1 files changed, 47 insertions, 0 deletions

diff --git a/debian/patches/CVE-2016-1283.patch b/debian/patches/CVE-2016-1283.patch
new file mode 100644
index 0000000..f05535b
--- /dev/null
+++ b/debian/patches/CVE-2016-1283.patch
@@ -0,0 +1,47 @@
+From b7537308b7c758f33c347cb0bec62754c43c271f Mon Sep 17 00:00:00 2001
+From: ph10 <ph10@2f5784b3-3f2a-0410-8824-cb99058d5e15>
+Date: Sat, 27 Feb 2016 17:38:11 +0000
+Subject: [PATCH] Yet another duplicate name bugfix by overestimating the
+ memory needed (i.e. another hack - PCRE2 has this "properly" fixed).
+
+git-svn-id: svn://vcs.exim.org/pcre/code/trunk@1636 2f5784b3-3f2a-0410-8824-cb99058d5e15
+---
+ pcre_compile.c       | 7 ++++++-
+ testdata/testinput2  | 2 ++
+ testdata/testoutput2 | 2 ++
+ 4 files changed, 17 insertions(+), 1 deletion(-)
+
+--- a/pcre_compile.c
++++ b/pcre_compile.c
+@@ -7289,7 +7289,12 @@ for (;; ptr++)
+           so far in order to get the number. If the name is not found, leave
+           the value of recno as 0 for a forward reference. */
+ 
+-          else
++          /* This patch (removing "else") fixes a problem when a reference is
++          to multiple identically named nested groups from within the nest.
++          Once again, it is not the "proper" fix, and it results in an
++          over-allocation of memory. */
++
++          /* else */
+             {
+             ng = cd->named_groups;
+             for (i = 0; i < cd->names_found; i++, ng++)
+--- a/testdata/testinput2
++++ b/testdata/testinput2
+@@ -4217,4 +4217,6 @@ backtracking verbs. --/
+ 
+ /a[[:punct:]b]/BZ
+ 
++/((?J)(?'R'(?'R'(?'R'(?'R'(?'R'(?|(\k'R'))))))))/
++
+ /-- End of testinput2 --/
+--- a/testdata/testoutput2
++++ b/testdata/testoutput2
+@@ -14574,4 +14574,6 @@ No match
+         End
+ ------------------------------------------------------------------
+ 
++/((?J)(?'R'(?'R'(?'R'(?'R'(?'R'(?|(\k'R'))))))))/
++
+ /-- End of testinput2 --/