aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorTobias Geerinckx-Rice <me@tobias.gr>2018-02-28 18:23:28 +0100
committerTobias Geerinckx-Rice <me@tobias.gr>2018-02-28 18:23:31 +0100
commit8297ff0f931a677c51ca7c64a844a55cd6cd2ef4 (patch)
tree288e5e6e3bf0e8dfc8d10aacd612941455fb486a
parent3d185f5562291ca2879fc703dbe61ed99fa929ad (diff)
downloadgnu-guix-8297ff0f931a677c51ca7c64a844a55cd6cd2ef4.tar
gnu-guix-8297ff0f931a677c51ca7c64a844a55cd6cd2ef4.tar.gz
gnu: pcre2: Update to 10.31.
* gnu/packages/pcre.scm (pcre2): Update to 10.31. [source]: Remove upstreamed patches. * gnu/packages/patches/pcre2-CVE-2017-7186.patch: Delete this file... * gnu/packages/patches/pcre2-CVE-2017-8786.patch: ...and this one. * gnu/local.mk (dist_patch_DATA): Remove them.
-rw-r--r--gnu/local.mk2
-rw-r--r--gnu/packages/patches/pcre2-CVE-2017-7186.patch68
-rw-r--r--gnu/packages/patches/pcre2-CVE-2017-8786.patch155
-rw-r--r--gnu/packages/pcre.scm7
4 files changed, 3 insertions, 229 deletions
diff --git a/gnu/local.mk b/gnu/local.mk
index 6cc73cb946..2df11950c5 100644
--- a/gnu/local.mk
+++ b/gnu/local.mk
@@ -961,8 +961,6 @@ dist_patch_DATA = \
%D%/packages/patches/patchutils-xfail-gendiff-tests.patch \
%D%/packages/patches/patch-hurd-path-max.patch \
%D%/packages/patches/pcmanfm-CVE-2017-8934.patch \
- %D%/packages/patches/pcre2-CVE-2017-7186.patch \
- %D%/packages/patches/pcre2-CVE-2017-8786.patch \
%D%/packages/patches/perl-file-path-CVE-2017-6512.patch \
%D%/packages/patches/perl-autosplit-default-time.patch \
%D%/packages/patches/perl-dbd-mysql-CVE-2017-10788.patch \
diff --git a/gnu/packages/patches/pcre2-CVE-2017-7186.patch b/gnu/packages/patches/pcre2-CVE-2017-7186.patch
deleted file mode 100644
index 5c16955aaa..0000000000
--- a/gnu/packages/patches/pcre2-CVE-2017-7186.patch
+++ /dev/null
@@ -1,68 +0,0 @@
-Patch for <https://nvd.nist.gov/vuln/detail?vulnId=CVE-2017-7186>
-taken from <https://vcs.pcre.org/pcre2?view=revision&revision=670>.
-
---- trunk/src/pcre2_internal.h 2016/11/19 12:46:24 600
-+++ trunk/src/pcre2_internal.h 2017/02/24 18:25:32 670
-@@ -1774,10 +1774,17 @@
- /* UCD access macros */
-
- #define UCD_BLOCK_SIZE 128
--#define GET_UCD(ch) (PRIV(ucd_records) + \
-+#define REAL_GET_UCD(ch) (PRIV(ucd_records) + \
- PRIV(ucd_stage2)[PRIV(ucd_stage1)[(int)(ch) / UCD_BLOCK_SIZE] * \
- UCD_BLOCK_SIZE + (int)(ch) % UCD_BLOCK_SIZE])
-
-+#if PCRE2_CODE_UNIT_WIDTH == 32
-+#define GET_UCD(ch) ((ch > MAX_UTF_CODE_POINT)? \
-+ PRIV(dummy_ucd_record) : REAL_GET_UCD(ch))
-+#else
-+#define GET_UCD(ch) REAL_GET_UCD(ch)
-+#endif
-+
- #define UCD_CHARTYPE(ch) GET_UCD(ch)->chartype
- #define UCD_SCRIPT(ch) GET_UCD(ch)->script
- #define UCD_CATEGORY(ch) PRIV(ucp_gentype)[UCD_CHARTYPE(ch)]
-@@ -1834,6 +1841,9 @@
- #define _pcre2_default_compile_context PCRE2_SUFFIX(_pcre2_default_compile_context_)
- #define _pcre2_default_match_context PCRE2_SUFFIX(_pcre2_default_match_context_)
- #define _pcre2_default_tables PCRE2_SUFFIX(_pcre2_default_tables_)
-+#if PCRE2_CODE_UNIT_WIDTH == 32
-+#define _pcre2_dummy_ucd_record PCRE2_SUFFIX(_pcre2_dummy_ucd_record_)
-+#endif
