiperOrigin-RevId: 675657198
-
-CVE: CVE-2024-7254
-
-Upstream-Status: Backport [ac9fb5b4c71b0dd80985b27684e265d1f03abf46]
-
-The original patch is adjusted to fit for the current version.
-
-Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
----
- .../com/google/protobuf/ArrayDecoders.java | 28 +++
- .../com/google/protobuf/CodedInputStream.java | 72 +++++-
- .../com/google/protobuf/MessageSchema.java | 9 +-
- .../com/google/protobuf/MessageSetSchema.java | 2 +-
- .../google/protobuf/UnknownFieldSchema.java | 28 ++-
- .../google/protobuf/CodedInputStreamTest.java | 159 ++++++++++++
- .../java/com/google/protobuf/LiteTest.java | 232 ++++++++++++++++++
- 7 files changed, 514 insertions(+), 16 deletions(-)
-
-diff --git a/java/core/src/main/java/com/google/protobuf/ArrayDecoders.java b/java/core/src/main/java/com/google/protobuf/ArrayDecoders.java
-index f3241de50..0f3d7de0d 100644
---- a/java/core/src/main/java/com/google/protobuf/ArrayDecoders.java
-+++ b/java/core/src/main/java/com/google/protobuf/ArrayDecoders.java
-@@ -26,6 +26,10 @@ final class ArrayDecoders {
-
- private ArrayDecoders() {
- }
-+ static final int DEFAULT_RECURSION_LIMIT = 100;
-+
-+ @SuppressWarnings("NonFinalStaticField")
-+ private static volatile int recursionLimit = DEFAULT_RECURSION_LIMIT;
-
- /**
- * A helper used to return multiple values in a Java function. Java doesn't natively support
-@@ -38,6 +42,7 @@ final class ArrayDecoders {
- public long long1;
- public Object object1;
- public final ExtensionRegistryLite extensionRegistry;
-+ public int recursionDepth;
-
- Registers() {
- this.extensionRegistry = ExtensionRegistryLite.getEmptyRegistry();
-@@ -245,7 +250,10 @@ final class ArrayDecoders {
- if (length < 0 || length > limit - position) {
- throw InvalidProtocolBufferException.truncatedMessage();
- }
-+ registers.recursionDepth++;
-+ checkRecursionLimit(registers.recursionDepth);
- schema.mergeFrom(msg, data, position, position + length, registers);
-+ registers.recursionDepth--;
- registers.object1 = msg;
- return position + length;
- }
-@@ -263,8 +271,11 @@ final class ArrayDecoders {
- // A group field must has a MessageSchema (the only other subclass of Schema is MessageSetSchema
- // and it can't be used in group fields).
- final MessageSchema messageSchema = (MessageSchema) schema;
-+ registers.recursionDepth++;
-+ checkRecursionLimit(registers.recursionDepth);
- final int endPosition =
- messageSchema.parseMessage(msg, data, position, limit, endGroup, registers);
-+ registers.recursionDepth--;
- registers.object1 = msg;
- return endPosition;
- }
-@@ -1025,6 +1036,8 @@ final class ArrayDecoders {
- final UnknownFieldSetLite child = UnknownFieldSetLite.newInstance();
- final int endGroup = (tag & ~0x7) | WireFormat.WIRETYPE_END_GROUP;
- int lastTag = 0;
-+ registers.recursionDepth++;
-+ checkRecursionLimit(registers.recursionDepth);
- while (position < limit) {
- position = decodeVarint32(data, position, registers);
- lastTag = registers.int1;
-@@ -1033,6 +1046,7 @@ final class ArrayDecoders {
- }
- position = decodeUnknownField(lastTag, data, position, limit, child, registers);
- }
-+ registers.recursionDepth--;
- if (position > limit || lastTag != endGroup) {
- throw InvalidProtocolBufferException.parseFailure();
- }
-@@ -1079,4 +1093,18 @@ final class ArrayDecoders {
- throw InvalidProtocolBufferException.invalidTag();
- }
- }
-+
-+ /**
-+ * Set the maximum recursion limit that ArrayDecoders will allow. An exception will be thrown if
-+ * the depth of the message exceeds this limit.
