pcre3 (2:8.35-7.4) unstable; urgency=medium

* Non-maintainer upload. * Fix copy-and-paste error in Disable_JIT_on_sparc64.patch. # imported from the archive
author: John Paul Adrian Glaubitz <glaubitz@physik.fu-berlin.de> 2015-11-02 17:51:13 +0000
committer: John Paul Adrian Glaubitz <glaubitz@physik.fu-berlin.de> 2015-11-02 17:51:13 +0000
commit: 98c3e224a46705936ea39a3830e50299f2ce3c73 (patch)
tree: e1245867d3733b5deaf4e41a88a080c3a0b4f59e /debian/patches/Fix-compiler-crash-misbehaviour-for-zero-repeated-gr.patch
1 files changed, 175 insertions, 0 deletions
diff --git a/debian/patches/Fix-compiler-crash-misbehaviour-for-zero-repeated-gr.patch b/debian/patches/Fix-compiler-crash-misbehaviour-for-zero-repeated-gr.patch
new file mode 100644
index 0000000..a8c15f3
--- /dev/null
+++ b/debian/patches/Fix-compiler-crash-misbehaviour-for-zero-repeated-gr.patch
@@ -0,0 +1,175 @@
+Description: PCRE Library Stack Overflow Vulnerability
+ Fix compiler crash/misbehaviour for zero-repeated groups that
+ include a recursive back reference.
+Origin: backport, http://vcs.pcre.org/pcre?view=revision&revision=1495
+Bug: https://bugs.exim.org/show_bug.cgi?id=1503
+Forwarded: not-needed
+Last-Update: 2015-09-10
+Applied-Upstream: 8.36
+---
+--- a/pcre_compile.c
++++ b/pcre_compile.c
+@@ -8241,12 +8241,16 @@ for (;;)
+ 
+     /* If it was a capturing subpattern, check to see if it contained any
+     recursive back references. If so, we must wrap it in atomic brackets.
+-    In any event, remove the block from the chain. */
++    Because we are moving code along, we must ensure that any pending recursive
++    references are updated. In any event, remove the block from the chain. */
+ 
+     if (capnumber > 0)
+       {
+       if (cd->open_caps->flag)
+         {
++        *code = OP_END;
++        adjust_recurse(start_bracket, 1 + LINK_SIZE,
++          (options & PCRE_UTF8) != 0, cd, cd->hwm);
+         memmove(start_bracket + 1 + LINK_SIZE, start_bracket,
+           IN_UCHARS(code - start_bracket));
+         *start_bracket = OP_ONCE;
+--- a/testdata/testinput11
++++ b/testdata/testinput11
+@@ -132,4 +132,6 @@ is required for these tests. --/
+ 
+ /abc(d|e)(*THEN)x(123(*THEN)4|567(b|q)(*THEN)xx)/B
+ 
++/(((a\2)|(a*)\g<-1>))*a?/B
++
+ /-- End of testinput11 --/
+--- a/testdata/testinput2
++++ b/testdata/testinput2
+@@ -4035,6 +4035,8 @@ backtracking verbs. --/
+ 
+ /(?(R&6yh)abc)/
+ 
++/(((a\2)|(a*)\g<-1>))*a?/BZ
++
+ /-- Test the ugly "start or end of word" compatibility syntax --/
+ 
+ /[[:<:]]red[[:>:]]/BZ
+--- a/testdata/testoutput11-16
++++ b/testdata/testoutput11-16
+@@ -709,4 +709,28 @@ Memory allocation (code space): 14
+  62     End
+ ------------------------------------------------------------------
+ 
++/(((a\2)|(a*)\g<-1>))*a?/B
++------------------------------------------------------------------
++  0  39 Bra
++  2     Brazero
++  3  32 SCBra 1
++  6  27 Once
++  8  12 CBra 2
++ 11   7 CBra 3
++ 14     a
++ 16     \2
++ 18   7 Ket
++ 20  11 Alt
++ 22   5 CBra 4
++ 25     a*
++ 27   5 Ket
++ 29  22 Recurse
++ 31  23 Ket
++ 33  27 Ket
++ 35  32 KetRmax
++ 37     a?+
++ 39  39 Ket
++ 41     End
++------------------------------------------------------------------
++
+ /-- End of testinput11 --/
+--- a/testdata/testoutput11-32
++++ b/testdata/testoutput11-32
+@@ -709,4 +709,28 @@ Memory allocation (code space): 28
+  62     End
+ ------------------------------------------------------------------
+ 
++/(((a\2)|(a*)\g<-1>))*a?/B
++------------------------------------------------------------------
++  0  39 Bra
++  2     Brazero
++  3  32 SCBra 1
++  6  27 Once
++  8  12 CBra 2
++ 11   7 CBra 3
++ 14     a
++ 16     \2
++ 18   7 Ket
++ 20  11 Alt
++ 22   5 CBra 4
++ 25     a*
++ 27   5 Ket
++ 29  22 Recurse
++ 31  23 Ket
++ 33  27 Ket
++ 35  32 KetRmax
++ 37     a?+
++ 39  39 Ket
++ 41     End
++------------------------------------------------------------------
++
+ /-- End of testinput11 --/
+--- a/testdata/testoutput11-8
++++ b/testdata/testoutput11-8
+@@ -709,4 +709,28 @@ Memory allocation (code space): 10
+  76     End
+ ------------------------------------------------------------------
+ 
++/(((a\2)|(a*)\g<-1>))*a?/B
++------------------------------------------------------------------
++  0  57 Bra
++  3     Brazero
++  4  48 SCBra 1
++  9  40 Once
++ 12  18 CBra 2
++ 17  10 CBra 3
++ 22     a
++ 24     \2
++ 27  10 Ket
++ 30  16 Alt
++ 33   7 CBra 4
++ 38     a*
++ 40   7 Ket
++ 43  33 Recurse
++ 46  34 Ket
++ 49  40 Ket
++ 52  48 KetRmax
++ 55     a?+
++ 57  57 Ket
++ 60     End
++------------------------------------------------------------------
++
+ /-- End of testinput11 --/
+--- a/testdata/testoutput2
++++ b/testdata/testoutput2
+@@ -14093,6 +14093,30 @@ Failed: malformed number or name after (
+ /(?(R&6yh)abc)/
+ Failed: group name must start with a non-digit at offset 5
+ 
++/(((a\2)|(a*)\g<-1>))*a?/BZ
++------------------------------------------------------------------
++        Bra
++        Brazero
++        SCBra 1
++        Once
++        CBra 2
++        CBra 3
++        a
++        \2
++        Ket
++        Alt
++        CBra 4
++        a*
++        Ket
++        Recurse
++        Ket
++        Ket
++        KetRmax
++        a?+
++        Ket
++        End
++------------------------------------------------------------------
++
+ /-- Test the ugly "start or end of word" compatibility syntax --/
+ 
+ /[[:<:]]red[[:>:]]/BZ
author	John Paul Adrian Glaubitz <glaubitz@physik.fu-berlin.de>	2015-11-02 17:51:13 +0000
committer	John Paul Adrian Glaubitz <glaubitz@physik.fu-berlin.de>	2015-11-02 17:51:13 +0000
commit	98c3e224a46705936ea39a3830e50299f2ce3c73 (patch)
tree	e1245867d3733b5deaf4e41a88a080c3a0b4f59e /debian/patches/Fix-compiler-crash-misbehaviour-for-zero-repeated-gr.patch