From: Katie Hockman <katie@golang.org>
Date: Wed, 19 Jan 2022 21:54:41 +0000 (-0500)
Subject: CVE-2022-23772
X-Git-Tag: archive/raspbian/1.15.15-1_deb11u4+rpi1^2~3
X-Git-Url: https://dgit.raspbian.org/?a=commitdiff_plain;h=3c08c798a891a4963d8dd6ab165126901e916ac2;p=golang-1.15.git

CVE-2022-23772

Origin: backport, https://github.com/golang/go/commit/07ee9e64

Gbp-Pq: Name 0013-CVE-2022-23772.patch
---

diff --git a/src/math/big/ratconv.go b/src/math/big/ratconv.go
index ac3c8bd1..90053a9c 100644
--- a/src/math/big/ratconv.go
+++ b/src/math/big/ratconv.go
@@ -169,6 +169,11 @@ func (z *Rat) SetString(s string) (*Rat, bool) {
 		n := exp5
 		if n < 0 {
 			n = -n
+			if n < 0 {
+				// This can occur if -n overflows. -(-1 << 63) would become
+				// -1 << 63, which is still negative.
+				return nil, false
+			}
 		}
 		if n > 1e6 {
 			return nil, false // avoid excessively large exponents
diff --git a/src/math/big/ratconv_test.go b/src/math/big/ratconv_test.go
index 15d206cb..e55e6557 100644
--- a/src/math/big/ratconv_test.go
+++ b/src/math/big/ratconv_test.go
@@ -104,6 +104,7 @@ var setStringTests = []StringTest{
 	{in: "4/3/"},
 	{in: "4/3."},
 	{in: "4/"},
+	{in: "13e-9223372036854775808"}, // CVE-2022-23772
 
 	// valid
 	{"0", "0", true},