-+ */
-+ public static void setRecursionLimit(int limit) {
-+ recursionLimit = limit;
-+ }
-+
-+ private static void checkRecursionLimit(int depth) throws InvalidProtocolBufferException {
-+ if (depth >= recursionLimit) {
-+ throw InvalidProtocolBufferException.recursionLimitExceeded();
-+ }
-+ }
- }
-diff --git a/java/core/src/main/java/com/google/protobuf/CodedInputStream.java b/java/core/src/main/java/com/google/protobuf/CodedInputStream.java
-index 8f1ac736d..29256b4b3 100644
---- a/java/core/src/main/java/com/google/protobuf/CodedInputStream.java
-+++ b/java/core/src/main/java/com/google/protobuf/CodedInputStream.java
-@@ -703,7 +703,14 @@ public abstract class CodedInputStream {
- public void skipMessage() throws IOException {
- while (true) {
- final int tag = readTag();
-- if (tag == 0 || !skipField(tag)) {
-+ if (tag == 0) {
-+ return;
-+ }
-+ checkRecursionLimit();
-+ ++recursionDepth;
-+ boolean fieldSkipped = skipField(tag);
-+ --recursionDepth;
-+ if (!fieldSkipped) {
- return;
- }
- }
-@@ -713,7 +720,14 @@ public abstract class CodedInputStream {
- public void skipMessage(CodedOutputStream output) throws IOException {
- while (true) {
- final int tag = readTag();
-- if (tag == 0 || !skipField(tag, output)) {
-+ if (tag == 0) {
-+ return;
-+ }
-+ checkRecursionLimit();
-+ ++recursionDepth;
-+ boolean fieldSkipped = skipField(tag, output);
-+ --recursionDepth;
-+ if (!fieldSkipped) {
- return;
- }
- }
-@@ -1415,7 +1429,14 @@ public abstract class CodedInputStream {
- public void skipMessage() throws IOException {
- while (true) {
- final int tag = readTag();
-- if (tag == 0 || !skipField(tag)) {
-+ if (tag == 0) {
-+ return;
-+ }
-+ checkRecursionLimit();
-+ ++recursionDepth;
-+ boolean fieldSkipped = skipField(tag);
-+ --recursionDepth;
-+ if (!fieldSkipped) {
- return;
- }
- }
-@@ -1425,7 +1446,14 @@ public abstract class CodedInputStream {
- public void skipMessage(CodedOutputStream output) throws IOException {
- while (true) {
- final int tag = readTag();
-- if (tag == 0 || !skipField(tag, output)) {
-+ if (tag == 0) {
-+ return;
-+ }
-+ checkRecursionLimit();
-+ ++recursionDepth;
-+ boolean fieldSkipped = skipField(tag, output);
-+ --recursionDepth;
-+ if (!fieldSkipped) {
- return;
- }
- }
-@@ -2180,7 +2208,14 @@ public abstract class CodedInputStream {
- public void skipMessage() throws IOException {
- while (true) {
- final int tag = readTag();
-- if (tag == 0 || !skipField(tag)) {
-+ if (tag == 0) {
-+ return;
-+ }
-+ checkRecursionLimit();
-+ ++recursionDepth;
-+ boolean fieldSkipped = skipField(tag);
-+ --recursionDepth;
-+ if (!fieldSkipped) {
- return;
- }
- }
-@@ -2190,7 +2225,14 @@ public abstract class CodedInputStream {
- public void skipMessage(CodedOutputStream output) throws IOException {
- while (true) {
- final int tag = readTag();
-- if (tag == 0 || !skipField(tag, output)) {
-+ if (tag == 0) {
-+ return;
-+ }
-+ checkRecursionLimit();
-+ ++recursionDepth;
-+ boolean fieldSkipped = skipField(tag, output);
-+ --recursionDepth;
-+ if (!fieldSkipped) {
- return;
- }
- }
-@@ -3298,7 +3340,14 @@ public abstract class CodedInputStream {
- public void skipMessage() throws IOException {
- while (true) {
- final int tag = readTag();
-- if (tag == 0 || !skipField(tag)) {
-+ if (tag == 0) {
-+ return;
-+ }
-+ checkRecursionLimit();
-+ ++recursionDepth;
-+ boolean fieldSkipped = skipField(tag);
-+ --recursionDepth;
-+ if (!fieldSkipped) {
- return;
- }
- }
-@@ -3308,7 +3357,14 @@ public abstract class CodedInputStream {
- public void skipMessage(CodedOutputStream output) throws IOException {
- while (true) {
- final int tag = readTag();
-- if (tag == 0 || !skipField(tag, output)) {
-+ if (tag == 0) {
-+ return;
-+ }
-+ checkRecursionLimit();
-+ ++recursionDepth;
-+ boolean fieldSkipped = skipField(tag, output);
-+ --recursionDepth;
-+ if (!fieldSkipped) {
- return;
- }
- }
-diff --git a/java/core/src/main/java/com/google/protobuf/MessageSchema.java b/java/core/src/main/java/com/google/protobuf/MessageSchema.java
-index de3890f70..5ad6762b0 100644
---- a/java/core/src/main/java/com/google/protobuf/MessageSchema.java
-+++ b/java/core/src/main/java/com/google/protobuf/MessageSchema.java
-@@ -3006,7 +3006,8 @@ final class MessageSchema<T> implements Schema<T> {
- unknownFields = unknownFieldSchema.getBuilderFromMessage(message);
- }
- // Unknown field.
