From 3c08c798a891a4963d8dd6ab165126901e916ac2 Mon Sep 17 00:00:00 2001
From: Katie Hockman <katie@golang.org>
Date: Wed, 19 Jan 2022 16:54:41 -0500
Subject: [PATCH] CVE-2022-23772

Origin: backport, https://github.com/golang/go/commit/07ee9e64

Gbp-Pq: Name 0013-CVE-2022-23772.patch
---
 src/math/big/ratconv.go      | 5 +++++
 src/math/big/ratconv_test.go | 1 +
 2 files changed, 6 insertions(+)

diff --git a/src/math/big/ratconv.go b/src/math/big/ratconv.go
index ac3c8bd1..90053a9c 100644
--- a/src/math/big/ratconv.go
+++ b/src/math/big/ratconv.go
@@ -169,6 +169,11 @@ func (z *Rat) SetString(s string) (*Rat, bool) {
 		n := exp5
 		if n < 0 {
 			n = -n
+			if n < 0 {
+				// This can occur if -n overflows. -(-1 << 63) would become
+				// -1 << 63, which is still negative.
+				return nil, false
+			}
 		}
 		if n > 1e6 {
 			return nil, false // avoid excessively large exponents
diff --git a/src/math/big/ratconv_test.go b/src/math/big/ratconv_test.go
index 15d206cb..e55e6557 100644
--- a/src/math/big/ratconv_test.go
+++ b/src/math/big/ratconv_test.go
@@ -104,6 +104,7 @@ var setStringTests = []StringTest{
 	{in: "4/3/"},
 	{in: "4/3."},
 	{in: "4/"},
+	{in: "13e-9223372036854775808"}, // CVE-2022-23772
 
 	// valid
 	{"0", "0", true},
-- 
2.30.2