FreeBSD Bugzilla – Attachment 184463 Details for
Bug 220818
devel/oniguruma5: Fix multiple vulnerabilities in 5.9.6_p1
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Help
|
New Account
|
Log In
Remember
[x]
|
Forgot Password
Login:
[x]
[patch]
oniguruma5-5.9.6_2.patch
oniguruma5-5.9.6_2.patch (text/plain), 5.44 KB, created by
takefu
on 2017-07-18 05:41:04 UTC
(
hide
)
Description:
oniguruma5-5.9.6_2.patch
Filename:
MIME Type:
Creator:
takefu
Created:
2017-07-18 05:41:04 UTC
Size:
5.44 KB
patch
obsolete
>diff -udprN /usr/ports/devel/oniguruma5/Makefile ./Makefile >--- /usr/ports/devel/oniguruma5/Makefile 2017-07-13 21:15:21.000000000 +0000 >+++ ./Makefile 2017-07-18 04:58:14.643668000 +0000 >@@ -4,7 +4,8 @@ > PORTNAME= oniguruma > PORTVERSION= 5.9.6 > DISTVERSIONPREFIX= v >-PORTREVISION= 1 >+DISTVERSIONSUFFIX= _p1 >+PORTREVISION= 2 > CATEGORIES= devel textproc > PKGNAMESUFFIX= 5 > DIST_SUBDIR= ruby >diff -udprN /usr/ports/devel/oniguruma5/distinfo ./distinfo >--- /usr/ports/devel/oniguruma5/distinfo 2016-11-26 10:09:54.000000000 +0000 >+++ ./distinfo 2017-07-18 04:56:46.508664000 +0000 >@@ -1,3 +1,3 @@ >-TIMESTAMP = 1480154293 >-SHA256 (ruby/kkos-oniguruma-v5.9.6_GH0.tar.gz) = 0746ee6b889f9afe2fc0bf7cb9f21d7847821bbdf07bc938a3a5dfb3f91cc0d5 >-SIZE (ruby/kkos-oniguruma-v5.9.6_GH0.tar.gz) = 325378 >+TIMESTAMP = 1500353806 >+SHA256 (ruby/kkos-oniguruma-v5.9.6_p1_GH0.tar.gz) = dd18e05e6f32b5fdd544a77a00570d342694886ba18574ba193d480ce529ac62 >+SIZE (ruby/kkos-oniguruma-v5.9.6_p1_GH0.tar.gz) = 409748 >diff -udprN /usr/ports/devel/oniguruma5/files/patch-regexec.c ./files/patch-regexec.c >--- /usr/ports/devel/oniguruma5/files/patch-regexec.c 1970-01-01 00:00:00.000000000 +0000 >+++ ./files/patch-regexec.c 2017-07-18 05:03:28.760157000 +0000 >@@ -0,0 +1,25 @@ >+--- regexec.c.orig 2016-12-12 01:27:00 UTC >++++ regexec.c >+@@ -1425,14 +1425,9 @@ match_at(regex_t* reg, const UChar* str, >+ break; >+ >+ case OP_EXACT1: MOP_IN(OP_EXACT1); >+-#if 0 >+ DATA_ENSURE(1); >+ if (*p != *s) goto fail; >+ p++; s++; >+-#endif >+- if (*p != *s++) goto fail; >+- DATA_ENSURE(0); >+- p++; >+ MOP_OUT; >+ break; >+ >+@@ -3128,6 +3123,7 @@ forward_search_range(regex_t* reg, const >+ } >+ else { >+ UChar *q = p + reg->dmin; >++ if (q >= end) return 0; /* fail */ >+ while (p < q) p += enclen(reg->enc, p); >+ } >+ } >diff -udprN /usr/ports/devel/oniguruma5/files/patch-regparse.c ./files/patch-regparse.c >--- /usr/ports/devel/oniguruma5/files/patch-regparse.c 1970-01-01 00:00:00.000000000 +0000 >+++ ./files/patch-regparse.c 2017-07-18 05:03:39.476851000 +0000 >@@ -0,0 +1,91 @@ >+--- regparse.c.orig 2016-12-12 01:27:00 UTC >++++ regparse.c >+@@ -3032,7 +3032,7 @@ fetch_token_in_cc(OnigToken* tok, UChar* >+ } >+ else if (IS_SYNTAX_OP(syn, ONIG_SYN_OP_ESC_X_HEX2)) { >+ num = scan_unsigned_hexadecimal_number(&p, end, 2, enc); >+- if (num < 0) return ONIGERR_TOO_BIG_NUMBER; >++ if (num < 0 || num >= 256) return ONIGERR_TOO_BIG_NUMBER; >+ if (p == prev) { /* can't read nothing. */ >+ num = 0; /* but, it's not error */ >+ } >+@@ -3048,7 +3048,7 @@ fetch_token_in_cc(OnigToken* tok, UChar* >+ prev = p; >+ if (IS_SYNTAX_OP2(syn, ONIG_SYN_OP2_ESC_U_HEX4)) { >+ num = scan_unsigned_hexadecimal_number(&p, end, 4, enc); >+- if (num < 0) return ONIGERR_TOO_BIG_NUMBER; >++ if (num < 0 || num >= 256) return ONIGERR_TOO_BIG_NUMBER; >+ if (p == prev) { /* can't read nothing. */ >+ num = 0; /* but, it's not error */ >+ } >+@@ -3064,7 +3064,7 @@ fetch_token_in_cc(OnigToken* tok, UChar* >+ PUNFETCH; >+ prev = p; >+ num = scan_unsigned_octal_number(&p, end, 3, enc); >+- if (num < 0) return ONIGERR_TOO_BIG_NUMBER; >++ if (num < 0 || num >= 256) return ONIGERR_TOO_BIG_NUMBER; >+ if (p == prev) { /* can't read nothing. */ >+ num = 0; /* but, it's not error */ >+ } >+@@ -3371,7 +3371,7 @@ fetch_token(OnigToken* tok, UChar** src, >+ } >+ else if (IS_SYNTAX_OP(syn, ONIG_SYN_OP_ESC_X_HEX2)) { >+ num = scan_unsigned_hexadecimal_number(&p, end, 2, enc); >+- if (num < 0) return ONIGERR_TOO_BIG_NUMBER; >++ if (num < 0 || num >= 256) return ONIGERR_TOO_BIG_NUMBER; >+ if (p == prev) { /* can't read nothing. */ >+ num = 0; /* but, it's not error */ >+ } >+@@ -3387,7 +3387,7 @@ fetch_token(OnigToken* tok, UChar** src, >+ prev = p; >+ if (IS_SYNTAX_OP2(syn, ONIG_SYN_OP2_ESC_U_HEX4)) { >+ num = scan_unsigned_hexadecimal_number(&p, end, 4, enc); >+- if (num < 0) return ONIGERR_TOO_BIG_NUMBER; >++ if (num < 0 || num >= 256) return ONIGERR_TOO_BIG_NUMBER; >+ if (p == prev) { /* can't read nothing. */ >+ num = 0; /* but, it's not error */ >+ } >+@@ -3436,7 +3436,7 @@ fetch_token(OnigToken* tok, UChar** src, >+ if (IS_SYNTAX_OP(syn, ONIG_SYN_OP_ESC_OCTAL3)) { >+ prev = p; >+ num = scan_unsigned_octal_number(&p, end, (c == '0' ? 2:3), enc); >+- if (num < 0) return ONIGERR_TOO_BIG_NUMBER; >++ if (num < 0 || num >= 256) return ONIGERR_TOO_BIG_NUMBER; >+ if (p == prev) { /* can't read nothing. */ >+ num = 0; /* but, it's not error */ >+ } >+@@ -4060,15 +4060,19 @@ next_state_class(CClassNode* cc, OnigCod >+ return ONIGERR_CHAR_CLASS_VALUE_AT_END_OF_RANGE; >+ >+ if (*state == CCS_VALUE && *type != CCV_CLASS) { >+- if (*type == CCV_SB) >++ if (*type == CCV_SB) { >++ if (*vs > 0xff) >++ return ONIGERR_INVALID_CODE_POINT_VALUE; >+ BITSET_SET_BIT(cc->bs, (int )(*vs)); >++ } >+ else if (*type == CCV_CODE_POINT) { >+ r = add_code_range(&(cc->mbuf), env, *vs, *vs); >+ if (r < 0) return r; >+ } >+ } >+ >+- *state = CCS_VALUE; >++ if (*state != CCS_START) >++ *state = CCS_VALUE; >+ *type = CCV_CLASS; >+ return 0; >+ } >+@@ -4083,8 +4087,11 @@ next_state_val(CClassNode* cc, OnigCodeP >+ >+ switch (*state) { >+ case CCS_VALUE: >+- if (*type == CCV_SB) >++ if (*type == CCV_SB) { >++ if (*vs > 0xff) >++ return ONIGERR_INVALID_CODE_POINT_VALUE; >+ BITSET_SET_BIT(cc->bs, (int )(*vs)); >++ } >+ else if (*type == CCV_CODE_POINT) { >+ r = add_code_range(&(cc->mbuf), env, *vs, *vs); >+ if (r < 0) return r;
You cannot view the attachment while viewing its details because your browser does not support IFRAMEs.
View the attachment on a separate page
.
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 220818
: 184463