-- if (unknownFieldSchema.mergeOneFieldFrom(unknownFields, reader)) {
-+ if (unknownFieldSchema.mergeOneFieldFrom(
-+ unknownFields, reader, /* currentDepth= */ 0)) {
- continue;
- }
- }
-@@ -3381,7 +3382,8 @@ final class MessageSchema<T> implements Schema<T> {
- if (unknownFields == null) {
- unknownFields = unknownFieldSchema.getBuilderFromMessage(message);
- }
-- if (!unknownFieldSchema.mergeOneFieldFrom(unknownFields, reader)) {
-+ if (!unknownFieldSchema.mergeOneFieldFrom(
-+ unknownFields, reader, /* currentDepth= */ 0)) {
- return;
- }
- break;
-@@ -3397,7 +3399,8 @@ final class MessageSchema<T> implements Schema<T> {
- if (unknownFields == null) {
- unknownFields = unknownFieldSchema.getBuilderFromMessage(message);
- }
-- if (!unknownFieldSchema.mergeOneFieldFrom(unknownFields, reader)) {
-+ if (!unknownFieldSchema.mergeOneFieldFrom(
-+ unknownFields, reader, /* currentDepth= */ 0)) {
- return;
- }
- }
-diff --git a/java/core/src/main/java/com/google/protobuf/MessageSetSchema.java b/java/core/src/main/java/com/google/protobuf/MessageSetSchema.java
-index eec3acd35..ec37d41f9 100644
---- a/java/core/src/main/java/com/google/protobuf/MessageSetSchema.java
-+++ b/java/core/src/main/java/com/google/protobuf/MessageSetSchema.java
-@@ -278,7 +278,7 @@ final class MessageSetSchema<T> implements Schema<T> {
- reader, extension, extensionRegistry, extensions);
- return true;
- } else {
-- return unknownFieldSchema.mergeOneFieldFrom(unknownFields, reader);
-+ return unknownFieldSchema.mergeOneFieldFrom(unknownFields, reader, /* currentDepth= */ 0);
- }
- } else {
- return reader.skipField();
-diff --git a/java/core/src/main/java/com/google/protobuf/UnknownFieldSchema.java b/java/core/src/main/java/com/google/protobuf/UnknownFieldSchema.java
-index c4ec645bf..0cdecd30e 100644
---- a/java/core/src/main/java/com/google/protobuf/UnknownFieldSchema.java
-+++ b/java/core/src/main/java/com/google/protobuf/UnknownFieldSchema.java
-@@ -13,6 +13,11 @@ import java.io.IOException;
- @CheckReturnValue
- abstract class UnknownFieldSchema<T, B> {
-
-+ static final int DEFAULT_RECURSION_LIMIT = 100;
-+
-+ @SuppressWarnings("NonFinalStaticField")
-+ private static volatile int recursionLimit = DEFAULT_RECURSION_LIMIT;
-+
- /** Whether unknown fields should be dropped. */
- abstract boolean shouldDiscardUnknownFields(Reader reader);
-
-@@ -56,7 +61,8 @@ abstract class UnknownFieldSchema<T, B> {
- abstract void makeImmutable(Object message);
-
- /** Merges one field into the unknown fields. */
-- final boolean mergeOneFieldFrom(B unknownFields, Reader reader) throws IOException {
-+ final boolean mergeOneFieldFrom(B unknownFields, Reader reader, int currentDepth)
-+ throws IOException {
- int tag = reader.getTag();
- int fieldNumber = WireFormat.getTagFieldNumber(tag);
- switch (WireFormat.getTagWireType(tag)) {
-@@ -75,7 +81,12 @@ abstract class UnknownFieldSchema<T, B> {
- case WireFormat.WIRETYPE_START_GROUP:
- final B subFields = newBuilder();
- int endGroupTag = WireFormat.makeTag(fieldNumber, WireFormat.WIRETYPE_END_GROUP);
-- mergeFrom(subFields, reader);
