diff options
| author | Natanael Copa <ncopa@alpinelinux.org> | 2015-01-25 10:30:30 +0000 |
|---|---|---|
| committer | Natanael Copa <ncopa@alpinelinux.org> | 2015-01-25 10:30:30 +0000 |
| commit | 656ff36b75f24b7f58cdc79362a8a975460fb1db (patch) | |
| tree | 1474edfe462f0f0783cf13359f7f873e4fe2a384 /main/pcre/CVE-2014-8964.patch | |
| parent | 655d521104ae64806748d619c3e3394c4974aa55 (diff) | |
| download | aports-656ff36b75f24b7f58cdc79362a8a975460fb1db.tar.bz2 aports-656ff36b75f24b7f58cdc79362a8a975460fb1db.tar.xz | |
main/pcre: security fix for CVE-2014-8964
ref #3731
Diffstat (limited to 'main/pcre/CVE-2014-8964.patch')
| -rw-r--r-- | main/pcre/CVE-2014-8964.patch | 68 |
1 files changed, 68 insertions, 0 deletions
diff --git a/main/pcre/CVE-2014-8964.patch b/main/pcre/CVE-2014-8964.patch new file mode 100644 index 0000000000..1fb303624d --- /dev/null +++ b/main/pcre/CVE-2014-8964.patch @@ -0,0 +1,68 @@ +From 48d2472840efc4dc54dfc698d64aa086332a9033 Mon Sep 17 00:00:00 2001 +From: ph10 <ph10@2f5784b3-3f2a-0410-8824-cb99058d5e15> +Date: Wed, 19 Nov 2014 20:57:13 +0000 +Subject: [PATCH] Fix zero-repeat assertion condition bug. +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +git-svn-id: svn://vcs.exim.org/pcre/code/trunk@1513 2f5784b3-3f2a-0410-8824-cb99058d5e15 +Signed-off-by: Petr Písař <ppisar@redhat.com> + +Petr Pisar: Ported to 8.36. + +diff --git a/pcre_exec.c b/pcre_exec.c +index fdf7067..bb5620d 100644 +--- a/pcre_exec.c ++++ b/pcre_exec.c +@@ -1404,8 +1404,11 @@ for (;;) + condition = TRUE; + + /* Advance ecode past the assertion to the start of the first branch, +- but adjust it so that the general choosing code below works. */ +- ++ but adjust it so that the general choosing code below works. If the ++ assertion has a quantifier that allows zero repeats we must skip over ++ the BRAZERO. This is a lunatic thing to do, but somebody did! */ ++ ++ if (*ecode == OP_BRAZERO) ecode++; + ecode += GET(ecode, 1); + while (*ecode == OP_ALT) ecode += GET(ecode, 1); + ecode += 1 + LINK_SIZE - PRIV(OP_lengths)[condcode]; +diff --git a/testdata/testinput2 b/testdata/testinput2 +index c6816bf..015422e 100644 +--- a/testdata/testinput2 ++++ b/testdata/testinput2 +@@ -4078,4 +4078,10 @@ backtracking verbs. --/ + + /\x{whatever}/ + ++"((?=(?(?=(?(?=(?(?=())))*)))))" ++ a ++ ++"(?(?=)?==)(((((((((?=)))))))))" ++ a ++ + /-- End of testinput2 --/ +diff --git a/testdata/testoutput2 b/testdata/testoutput2 +index 1e87026..9a1b14e 100644 +--- a/testdata/testoutput2 ++++ b/testdata/testoutput2 +@@ -14206,4 +14206,14 @@ Failed: digits missing in \x{} or \o{} at offset 3 + /\x{whatever}/ + Failed: non-hex character in \x{} (closing brace missing?) at offset 3 + ++"((?=(?(?=(?(?=(?(?=())))*)))))" ++ a ++ 0: ++ 1: ++ 2: ++ ++"(?(?=)?==)(((((((((?=)))))))))" ++ a ++No match ++ + /-- End of testinput2 --/ +-- +1.9.3 + |