- #define _pcre2_hspace_list PCRE2_SUFFIX(_pcre2_hspace_list_)
- #define _pcre2_vspace_list PCRE2_SUFFIX(_pcre2_vspace_list_)
- #define _pcre2_ucd_caseless_sets PCRE2_SUFFIX(_pcre2_ucd_caseless_sets_)
-@@ -1858,6 +1868,9 @@
- extern const uint32_t PRIV(vspace_list)[];
- extern const uint32_t PRIV(ucd_caseless_sets)[];
- extern const ucd_record PRIV(ucd_records)[];
-+#if PCRE2_CODE_UNIT_WIDTH == 32
-+extern const ucd_record PRIV(dummy_ucd_record)[];
-+#endif
- extern const uint8_t PRIV(ucd_stage1)[];
- extern const uint16_t PRIV(ucd_stage2)[];
- extern const uint32_t PRIV(ucp_gbtable)[];
-
---- trunk/src/pcre2_ucd.c 2015/07/17 15:44:51 316
-+++ trunk/src/pcre2_ucd.c 2017/02/24 18:25:32 670
-@@ -41,6 +41,20 @@
-
- const char *PRIV(unicode_version) = "8.0.0";
-
-+/* If the 32-bit library is run in non-32-bit mode, character values
-+greater than 0x10ffff may be encountered. For these we set up a
-+special record. */
-+
-+#if PCRE2_CODE_UNIT_WIDTH == 32
-+const ucd_record PRIV(dummy_ucd_record)[] = {{
-+ ucp_Common, /* script */
-+ ucp_Cn, /* type unassigned */
-+ ucp_gbOther, /* grapheme break property */
-+ 0, /* case set */
-+ 0, /* other case */
-+ }};
-+#endif
-+
- /* When recompiling tables with a new Unicode version, please check the
- types in this structure definition from pcre2_internal.h (the actual
- field names will be different):
diff --git a/gnu/packages/patches/pcre2-CVE-2017-8786.patch b/gnu/packages/patches/pcre2-CVE-2017-8786.patch
deleted file mode 100644
index 6071d58f07..0000000000
--- a/gnu/packages/patches/pcre2-CVE-2017-8786.patch
+++ /dev/null
@@ -1,155 +0,0 @@
-Fix CVE-2017-8786:
-
-https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8786
-https://bugs.exim.org/show_bug.cgi?id=2079
-https://blogs.gentoo.org/ago/2017/04/29/libpcre-heap-based-buffer-overflow-write-in-pcre2test-c/
-
-Patch copied from upstream source repository:
-
-https://vcs.pcre.org/pcre2?view=revision&revision=696
-https://vcs.pcre.org/pcre2?view=revision&revision=697
-
---- trunk/doc/pcre2api.3 2017/03/21 16:48:40 695
-+++ trunk/doc/pcre2api.3 2017/03/21 17:46:21 696
-@@ -1,4 +1,4 @@
--.TH PCRE2API 3 "24 December 2016" "PCRE2 10.23"
-+.TH PCRE2API 3 "21 March 2017" "PCRE2 10.30"
- .SH NAME
- PCRE2 - Perl-compatible regular expressions (revised API)
- .sp
-@@ -2633,8 +2633,8 @@
- A text message for an error code from any PCRE2 function (compile, match, or
- auxiliary) can be obtained by calling \fBpcre2_get_error_message()\fP. The code
- is passed as the first argument, with the remaining two arguments specifying a
--code unit buffer and its length, into which the text message is placed. Note
--that the message is returned in code units of the appropriate width for the
-+code unit buffer and its length in code units, into which the text message is
-+placed. The message is returned in code units of the appropriate width for the
- library that is being used.
- .P
- The returned message is terminated with a trailing zero, and the function
-@@ -3321,6 +3321,6 @@
- .rs
- .sp
- .nf
--Last updated: 23 December 2016
--Copyright (c) 1997-2016 University of Cambridge.