-+ currentDepth++;
-+ if (currentDepth >= recursionLimit) {
-+ throw InvalidProtocolBufferException.recursionLimitExceeded();
-+ }
-+ mergeFrom(subFields, reader, currentDepth);
-+ currentDepth--;
- if (endGroupTag != reader.getTag()) {
- throw InvalidProtocolBufferException.invalidEndTag();
- }
-@@ -88,10 +99,11 @@ abstract class UnknownFieldSchema<T, B> {
- }
- }
-
-- final void mergeFrom(B unknownFields, Reader reader) throws IOException {
-+ final void mergeFrom(B unknownFields, Reader reader, int currentDepth)
-+ throws IOException {
- while (true) {
- if (reader.getFieldNumber() == Reader.READ_DONE
-- || !mergeOneFieldFrom(unknownFields, reader)) {
-+ || !mergeOneFieldFrom(unknownFields, reader, currentDepth)) {
- break;
- }
- }
-@@ -108,4 +120,12 @@ abstract class UnknownFieldSchema<T, B> {
- abstract int getSerializedSizeAsMessageSet(T message);
-
- abstract int getSerializedSize(T unknowns);
-+
-+ /**
-+ * Set the maximum recursion limit that ArrayDecoders will allow. An exception will be thrown if
-+ * the depth of the message exceeds this limit.
-+ */
-+ public void setRecursionLimit(int limit) {
-+ recursionLimit = limit;
-+ }
- }
-diff --git a/java/core/src/test/java/com/google/protobuf/CodedInputStreamTest.java b/java/core/src/test/java/com/google/protobuf/CodedInputStreamTest.java
-index 2de3273e3..19a6b669d 100644
---- a/java/core/src/test/java/com/google/protobuf/CodedInputStreamTest.java
-+++ b/java/core/src/test/java/com/google/protobuf/CodedInputStreamTest.java
-@@ -10,6 +10,10 @@ package com.google.protobuf;
- import static com.google.common.truth.Truth.assertThat;
- import static com.google.common.truth.Truth.assertWithMessage;
- import static org.junit.Assert.assertArrayEquals;
-+import static org.junit.Assert.assertThrows;
-+
-+import com.google.common.primitives.Bytes;
-+import map_test.MapTestProto.MapContainer;
- import protobuf_unittest.UnittestProto.BoolMessage;
- import protobuf_unittest.UnittestProto.Int32Message;
- import protobuf_unittest.UnittestProto.Int64Message;
-@@ -34,6 +38,13 @@ public class CodedInputStreamTest {
-
- private static final int DEFAULT_BLOCK_SIZE = 4096;
-
-+ private static final int GROUP_TAP = WireFormat.makeTag(3, WireFormat.WIRETYPE_START_GROUP);
-+
-+ private static final byte[] NESTING_SGROUP = generateSGroupTags();
-+
-+ private static final byte[] NESTING_SGROUP_WITH_INITIAL_BYTES = generateSGroupTagsForMapField();
-+
-+
- private enum InputType {
- ARRAY {
- @Override
-@@ -116,6 +127,17 @@ public class CodedInputStreamTest {
- return bytes;
- }
-
-+ private static byte[] generateSGroupTags() {
-+ byte[] bytes = new byte[100000];
-+ Arrays.fill(bytes, (byte) GROUP_TAP);
-+ return bytes;
-+ }
-+
-+ private static byte[] generateSGroupTagsForMapField() {
-+ byte[] initialBytes = {18, 1, 75, 26, (byte) 198, (byte) 154, 12};
-+ return Bytes.concat(initialBytes, NESTING_SGROUP);
-+ }
-+
- /**
- * An InputStream which limits the number of bytes it reads at a time. We use this to make sure
- * that CodedInputStream doesn't screw up when reading in small blocks.
