From 5f96f8bcf5331d69221a3a87f26cd9cd3d8fa864 Mon Sep 17 00:00:00 2001
From: asraa <asraa@google.com>
Date: Fri, 27 Sep 2019 14:40:33 -0400
Subject: [PATCH] protobuf: add back ubsan patch (#8417)

Adds back protobuf patch fixing UBSAN error (protocolbuffers/protobuf#6333).
This was removed on updating protobuf to 3.9.1, but will be included in the protobuf 3.10 release.

Fixes OSS-Fuzz issue:
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=17759
Testing: Added corpus

Signed-off-by: Asra Ali <asraa@google.com>
---
 bazel/protobuf.patch                          | 20 +++++++++++++++++++
 bazel/repositories.bzl                        |  4 ++--
 ...minimized-route_fuzz_test-5650952886943744 | 11 ++++++++++
 3 files changed, 33 insertions(+), 2 deletions(-)
 create mode 100644 test/common/router/route_corpus/clusterfuzz-testcase-minimized-route_fuzz_test-5650952886943744

diff --git a/bazel/protobuf.patch b/bazel/protobuf.patch
index 3a26bb356f97..d00e39ef9412 100644
--- a/bazel/protobuf.patch
+++ b/bazel/protobuf.patch
@@ -1,3 +1,23 @@
+diff --git a/src/google/protobuf/stubs/strutil.cc b/src/google/protobuf/stubs/strutil.cc
+index 3844fa6b8b..5486887295 100644
+--- a/src/google/protobuf/stubs/strutil.cc
++++ b/src/google/protobuf/stubs/strutil.cc
+@@ -1065,10 +1065,12 @@ char* FastUInt32ToBufferLeft(uint32 u, char* buffer) {
+ }
+ 
+ char* FastInt32ToBufferLeft(int32 i, char* buffer) {
+-  uint32 u = i;
++  uint32 u = 0;
+   if (i < 0) {
+     *buffer++ = '-';
+-    u = -i;
++    u -= i;
++  } else {
++    u = i;
+   }
+   return FastUInt32ToBufferLeft(u, buffer);
+ }
+
 diff --git a/BUILD b/BUILD
 index 6665de94..55f28582 100644
 --- a/BUILD
diff --git a/bazel/repositories.bzl b/bazel/repositories.bzl
index 311048a98f90..26690aa2a57b 100644
--- a/bazel/repositories.bzl
+++ b/bazel/repositories.bzl
@@ -507,7 +507,7 @@ def _com_google_protobuf():
         # The patch includes
         # https://github.com/protocolbuffers/protobuf/pull/6333 and also uses
         # foreign_cc build for zlib as its dependency.
-        # TODO(asraa): remove this when > protobuf 3.8.0 is released.
+        # TODO(asraa): remove this when protobuf 3.10 is released.
         patch_args = ["-p1"],
         patches = ["@envoy//bazel:protobuf.patch"],
     )
@@ -521,7 +521,7 @@ def _com_google_protobuf():
         # The patch includes
         # https://github.com/protocolbuffers/protobuf/pull/6333 and also uses
         # foreign_cc build for zlib as its dependency.
-        # TODO(asraa): remove this when > protobuf 3.8.0 is released.
+        # TODO(asraa): remove this when protobuf 3.10 is released.
         patch_args = ["-p1"],
         patches = ["@envoy//bazel:protobuf.patch"],
     )
diff --git a/test/common/router/route_corpus/clusterfuzz-testcase-minimized-route_fuzz_test-5650952886943744 b/test/common/router/route_corpus/clusterfuzz-testcase-minimized-route_fuzz_test-5650952886943744
new file mode 100644
index 000000000000..dbae8654ccbe
--- /dev/null
+++ b/test/common/router/route_corpus/clusterfuzz-testcase-minimized-route_fuzz_test-5650952886943744
@@ -0,0 +1,11 @@
+config {
+  vhds {
+    config_source {
+      api_config_source {
+        request_timeout {
+          nanos: -2147483648
+        }
+      }
+    }
+  }
+}