-+Last updated: 21 March 2017
-+Copyright (c) 1997-2017 University of Cambridge.
- .fi
---- trunk/src/pcre2_error.c 2017/03/21 16:48:40 695
-+++ trunk/src/pcre2_error.c 2017/03/21 17:46:21 696
-@@ -271,7 +271,7 @@
- Arguments:
- enumber error number
- buffer where to put the message (zero terminated)
-- size size of the buffer
-+ size size of the buffer in code units
-
- Returns: length of message if all is well
- negative on error
---- trunk/src/pcre2test.c 2017/03/21 17:46:21 696
-+++ trunk/src/pcre2test.c 2017/03/21 18:36:13 697
-@@ -1017,9 +1017,9 @@
- if (test_mode == PCRE8_MODE) \
- r = pcre2_get_error_message_8(a,G(b,8),G(G(b,8),_size)); \
- else if (test_mode == PCRE16_MODE) \
-- r = pcre2_get_error_message_16(a,G(b,16),G(G(b,16),_size)); \
-+ r = pcre2_get_error_message_16(a,G(b,16),G(G(b,16),_size/2)); \
- else \
-- r = pcre2_get_error_message_32(a,G(b,32),G(G(b,32),_size))
-+ r = pcre2_get_error_message_32(a,G(b,32),G(G(b,32),_size/4))
-
- #define PCRE2_GET_OVECTOR_COUNT(a,b) \
- if (test_mode == PCRE8_MODE) \
-@@ -1399,6 +1399,9 @@
-
- /* ----- Common macros for two-mode cases ----- */
-
-+#define BYTEONE (BITONE/8)
-+#define BYTETWO (BITTWO/8)
-+
- #define CASTFLD(t,a,b) \
- ((test_mode == G(G(PCRE,BITONE),_MODE))? (t)(G(a,BITONE)->b) : \
- (t)(G(a,BITTWO)->b))
-@@ -1481,9 +1484,9 @@
-
- #define PCRE2_GET_ERROR_MESSAGE(r,a,b) \
- if (test_mode == G(G(PCRE,BITONE),_MODE)) \
-- r = G(pcre2_get_error_message_,BITONE)(a,G(b,BITONE),G(G(b,BITONE),_size)); \
-+ r = G(pcre2_get_error_message_,BITONE)(a,G(b,BITONE),G(G(b,BITONE),_size/BYTEONE)); \
- else \
-- r = G(pcre2_get_error_message_,BITTWO)(a,G(b,BITTWO),G(G(b,BITTWO),_size))
-+ r = G(pcre2_get_error_message_,BITTWO)(a,G(b,BITTWO),G(G(b,BITTWO),_size/BYTETWO))
-
- #define PCRE2_GET_OVECTOR_COUNT(a,b) \
- if (test_mode == G(G(PCRE,BITONE),_MODE)) \
-@@ -1904,7 +1907,7 @@
- #define PCRE2_DFA_MATCH(a,b,c,d,e,f,g,h,i,j) \
- a = pcre2_dfa_match_16(G(b,16),(PCRE2_SPTR16)c,d,e,f,G(g,16),h,i,j)
- #define PCRE2_GET_ERROR_MESSAGE(r,a,b) \
-- r = pcre2_get_error_message_16(a,G(b,16),G(G(b,16),_size))
-+ r = pcre2_get_error_message_16(a,G(b,16),G(G(b,16),_size/2))
- #define PCRE2_GET_OVECTOR_COUNT(a,b) a = pcre2_get_ovector_count_16(G(b,16))
- #define PCRE2_GET_STARTCHAR(a,b) a = pcre2_get_startchar_16(G(b,16))
- #define PCRE2_JIT_COMPILE(r,a,b) r = pcre2_jit_compile_16(G(a,16),b)
-@@ -2000,7 +2003,7 @@
- #define PCRE2_DFA_MATCH(a,b,c,d,e,f,g,h,i,j) \
- a = pcre2_dfa_match_32(G(b,32),(PCRE2_SPTR32)c,d,e,f,G(g,32),h,i,j)
- #define PCRE2_GET_ERROR_MESSAGE(r,a,b) \
-- r = pcre2_get_error_message_32(a,G(b,32),G(G(b,32),_size))
-+ r = pcre2_get_error_message_32(a,G(b,32),G(G(b,32),_size/4))
- #define PCRE2_GET_OVECTOR_COUNT(a,b) a = pcre2_get_ovector_count_32(G(b,32))