-@@ -659,6 +681,143 @@ public class CodedInputStreamTest {
- }
- }
-
-+ @Test
-+ public void testMaliciousRecursion_unknownFields() throws Exception {
-+ Throwable thrown =
-+ assertThrows(
-+ InvalidProtocolBufferException.class,
-+ () -> TestRecursiveMessage.parseFrom(NESTING_SGROUP));
-+
-+ assertThat(thrown).hasMessageThat().contains("Protocol message had too many levels of nesting");
-+ }
-+
-+ @Test
-+ public void testMaliciousRecursion_skippingUnknownField() throws Exception {
-+ Throwable thrown =
-+ assertThrows(
-+ InvalidProtocolBufferException.class,
-+ () ->
-+ DiscardUnknownFieldsParser.wrap(TestRecursiveMessage.parser())
-+ .parseFrom(NESTING_SGROUP));
-+
-+ assertThat(thrown).hasMessageThat().contains("Protocol message had too many levels of nesting");
-+ }
-+
-+ @Test
-+ public void testMaliciousSGroupTagsWithMapField_fromInputStream() throws Exception {
-+ Throwable parseFromThrown =
-+ assertThrows(
-+ InvalidProtocolBufferException.class,
-+ () ->
-+ MapContainer.parseFrom(
-+ new ByteArrayInputStream(NESTING_SGROUP_WITH_INITIAL_BYTES)));
-+ Throwable mergeFromThrown =
-+ assertThrows(
-+ InvalidProtocolBufferException.class,
-+ () ->
-+ MapContainer.newBuilder()
-+ .mergeFrom(new ByteArrayInputStream(NESTING_SGROUP_WITH_INITIAL_BYTES)));
-+
-+ assertThat(parseFromThrown)
-+ .hasMessageThat()
-+ .contains("Protocol message had too many levels of nesting");
-+ assertThat(mergeFromThrown)
-+ .hasMessageThat()
-+ .contains("Protocol message had too many levels of nesting");
-+ }
-+
-+ @Test
-+ public void testMaliciousSGroupTags_inputStream_skipMessage() throws Exception {
-+ ByteArrayInputStream inputSteam = new ByteArrayInputStream(NESTING_SGROUP);
-+ CodedInputStream input = CodedInputStream.newInstance(inputSteam);
-+ CodedOutputStream output = CodedOutputStream.newInstance(new byte[NESTING_SGROUP.length]);
-+
-+ Throwable thrown = assertThrows(InvalidProtocolBufferException.class, input::skipMessage);
-+ Throwable thrown2 =
-+ assertThrows(InvalidProtocolBufferException.class, () -> input.skipMessage(output));
-+
-+ assertThat(thrown).hasMessageThat().contains("Protocol message had too many levels of nesting");
-+ assertThat(thrown2)
-+ .hasMessageThat()
-+ .contains("Protocol message had too many levels of nesting");
-+ }
-+
-+ @Test
-+ public void testMaliciousSGroupTagsWithMapField_fromByteArray() throws Exception {
-+ Throwable parseFromThrown =
-+ assertThrows(
-+ InvalidProtocolBufferException.class,
-+ () -> MapContainer.parseFrom(NESTING_SGROUP_WITH_INITIAL_BYTES));
-+ Throwable mergeFromThrown =
-+ assertThrows(
-+ InvalidProtocolBufferException.class,
-+ () -> MapContainer.newBuilder().mergeFrom(NESTING_SGROUP_WITH_INITIAL_BYTES));
-+
-+ assertThat(parseFromThrown)
-+ .hasMessageThat()
-+ .contains("the input ended unexpectedly in the middle of a field");
-+ assertThat(mergeFromThrown)
-+ .hasMessageThat()
-+ .contains("the input ended unexpectedly in the middle of a field");
-+ }
-+
-+ @Test
-+ public void testMaliciousSGroupTags_arrayDecoder_skipMessage() throws Exception {
-+ CodedInputStream input = CodedInputStream.newInstance(NESTING_SGROUP);
-+ CodedOutputStream output = CodedOutputStream.newInstance(new byte[NESTING_SGROUP.length]);
-+
-+ Throwable thrown = assertThrows(InvalidProtocolBufferException.class, input::skipMessage);
-+ Throwable thrown2 =
-+ assertThrows(InvalidProtocolBufferException.class, () -> input.skipMessage(output));
-+
-+ assertThat(thrown).hasMessageThat().contains("Protocol message had too many levels of nesting");
-+ assertThat(thrown2)
-+ .hasMessageThat()
-+ .contains("Protocol message had too many levels of nesting");
-+ }
-+
-+ @Test
-+ public void testMaliciousSGroupTagsWithMapField_fromByteBuffer() throws Exception {
-+ Throwable thrown =
-+ assertThrows(
-+ InvalidProtocolBufferException.class,
-+ () -> MapContainer.parseFrom(ByteBuffer.wrap(NESTING_SGROUP_WITH_INITIAL_BYTES)));
-+
-+ assertThat(thrown)
-+ .hasMessageThat()
-+ .contains("the input ended unexpectedly in the middle of a field");
-+ }
-+
-+ @Test
-+ public void testMaliciousSGroupTags_byteBuffer_skipMessage() throws Exception {
-+ CodedInputStream input = InputType.NIO_DIRECT.newDecoder(NESTING_SGROUP);
