[AUTO-CHERRYPICK] fluent-bit: Address CVE-2024-25431 - branch 3.0-dev (…

…#11194)

Co-authored-by: Ankita Pareek <[email protected]>
Co-authored-by: jslobodzian <[email protected]>

SPECS/fluent-bit/CVE-2024-25431.patch

@@ -0,0 +1,48 @@
+diff --git a/lib/wasm-micro-runtime-WAMR-1.3.0/core/iwasm/interpreter/wasm_loader.c b/lib/wasm-micro-runtime-WAMR-1.3.0/core/iwasm/interpreter/wasm_loader.c
+index 2a06f42..506ee29 100644
+--- a/lib/wasm-micro-runtime-WAMR-1.3.0/core/iwasm/interpreter/wasm_loader.c
++++ b/lib/wasm-micro-runtime-WAMR-1.3.0/core/iwasm/interpreter/wasm_loader.c
+@@ -3980,14 +3980,22 @@ check_wasi_abi_compatibility(const WASMModule *module,
+     /* clang-format on */
+
+     WASMExport *initialize = NULL, *memory = NULL, *start = NULL;
++    uint32 import_function_count = module->import_function_count;
++    WASMType *func_type;
+
+     /* (func (export "_start") (...) */
+     start = wasm_loader_find_export(module, "", "_start", EXPORT_KIND_FUNC,
+                                     error_buf, error_buf_size);
+     if (start) {
+-        WASMType *func_type =
+-            module->functions[start->index - module->import_function_count]
+-                ->func_type;
++        if (start->index < import_function_count) {
++            set_error_buf(
++                error_buf, error_buf_size,
++                "the builtin _start function can not be an import function");
++            return false;
++        }
++
++        func_type =
++            module->functions[start->index - import_function_count]->func_type;
+         if (func_type->param_count || func_type->result_count) {
+             set_error_buf(error_buf, error_buf_size,
+                           "the signature of builtin _start function is wrong");
+@@ -3999,8 +4007,15 @@ check_wasi_abi_compatibility(const WASMModule *module,
+     initialize = wasm_loader_find_export(
+         module, "", "_initialize", EXPORT_KIND_FUNC, error_buf, error_buf_size);
+     if (initialize) {
+-        WASMType *func_type =
+-            module->functions[initialize->index - module->import_function_count]
++        if (initialize->index < import_function_count) {
++            set_error_buf(error_buf, error_buf_size,
++                          "the builtin _initialize function can not be an "
++                          "import function");
++            return false;
++        }
++
++        func_type =
++            module->functions[initialize->index - import_function_count]
+                 ->func_type;
+         if (func_type->param_count || func_type->result_count) {
+             set_error_buf(

SPECS/fluent-bit/fluent-bit.spec

@@ -8,6 +8,7 @@ Distribution:   Azure Linux
 URL:            https://fluentbit.io
 Source0:        https://github.com/fluent/%{name}/archive/refs/tags/v%{version}.tar.gz#/%{name}-%{version}.tar.gz
 Patch0:         CVE-2024-34250.patch
+Patch1:         CVE-2024-25431.patch
 BuildRequires:  bison
 BuildRequires:  cmake
 BuildRequires:  cyrus-sasl-devel
@@ -82,9 +83,13 @@ Development files for %{name}
 %{_libdir}/fluent-bit/*.so
 
 %changelog
-* Tue Nov 05 2024 Paul Meyer <[email protected]> - 3.1.9-1
+* Tue Nov 23 2024 Paul Meyer <[email protected]> - 3.1.9-1
 - Update to 3.1.9 to enable Lua filter plugin using system luajit library.
 - Remove patches for CVE-2024-25629 and CVE-2024-28182 as they are fixed in 3.1.9.
+- [Jon Slobodzian] Reconciled with Fasttrack/3.0 on 11/23, updated Changelog date from 11/5.
+
+* Fri Nov 15 2024 Ankita Pareek <[email protected]> - 3.0.6-3
+- Address CVE-2024-25431
 
 * Tue Oct 15 2024 Chris Gunn <[email protected]> - 3.0.6-2
 - CVE-2024-34250