[notify] libpcre: security fix for CVE-2015-5073
This commit is contained in:
parent
1476dd9832
commit
023997c9bf
|
@ -1,2 +1,3 @@
|
|||
45df6737e61738cc8bb061e0b9c0fbb2 01-seven-security-patches.patch
|
||||
5222dd119a2cfde15df9ae2583c64698 libpcre-8.37-CVE-2015-5073.patch
|
||||
ed91be292cb01d21bc7e526816c26981 pcre-8.37.tar.bz2
|
||||
|
|
|
@ -4,13 +4,17 @@
|
|||
|
||||
name=libpcre
|
||||
version=8.37
|
||||
release=2
|
||||
release=3
|
||||
source=(ftp://ftp.csx.cam.ac.uk/pub/software/programming/pcre/pcre-$version.tar.bz2 \
|
||||
01-seven-security-patches.patch)
|
||||
01-seven-security-patches.patch \
|
||||
$name-$version-CVE-2015-5073.patch)
|
||||
|
||||
build() {
|
||||
cd pcre-$version
|
||||
|
||||
patch -p1 -i $SRC/01-seven-security-patches.patch
|
||||
patch -p1 -i $SRC/$name-$version-CVE-2015-5073.patch
|
||||
|
||||
./configure --prefix=/usr \
|
||||
--mandir=/usr/man \
|
||||
--enable-utf8 \
|
||||
|
|
72
libpcre/libpcre-8.37-CVE-2015-5073.patch
Normal file
72
libpcre/libpcre-8.37-CVE-2015-5073.patch
Normal file
|
@ -0,0 +1,72 @@
|
|||
https://bugs.exim.org/show_bug.cgi?id=1651
|
||||
https://bugs.gentoo.org/553300
|
||||
https://bugzilla.redhat.com/1237224
|
||||
|
||||
From 354e1f8e921dcb9cf2f3a5eac93cd826d01a7d8a Mon Sep 17 00:00:00 2001
|
||||
From: ph10 <ph10@2f5784b3-3f2a-0410-8824-cb99058d5e15>
|
||||
Date: Tue, 23 Jun 2015 16:34:53 +0000
|
||||
Subject: [PATCH] Fix buffer overflow for forward reference within backward
|
||||
assertion with excess closing parenthesis. Bugzilla 1651.
|
||||
MIME-Version: 1.0
|
||||
Content-Type: text/plain; charset=UTF-8
|
||||
Content-Transfer-Encoding: 8bit
|
||||
|
||||
This is upstream commit ported to 8.37:
|
||||
|
||||
commit 764692f9aea9eab50fdba6cb537441d8b34c6c37
|
||||
Author: ph10 <ph10@2f5784b3-3f2a-0410-8824-cb99058d5e15>
|
||||
Date: Tue Jun 23 16:34:53 2015 +0000
|
||||
|
||||
Fix buffer overflow for forward reference within backward assertion with excess
|
||||
closing parenthesis. Bugzilla 1651.
|
||||
|
||||
git-svn-id: svn://vcs.exim.org/pcre/code/trunk@1571 2f5784b3-3f2a-0410-8824-cb99058d5e15
|
||||
|
||||
It fixes CVE-2015-5073.
|
||||
|
||||
Signed-off-by: Petr Písař <ppisar@redhat.com>
|
||||
---
|
||||
pcre_compile.c | 2 +-
|
||||
testdata/testinput2 | 2 ++
|
||||
testdata/testoutput2 | 3 +++
|
||||
3 files changed, 6 insertions(+), 1 deletion(-)
|
||||
|
||||
diff --git a/pcre_compile.c b/pcre_compile.c
|
||||
index 6f06912..b66b1f6 100644
|
||||
--- a/pcre_compile.c
|
||||
+++ b/pcre_compile.c
|
||||
@@ -9392,7 +9392,7 @@ OP_RECURSE that are not fixed length get a diagnosic with a useful offset. The
|
||||
exceptional ones forgo this. We scan the pattern to check that they are fixed
|
||||
length, and set their lengths. */
|
||||
|
||||
-if (cd->check_lookbehind)
|
||||
+if (errorcode == 0 && cd->check_lookbehind)
|
||||
{
|
||||
pcre_uchar *cc = (pcre_uchar *)codestart;
|
||||
|
||||
diff --git a/testdata/testinput2 b/testdata/testinput2
|
||||
index 83bb471..5cc9ce6 100644
|
||||
--- a/testdata/testinput2
|
||||
+++ b/testdata/testinput2
|
||||
@@ -4154,4 +4154,6 @@ backtracking verbs. --/
|
||||
|
||||
"(?J)(?'d'(?'d'\g{d}))"
|
||||
|
||||
+/(?=di(?<=(?1))|(?=(.))))/
|
||||
+
|
||||
/-- End of testinput2 --/
|
||||
diff --git a/testdata/testoutput2 b/testdata/testoutput2
|
||||
index 7dff52a..4decb8d 100644
|
||||
--- a/testdata/testoutput2
|
||||
+++ b/testdata/testoutput2
|
||||
@@ -14425,4 +14425,7 @@ Failed: lookbehind assertion is not fixed length at offset 17
|
||||
|
||||
"(?J)(?'d'(?'d'\g{d}))"
|
||||
|
||||
+/(?=di(?<=(?1))|(?=(.))))/
|
||||
+Failed: unmatched parentheses at offset 23
|
||||
+
|
||||
/-- End of testinput2 --/
|
||||
--
|
||||
2.4.3
|
||||
|
Loading…
Reference in New Issue
Block a user