-+ CodedOutputStream output = CodedOutputStream.newInstance(new byte[NESTING_SGROUP.length]);
-+
-+ Throwable thrown = assertThrows(InvalidProtocolBufferException.class, input::skipMessage);
-+ Throwable thrown2 =
-+ assertThrows(InvalidProtocolBufferException.class, () -> input.skipMessage(output));
-+
-+ assertThat(thrown).hasMessageThat().contains("Protocol message had too many levels of nesting");
-+ assertThat(thrown2)
-+ .hasMessageThat()
-+ .contains("Protocol message had too many levels of nesting");
-+ }
-+
-+ @Test
-+ public void testMaliciousSGroupTags_iterableByteBuffer() throws Exception {
-+ CodedInputStream input = InputType.ITER_DIRECT.newDecoder(NESTING_SGROUP);
-+ CodedOutputStream output = CodedOutputStream.newInstance(new byte[NESTING_SGROUP.length]);
-+
-+ Throwable thrown = assertThrows(InvalidProtocolBufferException.class, input::skipMessage);
-+ Throwable thrown2 =
-+ assertThrows(InvalidProtocolBufferException.class, () -> input.skipMessage(output));
-+
-+ assertThat(thrown).hasMessageThat().contains("Protocol message had too many levels of nesting");
-+ assertThat(thrown2)
-+ .hasMessageThat()
-+ .contains("Protocol message had too many levels of nesting");
-+ }
-+
- private void checkSizeLimitExceeded(InvalidProtocolBufferException e) {
- assertThat(e)
- .hasMessageThat()
-diff --git a/java/lite/src/test/java/com/google/protobuf/LiteTest.java b/java/lite/src/test/java/com/google/protobuf/LiteTest.java
-index 754ed7d5f..81be90bfd 100644
---- a/java/lite/src/test/java/com/google/protobuf/LiteTest.java
-+++ b/java/lite/src/test/java/com/google/protobuf/LiteTest.java
-@@ -2459,6 +2459,211 @@ public class LiteTest {
- }
- }
-
-+ @Test
-+ public void testParseFromInputStream_concurrent_nestingUnknownGroups() throws Exception {
-+ int numThreads = 200;
-+ ArrayList<Thread> threads = new ArrayList<>();
-+
-+ ByteString byteString = generateNestingGroups(99);
-+ AtomicBoolean thrown = new AtomicBoolean(false);
-+
-+ for (int i = 0; i < numThreads; i++) {
-+ Thread thread =
-+ new Thread(
-+ () -> {
-+ try {
-+ TestAllTypesLite unused = TestAllTypesLite.parseFrom(byteString);
-+ } catch (IOException e) {
-+ if (e.getMessage().contains("Protocol message had too many levels of nesting")) {
-+ thrown.set(true);
-+ }
-+ }
-+ });
-+ thread.start();
-+ threads.add(thread);
-+ }
-+
-+ for (Thread thread : threads) {
-+ thread.join();
-+ }
-+
-+ assertThat(thrown.get()).isFalse();
-+ }
-+
-+ @Test
-+ public void testParseFromInputStream_nestingUnknownGroups() throws IOException {
-+ ByteString byteString = generateNestingGroups(99);
-+
-+ Throwable thrown =
-+ assertThrows(
-+ InvalidProtocolBufferException.class, () -> TestAllTypesLite.parseFrom(byteString));
-+ assertThat(thrown)
-+ .hasMessageThat()
-+ .doesNotContain("Protocol message had too many levels of nesting");
-+ }
-+
-+ @Test
-+ public void testParseFromInputStream_nestingUnknownGroups_exception() throws IOException {
-+ ByteString byteString = generateNestingGroups(100);
-+
-+ Throwable thrown =
-+ assertThrows(
-+ InvalidProtocolBufferException.class, () -> TestAllTypesLite.parseFrom(byteString));
-+ assertThat(thrown).hasMessageThat().contains("Protocol message had too many levels of nesting");
-+ }
-+
-+ @Test
-+ public void testParseFromInputStream_setRecursionLimit_exception() throws IOException {
-+ ByteString byteString = generateNestingGroups(199);
-+ UnknownFieldSchema<?, ?> schema = SchemaUtil.unknownFieldSetLiteSchema();
-+ schema.setRecursionLimit(200);
-+
-+ Throwable thrown =
-+ assertThrows(
-+ InvalidProtocolBufferException.class, () -> TestAllTypesLite.parseFrom(byteString));
-+ assertThat(thrown)
-+ .hasMessageThat()
-+ .doesNotContain("Protocol message had too many levels of nesting");
-+ schema.setRecursionLimit(UnknownFieldSchema.DEFAULT_RECURSION_LIMIT);
-+ }
-+
-+ @Test
-+ public void testParseFromBytes_concurrent_nestingUnknownGroups() throws Exception {
-+ int numThreads = 200;
-+ ArrayList<Thread> threads = new ArrayList<>();
-+
-+ ByteString byteString = generateNestingGroups(99);
-+ AtomicBoolean thrown = new AtomicBoolean(false);
-+
-+ for (int i = 0; i < numThreads; i++) {
-+ Thread thread =
-+ new Thread(
-+ () -> {
-+ try {
-+ // Should pass in byte[] instead of ByteString to go into ArrayDecoders.
