diff options
author | John Paul Adrian Glaubitz <glaubitz@physik.fu-berlin.de> | 2015-11-02 17:51:13 +0000 |
---|---|---|
committer | John Paul Adrian Glaubitz <glaubitz@physik.fu-berlin.de> | 2015-11-02 17:51:13 +0000 |
commit | 98c3e224a46705936ea39a3830e50299f2ce3c73 (patch) | |
tree | e1245867d3733b5deaf4e41a88a080c3a0b4f59e /debian/patches/Fix-compiler-crash-misbehaviour-for-zero-repeated-gr.patch |
pcre3 (2:8.35-7.4) unstable; urgency=medium
* Non-maintainer upload.
* Fix copy-and-paste error in Disable_JIT_on_sparc64.patch.
# imported from the archive
Diffstat (limited to 'debian/patches/Fix-compiler-crash-misbehaviour-for-zero-repeated-gr.patch')
-rw-r--r-- | debian/patches/Fix-compiler-crash-misbehaviour-for-zero-repeated-gr.patch | 175 |
1 files changed, 175 insertions, 0 deletions
diff --git a/debian/patches/Fix-compiler-crash-misbehaviour-for-zero-repeated-gr.patch b/debian/patches/Fix-compiler-crash-misbehaviour-for-zero-repeated-gr.patch new file mode 100644 index 0000000..a8c15f3 --- /dev/null +++ b/debian/patches/Fix-compiler-crash-misbehaviour-for-zero-repeated-gr.patch @@ -0,0 +1,175 @@ +Description: PCRE Library Stack Overflow Vulnerability + Fix compiler crash/misbehaviour for zero-repeated groups that + include a recursive back reference. +Origin: backport, http://vcs.pcre.org/pcre?view=revision&revision=1495 +Bug: https://bugs.exim.org/show_bug.cgi?id=1503 +Forwarded: not-needed +Last-Update: 2015-09-10 +Applied-Upstream: 8.36 +--- +--- a/pcre_compile.c ++++ b/pcre_compile.c +@@ -8241,12 +8241,16 @@ for (;;) + + /* If it was a capturing subpattern, check to see if it contained any + recursive back references. If so, we must wrap it in atomic brackets. +- In any event, remove the block from the chain. */ ++ Because we are moving code along, we must ensure that any pending recursive ++ references are updated. In any event, remove the block from the chain. */ + + if (capnumber > 0) + { + if (cd->open_caps->flag) + { ++ *code = OP_END; ++ adjust_recurse(start_bracket, 1 + LINK_SIZE, ++ (options & PCRE_UTF8) != 0, cd, cd->hwm); + memmove(start_bracket + 1 + LINK_SIZE, start_bracket, + IN_UCHARS(code - start_bracket)); + *start_bracket = OP_ONCE; +--- a/testdata/testinput11 ++++ b/testdata/testinput11 +@@ -132,4 +132,6 @@ is required for these tests. --/ + + /abc(d|e)(*THEN)x(123(*THEN)4|567(b|q)(*THEN)xx)/B + ++/(((a\2)|(a*)\g<-1>))*a?/B ++ + /-- End of testinput11 --/ +--- a/testdata/testinput2 ++++ b/testdata/testinput2 +@@ -4035,6 +4035,8 @@ backtracking verbs. --/ + + /(?(R&6yh)abc)/ + ++/(((a\2)|(a*)\g<-1>))*a?/BZ ++ + /-- Test the ugly "start or end of word" compatibility syntax --/ + + /[[:<:]]red[[:>:]]/BZ +--- a/testdata/testoutput11-16 ++++ b/testdata/testoutput11-16 +@@ -709,4 +709,28 @@ Memory allocation (code space): 14 + 62 End + ------------------------------------------------------------------ + ++/(((a\2)|(a*)\g<-1>))*a?/B ++------------------------------------------------------------------ ++ 0 39 Bra ++ 2 Brazero ++ 3 32 SCBra 1 ++ 6 27 Once ++ 8 12 CBra 2 ++ 11 7 CBra 3 ++ 14 a ++ 16 \2 ++ 18 7 Ket ++ 20 11 Alt ++ 22 5 CBra 4 ++ 25 a* ++ 27 5 Ket ++ 29 22 Recurse ++ 31 23 Ket ++ 33 27 Ket ++ 35 32 KetRmax ++ 37 a?+ ++ 39 39 Ket ++ 41 End ++------------------------------------------------------------------ ++ + /-- End of testinput11 --/ +--- a/testdata/testoutput11-32 ++++ b/testdata/testoutput11-32 +@@ -709,4 +709,28 @@ Memory allocation (code space): 28 + 62 End + ------------------------------------------------------------------ + ++/(((a\2)|(a*)\g<-1>))*a?/B ++------------------------------------------------------------------ ++ 0 39 Bra ++ 2 Brazero ++ 3 32 SCBra 1 ++ 6 27 Once ++ 8 12 CBra 2 ++ 11 7 CBra 3 ++ 14 a ++ 16 \2 ++ 18 7 Ket ++ 20 11 Alt ++ 22 5 CBra 4 ++ 25 a* ++ 27 5 Ket ++ 29 22 Recurse ++ 31 23 Ket ++ 33 27 Ket ++ 35 32 KetRmax ++ 37 a?+ ++ 39 39 Ket ++ 41 End ++------------------------------------------------------------------ ++ + /-- End of testinput11 --/ +--- a/testdata/testoutput11-8 ++++ b/testdata/testoutput11-8 +@@ -709,4 +709,28 @@ Memory allocation (code space): 10 + 76 End + ------------------------------------------------------------------ + ++/(((a\2)|(a*)\g<-1>))*a?/B ++------------------------------------------------------------------ ++ 0 57 Bra ++ 3 Brazero ++ 4 48 SCBra 1 ++ 9 40 Once ++ 12 18 CBra 2 ++ 17 10 CBra 3 ++ 22 a ++ 24 \2 ++ 27 10 Ket ++ 30 16 Alt ++ 33 7 CBra 4 ++ 38 a* ++ 40 7 Ket ++ 43 33 Recurse ++ 46 34 Ket ++ 49 40 Ket ++ 52 48 KetRmax ++ 55 a?+ ++ 57 57 Ket ++ 60 End ++------------------------------------------------------------------ ++ + /-- End of testinput11 --/ +--- a/testdata/testoutput2 ++++ b/testdata/testoutput2 +@@ -14093,6 +14093,30 @@ Failed: malformed number or name after ( + /(?(R&6yh)abc)/ + Failed: group name must start with a non-digit at offset 5 + ++/(((a\2)|(a*)\g<-1>))*a?/BZ ++------------------------------------------------------------------ ++ Bra ++ Brazero ++ SCBra 1 ++ Once ++ CBra 2 ++ CBra 3 ++ a ++ \2 ++ Ket ++ Alt ++ CBra 4 ++ a* ++ Ket ++ Recurse ++ Ket ++ Ket ++ KetRmax ++ a?+ ++ Ket ++ End ++------------------------------------------------------------------ ++ + /-- Test the ugly "start or end of word" compatibility syntax --/ + + /[[:<:]]red[[:>:]]/BZ |