diff options
Diffstat (limited to 'gnu/packages/patches/pcre2-CVE-2016-3191.patch')
-rw-r--r-- | gnu/packages/patches/pcre2-CVE-2016-3191.patch | 179 |
1 files changed, 0 insertions, 179 deletions
diff --git a/gnu/packages/patches/pcre2-CVE-2016-3191.patch b/gnu/packages/patches/pcre2-CVE-2016-3191.patch deleted file mode 100644 index 80f9d3d4f1..0000000000 --- a/gnu/packages/patches/pcre2-CVE-2016-3191.patch +++ /dev/null @@ -1,179 +0,0 @@ -Fixes CVE-2016-3191 (remote execution of arbitrary code or denial of -service (stack-based buffer overflow) via a crafted regular expression). - -See <https://bugzilla.redhat.com/show_bug.cgi?id=1311503>. - -This is svn r489 at <svn://vcs.exim.org/pcre2/code>, omitting the -changes to 'testdata/testoutput8-16-4', which does not exist in the -source tarball. - -git-svn-id: svn://vcs.exim.org/pcre2/code/trunk@489 6239d852-aaf2-0410-a92c-79f79f948069 ---- - ChangeLog | 4 ++++ - src/pcre2_compile.c | 16 ++++++++++++++-- - testdata/testinput8 | 2 ++ - testdata/testoutput8-16-2 | 3 +++ - testdata/testoutput8-16-3 | 3 +++ - testdata/testoutput8-16-4 | 3 +++ - testdata/testoutput8-32-2 | 3 +++ - testdata/testoutput8-32-3 | 3 +++ - testdata/testoutput8-32-4 | 3 +++ - testdata/testoutput8-8-2 | 3 +++ - testdata/testoutput8-8-3 | 3 +++ - testdata/testoutput8-8-4 | 3 +++ - 12 files changed, 47 insertions(+), 2 deletions(-) - -diff --git a/ChangeLog b/ChangeLog -index 3ce0207..65e333e 100644 ---- a/ChangeLog -+++ b/ChangeLog -@@ -58,6 +58,10 @@ some head-scratching the next time this happens. - assertion, caused pcre2test to output a very large number of spaces when the - callout was taken, making the program appearing to loop. - -+12. A pattern that included (*ACCEPT) in the middle of a sufficiently deeply -+nested set of parentheses of sufficient size caused an overflow of the -+compiling workspace (which was diagnosed, but of course is not desirable). -+ - - Version 10.21 12-January-2016 - ----------------------------- -diff --git a/src/pcre2_compile.c b/src/pcre2_compile.c -index e33d620..887fbfd 100644 ---- a/src/pcre2_compile.c -+++ b/src/pcre2_compile.c -@@ -5901,10 +5901,22 @@ for (;; ptr++) - goto FAILED; - } - cb->had_accept = TRUE; -+ -+ /* In the first pass, just accumulate the length required; -+ otherwise hitting (*ACCEPT) inside many nested parentheses can -+ cause workspace overflow. */ -+ - for (oc = cb->open_caps; oc != NULL; oc = oc->next) - { -- *code++ = OP_CLOSE; -- PUT2INC(code, 0, oc->number); -+ if (lengthptr != NULL) -+ { -+ *lengthptr += CU2BYTES(1) + IMM2_SIZE; -+ } -+ else -+ { -+ *code++ = OP_CLOSE; -+ PUT2INC(code, 0, oc->number); -+ } - } - setverb = *code++ = - (cb->assert_depth > 0)? OP_ASSERT_ACCEPT : OP_ACCEPT; -diff --git a/testdata/testinput8 b/testdata/testinput8 -index ca3b1b9..7e2a1f0 100644 ---- a/testdata/testinput8 -+++ b/testdata/testinput8 -@@ -182,4 +182,6 @@ - - /((?1)(?2)(?3)(?4)(?5)(?6)(?7)(?8)(?9)(?9)(?8)(?7)(?6)(?5)(?4)(?3)(?2)(?1)(?0)){2,}()()()()()()()()()/debug - -+/([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00](*ACCEPT)/ -+ - # End of testinput8 -diff --git a/testdata/testoutput8-16-2 b/testdata/testoutput8-16-2 -index 05669bb..a5e8dec 100644 ---- a/testdata/testoutput8-16-2 -+++ b/testdata/testoutput8-16-2 -@@ -1027,4 +1027,7 @@ Capturing subpattern count = 10 - May match empty string - Subject length lower bound = 0 - -+/([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00](*ACCEPT)/ -+Failed: error 186 at offset 490: regular expression is too complicated -+ - # End of testinput8 -diff --git a/testdata/testoutput8-16-3 b/testdata/testoutput8-16-3 -index 31884e1..36133b3 100644 ---- a/testdata/testoutput8-16-3 -+++ b/testdata/testoutput8-16-3 -@@ -1023,4 +1023,7 @@ Capturing subpattern count = 10 - May match empty string - Subject length lower bound = 0 - -+/([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00](*ACCEPT)/ -+Failed: error 114 at offset 509: missing closing parenthesis -+ - # End of testinput8 -diff --git a/testdata/testoutput8-32-2 b/testdata/testoutput8-32-2 -index babd0c7..99c4fad 100644 ---- a/testdata/testoutput8-32-2 -+++ b/testdata/testoutput8-32-2 -@@ -1023,4 +1023,7 @@ Capturing subpattern count = 10 - May match empty string - Subject length lower bound = 0 - -+/([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00](*ACCEPT)/ -+Failed: error 114 at offset 509: missing closing parenthesis -+ - # End of testinput8 -diff --git a/testdata/testoutput8-32-3 b/testdata/testoutput8-32-3 -index babd0c7..99c4fad 100644 ---- a/testdata/testoutput8-32-3 -+++ b/testdata/testoutput8-32-3 -@@ -1023,4 +1023,7 @@ Capturing subpattern count = 10 - May match empty string - Subject length lower bound = 0 - -+/([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00](*ACCEPT)/ -+Failed: error 114 at offset 509: missing closing parenthesis -+ - # End of testinput8 -diff --git a/testdata/testoutput8-32-4 b/testdata/testoutput8-32-4 -index babd0c7..99c4fad 100644 ---- a/testdata/testoutput8-32-4 -+++ b/testdata/testoutput8-32-4 -@@ -1023,4 +1023,7 @@ Capturing subpattern count = 10 - May match empty string - Subject length lower bound = 0 - -+/([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00](*ACCEPT)/ -+Failed: error 114 at offset 509: missing closing parenthesis -+ - # End of testinput8 -diff --git a/testdata/testoutput8-8-2 b/testdata/testoutput8-8-2 -index 6a9aa0a..6dc1f42 100644 ---- a/testdata/testoutput8-8-2 -+++ b/testdata/testoutput8-8-2 -@@ -1026,4 +1026,7 @@ Capturing subpattern count = 10 - May match empty string - Subject length lower bound = 0 - -+/([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00](*ACCEPT)/ -+Failed: error 114 at offset 509: missing closing parenthesis -+ - # End of testinput8 -diff --git a/testdata/testoutput8-8-3 b/testdata/testoutput8-8-3 -index 2fe1168..ae14946 100644 ---- a/testdata/testoutput8-8-3 -+++ b/testdata/testoutput8-8-3 -@@ -1024,4 +1024,7 @@ Capturing subpattern count = 10 - May match empty string - Subject length lower bound = 0 - -+/([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00](*ACCEPT)/ -+Failed: error 114 at offset 509: missing closing parenthesis -+ - # End of testinput8 -diff --git a/testdata/testoutput8-8-4 b/testdata/testoutput8-8-4 -index 91993b2..6c79956 100644 ---- a/testdata/testoutput8-8-4 -+++ b/testdata/testoutput8-8-4 -@@ -1022,4 +1022,7 @@ Capturing subpattern count = 10 - May match empty string - Subject length lower bound = 0 - -+/([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00](*ACCEPT)/ -+Failed: error 114 at offset 509: missing closing parenthesis -+ - # End of testinput8 --- -2.8.3 - |