-+ TestAllTypesLite unused = TestAllTypesLite.parseFrom(byteString.toByteArray());
-+ } catch (InvalidProtocolBufferException e) {
-+ if (e.getMessage().contains("Protocol message had too many levels of nesting")) {
-+ thrown.set(true);
-+ }
-+ }
-+ });
-+ thread.start();
-+ threads.add(thread);
-+ }
-+
-+ for (Thread thread : threads) {
-+ thread.join();
-+ }
-+
-+ assertThat(thrown.get()).isFalse();
-+ }
-+
-+ @Test
-+ public void testParseFromBytes_nestingUnknownGroups() throws IOException {
-+ ByteString byteString = generateNestingGroups(99);
-+
-+ Throwable thrown =
-+ assertThrows(
-+ InvalidProtocolBufferException.class,
-+ () -> TestAllTypesLite.parseFrom(byteString.toByteArray()));
-+ assertThat(thrown)
-+ .hasMessageThat()
-+ .doesNotContain("Protocol message had too many levels of nesting");
-+ }
-+
-+ @Test
-+ public void testParseFromBytes_nestingUnknownGroups_exception() throws IOException {
-+ ByteString byteString = generateNestingGroups(100);
-+
-+ Throwable thrown =
-+ assertThrows(
-+ InvalidProtocolBufferException.class,
-+ () -> TestAllTypesLite.parseFrom(byteString.toByteArray()));
-+ assertThat(thrown).hasMessageThat().contains("Protocol message had too many levels of nesting");
-+ }
-+
-+ @Test
-+ public void testParseFromBytes_setRecursionLimit_exception() throws IOException {
-+ ByteString byteString = generateNestingGroups(199);
-+ ArrayDecoders.setRecursionLimit(200);
-+
-+ Throwable thrown =
-+ assertThrows(
-+ InvalidProtocolBufferException.class,
-+ () -> TestAllTypesLite.parseFrom(byteString.toByteArray()));
-+ assertThat(thrown)
-+ .hasMessageThat()
-+ .doesNotContain("Protocol message had too many levels of nesting");
-+ ArrayDecoders.setRecursionLimit(ArrayDecoders.DEFAULT_RECURSION_LIMIT);
-+ }
-+
-+ @Test
-+ public void testParseFromBytes_recursiveMessages() throws Exception {
-+ byte[] data99 = makeRecursiveMessage(99).toByteArray();
-+ byte[] data100 = makeRecursiveMessage(100).toByteArray();
-+
-+ RecursiveMessage unused = RecursiveMessage.parseFrom(data99);
-+ Throwable thrown =
-+ assertThrows(
-+ InvalidProtocolBufferException.class, () -> RecursiveMessage.parseFrom(data100));
-+ assertThat(thrown).hasMessageThat().contains("Protocol message had too many levels of nesting");
-+ }
-+
-+ @Test
-+ public void testParseFromBytes_recursiveKnownGroups() throws Exception {
-+ byte[] data99 = makeRecursiveGroup(99).toByteArray();
-+ byte[] data100 = makeRecursiveGroup(100).toByteArray();
-+
-+ RecursiveGroup unused = RecursiveGroup.parseFrom(data99);
-+ Throwable thrown =
-+ assertThrows(InvalidProtocolBufferException.class, () -> RecursiveGroup.parseFrom(data100));
-+ assertThat(thrown).hasMessageThat().contains("Protocol message had too many levels of nesting");
-+ }
-+
-+ @Test
-+ @SuppressWarnings("ProtoParseFromByteString")
-+ public void testMaliciousSGroupTagsWithMapField_fromByteArray() throws Exception {
-+ ByteString byteString = generateNestingGroups(102);
-+
-+ Throwable parseFromThrown =
-+ assertThrows(
-+ InvalidProtocolBufferException.class,
-+ () -> MapContainer.parseFrom(byteString.toByteArray()));
