summaryrefslogtreecommitdiff
path: root/debian/patches/Fix-bad-compilation-for-patterns-like-1-1-with-forwa.patch
diff options
context:
space:
mode:
Diffstat (limited to 'debian/patches/Fix-bad-compilation-for-patterns-like-1-1-with-forwa.patch')
-rw-r--r--debian/patches/Fix-bad-compilation-for-patterns-like-1-1-with-forwa.patch145
1 files changed, 0 insertions, 145 deletions
diff --git a/debian/patches/Fix-bad-compilation-for-patterns-like-1-1-with-forwa.patch b/debian/patches/Fix-bad-compilation-for-patterns-like-1-1-with-forwa.patch
deleted file mode 100644
index ed5b5c1..0000000
--- a/debian/patches/Fix-bad-compilation-for-patterns-like-1-1-with-forwa.patch
+++ /dev/null
@@ -1,145 +0,0 @@
-Description: CVE-2015-2326: heap buffer overflow in pcre_compile2()
- Fix bad compilation for patterns like /((?+1)(\1))/ with
- forward reference subroutine and recursive back reference within the same
- group.
-Origin: upstream, http://vcs.pcre.org/pcre?view=revision&revision=1529
-Bug: http://bugs.exim.org/show_bug.cgi?id=1592
-Bug-Debian: https://bugs.debian.org/783285
-Forwarded: not-needed
-Last-Update: 2015-09-10
-Applied-Upstream: 8.36
-
---- a/pcre_compile.c
-+++ b/pcre_compile.c
-@@ -8027,6 +8027,7 @@ int length;
- unsigned int orig_bracount;
- unsigned int max_bracount;
- branch_chain bc;
-+size_t save_hwm_offset;
-
- /* If set, call the external function that checks for stack availability. */
-
-@@ -8044,6 +8045,8 @@ bc.current_branch = code;
- firstchar = reqchar = 0;
- firstcharflags = reqcharflags = REQ_UNSET;
-
-+save_hwm_offset = cd->hwm - cd->start_workspace;
-+
- /* Accumulate the length for use in the pre-compile phase. Start with the
- length of the BRA and KET and any extra bytes that are required at the
- beginning. We accumulate in a local variable to save frequent testing of
-@@ -8246,7 +8249,7 @@ for (;;)
- {
- *code = OP_END;
- adjust_recurse(start_bracket, 1 + LINK_SIZE,
-- (options & PCRE_UTF8) != 0, cd, cd->hwm - cd->start_workspace);
-+ (options & PCRE_UTF8) != 0, cd, save_hwm_offset);
- memmove(start_bracket + 1 + LINK_SIZE, start_bracket,
- IN_UCHARS(code - start_bracket));
- *start_bracket = OP_ONCE;
---- a/testdata/testinput11
-+++ b/testdata/testinput11
-@@ -134,4 +134,6 @@ is required for these tests. --/
-
- /(((a\2)|(a*)\g<-1>))*a?/B
-
-+/((?+1)(\1))/B
-+
- /-- End of testinput11 --/
---- a/testdata/testinput2
-+++ b/testdata/testinput2
-@@ -4066,4 +4066,6 @@ backtracking verbs. --/
-
- "((?2){0,1999}())?"
-
-+/((?+1)(\1))/BZ
-+
- /-- End of testinput2 --/
---- a/testdata/testoutput11-16
-+++ b/testdata/testoutput11-16
-@@ -733,4 +733,19 @@ Memory allocation (code space): 14
- 41 End
- ------------------------------------------------------------------
-
-+/((?+1)(\1))/B
-+------------------------------------------------------------------
-+ 0 20 Bra
-+ 2 16 Once
-+ 4 12 CBra 1
-+ 7 9 Recurse
-+ 9 5 CBra 2
-+ 12 \1
-+ 14 5 Ket
-+ 16 12 Ket
-+ 18 16 Ket
-+ 20 20 Ket
-+ 22 End
-+------------------------------------------------------------------
-+
- /-- End of testinput11 --/
---- a/testdata/testoutput11-32
-+++ b/testdata/testoutput11-32
-@@ -733,4 +733,19 @@ Memory allocation (code space): 28
- 41 End
- ------------------------------------------------------------------
-
-+/((?+1)(\1))/B
-+------------------------------------------------------------------
-+ 0 20 Bra
-+ 2 16 Once
-+ 4 12 CBra 1
-+ 7 9 Recurse
-+ 9 5 CBra 2
-+ 12 \1
-+ 14 5 Ket
-+ 16 12 Ket
-+ 18 16 Ket
-+ 20 20 Ket
-+ 22 End
-+------------------------------------------------------------------
-+
- /-- End of testinput11 --/
---- a/testdata/testoutput11-8
-+++ b/testdata/testoutput11-8
-@@ -733,4 +733,19 @@ Memory allocation (code space): 10
- 60 End
- ------------------------------------------------------------------
-
-+/((?+1)(\1))/B
-+------------------------------------------------------------------
-+ 0 31 Bra
-+ 3 25 Once
-+ 6 19 CBra 1
-+ 11 14 Recurse
-+ 14 8 CBra 2
-+ 19 \1
-+ 22 8 Ket
-+ 25 19 Ket
-+ 28 25 Ket
-+ 31 31 Ket
-+ 34 End
-+------------------------------------------------------------------
-+
- /-- End of testinput11 --/
---- a/testdata/testoutput2
-+++ b/testdata/testoutput2
-@@ -14175,4 +14175,19 @@ Failed: parentheses are too deeply neste
-
- "((?2){0,1999}())?"
-
-+/((?+1)(\1))/BZ
-+------------------------------------------------------------------
-+ Bra
-+ Once
-+ CBra 1
-+ Recurse
-+ CBra 2
-+ \1
-+ Ket
-+ Ket
-+ Ket
-+ Ket
-+ End
-+------------------------------------------------------------------
-+
- /-- End of testinput2 --/
generated by cgit v1.2.3 (git 2.25.1) at 2024-04-25 04:03:35 +0000