- #define PCRE2_GET_STARTCHAR(a,b) a = pcre2_get_startchar_32(G(b,32))
- #define PCRE2_JIT_COMPILE(r,a,b) r = pcre2_jit_compile_32(G(a,32),b)
---- trunk/src/pcre2test.c 2017/03/21 16:48:40 695
-+++ trunk/src/pcre2test.c 2017/03/21 17:46:21 696
-@@ -2889,7 +2889,7 @@
- {
- if (pbuffer32 != NULL) free(pbuffer32);
- pbuffer32_size = 4*len + 4;
-- if (pbuffer32_size < 256) pbuffer32_size = 256;
-+ if (pbuffer32_size < 512) pbuffer32_size = 512;
- pbuffer32 = (uint32_t *)malloc(pbuffer32_size);
- if (pbuffer32 == NULL)
- {
-@@ -7600,7 +7600,8 @@
- int errcode;
- char *endptr;
-
--/* Ensure the relevant non-8-bit buffer is available. */
-+/* Ensure the relevant non-8-bit buffer is available. Ensure that it is at
-+least 128 code units, because it is used for retrieving error messages. */
-
- #ifdef SUPPORT_PCRE2_16
- if (test_mode == PCRE16_MODE)
-@@ -7620,7 +7621,7 @@
- #ifdef SUPPORT_PCRE2_32
- if (test_mode == PCRE32_MODE)
- {
-- pbuffer32_size = 256;
-+ pbuffer32_size = 512;
- pbuffer32 = (uint32_t *)malloc(pbuffer32_size);
- if (pbuffer32 == NULL)
- {
---- trunk/testdata/testinput2 2017/03/21 16:48:40 695
-+++ trunk/testdata/testinput2 2017/03/21 17:46:21 696
-@@ -5017,4 +5017,6 @@
-
- /(?<!\1((?U)1((?U))))(*F)/never_backslash_c,alt_bsux,anchored,extended
-
-+/\g{3/
-+
- # End of testinput2
---- trunk/testdata/testoutput2 2017/03/21 16:48:40 695
-+++ trunk/testdata/testoutput2 2017/03/21 17:46:21 696
-@@ -15570,6 +15570,9 @@
-
- /(?<!\1((?U)1((?U))))(*F)/never_backslash_c,alt_bsux,anchored,extended
-
-+/\g{3/
-+Failed: error 157 at offset 2: \g is not followed by a braced, angle-bracketed, or quoted name/number or by a plain number
-+
- # End of testinput2
- Error -63: PCRE2_ERROR_BADDATA (unknown error number)
- Error -62: bad serialized data
diff --git a/gnu/packages/pcre.scm b/gnu/packages/pcre.scm
index ee853d5015..5719b7bb45 100644
--- a/gnu/packages/pcre.scm
+++ b/gnu/packages/pcre.scm
@@ -6,6 +6,7 @@
;;; Copyright © 2017 Marius Bakke <mbakke@fastmail.com>
;;; Copyright © 2017 Ludovic Courtès <ludo@gnu.org>
;;; Copyright © 2017 Efraim Flashner <efraim@flashner.co.il>
+;;; Copyright © 2018 Tobias Geerinckx-Rice <me@tobias.gr>
;;;
;;; This file is part of GNU Guix.
;;;
@@ -75,7 +76,7 @@ POSIX regular expression API.")
(define-public pcre2
(package
(name "pcre2")
- (version "10.23")
+ (version "10.31")
(source (origin
(method url-fetch)
(uri (string-append "mirror://sourceforge/pcre/pcre2/"
@@ -83,9 +84,7 @@ POSIX regular expression API.")
(sha256
(base32
- "0vn5g0mkkp99mmzpissa06hpyj6pk9s4mlwbjqrjvw3ihy8rpiyz"))
- (patches (search-patches "pcre2-CVE-2017-7186.patch"
- "pcre2-CVE-2017-8786.patch"))))
+ "1b389pzw91k1hzydsh4smdsxyppwz4pv74m3nrvy8rda0j3m6zg0"))))
(build-system gnu-build-system)
(inputs `(("bzip2" ,bzip2)
("readline" ,readline)