-+ Throwable mergeFromThrown =
-+ assertThrows(
-+ InvalidProtocolBufferException.class,
-+ () -> MapContainer.newBuilder().mergeFrom(byteString.toByteArray()));
-+
-+ assertThat(parseFromThrown)
-+ .hasMessageThat()
-+ .contains("Protocol message had too many levels of nesting");
-+ assertThat(mergeFromThrown)
-+ .hasMessageThat()
-+ .contains("Protocol message had too many levels of nesting");
-+ }
-+
-+ @Test
-+ public void testMaliciousSGroupTagsWithMapField_fromInputStream() throws Exception {
-+ byte[] bytes = generateNestingGroups(101).toByteArray();
-+
-+ Throwable parseFromThrown =
-+ assertThrows(
-+ InvalidProtocolBufferException.class,
-+ () -> MapContainer.parseFrom(new ByteArrayInputStream(bytes)));
-+ Throwable mergeFromThrown =
-+ assertThrows(
-+ InvalidProtocolBufferException.class,
-+ () -> MapContainer.newBuilder().mergeFrom(new ByteArrayInputStream(bytes)));
-+
-+ assertThat(parseFromThrown)
-+ .hasMessageThat()
-+ .contains("Protocol message had too many levels of nesting");
-+ assertThat(mergeFromThrown)
-+ .hasMessageThat()
-+ .contains("Protocol message had too many levels of nesting");
-+ }
-+
- @Test
- public void testParseFromByteBuffer_extensions() throws Exception {
- TestAllExtensionsLite message =
-@@ -2815,4 +3020,31 @@ public class LiteTest {
- }
- return false;
- }
-+
-+ private static ByteString generateNestingGroups(int num) throws IOException {
-+ int groupTap = WireFormat.makeTag(3, WireFormat.WIRETYPE_START_GROUP);
-+ ByteString.Output byteStringOutput = ByteString.newOutput();
-+ CodedOutputStream codedOutput = CodedOutputStream.newInstance(byteStringOutput);
-+ for (int i = 0; i < num; i++) {
-+ codedOutput.writeInt32NoTag(groupTap);
-+ }
-+ codedOutput.flush();
-+ return byteStringOutput.toByteString();
-+ }
-+
-+ private static RecursiveMessage makeRecursiveMessage(int num) {
-+ if (num == 0) {
-+ return RecursiveMessage.getDefaultInstance();
-+ } else {
-+ return RecursiveMessage.newBuilder().setRecurse(makeRecursiveMessage(num - 1)).build();
-+ }
-+ }
-+
-+ private static RecursiveGroup makeRecursiveGroup(int num) {
-+ if (num == 0) {
-+ return RecursiveGroup.getDefaultInstance();
-+ } else {
-+ return RecursiveGroup.newBuilder().setRecurse(makeRecursiveGroup(num - 1)).build();
-+ }
-+ }
- }
-2.25.1
-
similarity index 97%
rename from meta-oe/recipes-devtools/protobuf/protobuf_4.25.3.bb
rename to meta-oe/recipes-devtools/protobuf/protobuf_4.25.8.bb
@@ -10,12 +10,11 @@ LIC_FILES_CHKSUM = "file://LICENSE;md5=37b5762e07f0af8c74ce80a8bda4266b"
DEPENDS = "zlib abseil-cpp"
DEPENDS:append:class-target = " protobuf-native"
-SRCREV = "4a2aef570deb2bfb8927426558701e8bfc26f2a4"
+SRCREV = "a4cbdd3ed0042e8f9b9c30e8b0634096d9532809"
SRC_URI = "gitsm://github.com/protocolbuffers/protobuf.git;branch=25.x;protocol=https \
file://run-ptest \
file://0001-examples-Makefile-respect-CXX-LDFLAGS-variables-fix-.patch \
- file://0001-Add-recursion-check-when-parsing-unknown-fields-in-J.patch \
"
SRC_URI:append:mips:toolchain-clang = " file://0001-Fix-build-on-mips-clang.patch "
SRC_URI:append:mipsel:toolchain-clang = " file://0001-Fix-build-on-mips-clang.patch "