diff --git a/.gitignore b/.gitignore index c8d99e9..88c6af3 100644 --- a/.gitignore +++ b/.gitignore @@ -1,3 +1 @@ -grep-2.6.3.tar.xz -/grep-2.7.tar.xz -/grep-2.8.tar.xz +/grep-2.9.tar.xz diff --git a/grep-2.8-dfa-buffer-overrun-fix.patch b/grep-2.8-dfa-buffer-overrun-fix.patch deleted file mode 100644 index 6013847..0000000 --- a/grep-2.8-dfa-buffer-overrun-fix.patch +++ /dev/null @@ -1,107 +0,0 @@ -From 0b91d6928e9d098d3746ce9f4bb4160a2e685f5c Mon Sep 17 00:00:00 2001 -From: Jim Meyering -Date: Fri, 17 Jun 2011 08:27:06 +0000 -Subject: dfa: don't overrun a malloc'd buffer for certain regexps - -* src/dfa.c (dfaanalyze): Allocate space for twice as many -positions as there are leaves. Before this change, for some -regular expressions, DFA analysis would have inserted far more -"positions" than dfa->nleaves (up to double). -Reported by Raymond Russell in http://savannah.gnu.org/bugs/?33547 -* tests/dfa-heap-overrun: Trigger the overrun. -* tests/Makefile.am (TESTS): Add it. -* NEWS (Bug fixes): Mention it. - - -NEWS hunk modified to apply, Jaroslav Škarvada ---- -diff --git a/NEWS b/NEWS -index d026448..3354d50 100644 ---- a/NEWS -+++ b/NEWS -@@ -4,6 +4,9 @@ GNU grep NEWS -*- outline -*- - - ** Bug fixes - -+ grep no longer clobbers heap for an ERE like '(^| )*( |$)' -+ [bug introduced in grep-2.6] -+ - echo c|grep '[c]' would fail for any c in 0x80..0xff, and in many locales. - E.g., printf '\xff\n'|grep "$(printf '[\xff]')" || echo FAIL - would print FAIL rather than the required matching line. - -diff --git a/src/dfa.c b/src/dfa.c -index 873530f..c32d679 100644 ---- a/src/dfa.c -+++ b/src/dfa.c -@@ -2134,7 +2134,7 @@ dfaanalyze (struct dfa *d, int searchflag) - MALLOC(lastpos, position, d->nleaves); - o_lastpos = lastpos, lastpos += d->nleaves; - CALLOC(nalloc, int, d->tindex); -- MALLOC(merged.elems, position, d->nleaves); -+ MALLOC(merged.elems, position, 2 * d->nleaves); - - CALLOC(d->follows, position_set, d->tindex); - -diff --git a/tests/Makefile.am b/tests/Makefile.am -index 8d51727..1f0d2cf 100644 ---- a/tests/Makefile.am -+++ b/tests/Makefile.am -@@ -46,6 +46,7 @@ TESTS = \ - case-fold-char-range \ - case-fold-char-type \ - char-class-multibyte \ -+ dfa-heap-overrun \ - dfaexec-multibyte \ - empty \ - equiv-classes \ -@@ -103,7 +104,6 @@ MALLOC_PERTURB_ = 1 - TESTS_ENVIRONMENT = \ - tmp__=$$TMPDIR; test -d "$$tmp__" || tmp__=.; \ - TMPDIR=$$tmp__; export TMPDIR; \ -- exec 9>&2; \ - shell_or_perl_() { \ - if grep '^\#!/usr/bin/perl' "$$1" > /dev/null; then \ - if $(PERL) -e 'use warnings' > /dev/null 2>&1; then \ -@@ -141,6 +141,6 @@ TESTS_ENVIRONMENT = \ - PERL='$(PERL)' \ - SHELL='$(SHELL)' \ - PATH='$(abs_top_builddir)/src$(PATH_SEPARATOR)'"$$PATH" \ -- ; shell_or_perl_ -+ ; shell_or_perl_ 9>&2 - - VERBOSE = yes -diff --git a/tests/dfa-heap-overrun b/tests/dfa-heap-overrun -new file mode 100755 -index 0000000..dda1c12 ---- a/dev/null -+++ b/tests/dfa-heap-overrun -@@ -0,0 +1,26 @@ -+#!/bin/sh -+# Trigger a heap overrun in grep-2.6..grep-2.8. -+ -+# Copyright (C) 2011 Free Software Foundation, Inc. -+ -+# This program is free software: you can redistribute it and/or modify -+# it under the terms of the GNU General Public License as published by -+# the Free Software Foundation, either version 3 of the License, or -+# (at your option) any later version. -+ -+# This program is distributed in the hope that it will be useful, -+# but WITHOUT ANY WARRANTY; without even the implied warranty of -+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -+# GNU General Public License for more details. -+ -+# You should have received a copy of the GNU General Public License -+# along with this program. If not, see . -+ -+. "${srcdir=.}/init.sh"; path_prepend_ ../src -+ -+fail=0 -+ -+grep -E '(^| )*(a|b)*(c|d)*( |$)' < /dev/null -+test $? = 1 || fail=1 -+ -+Exit $fail --- -cgit v0.8.3.4 diff --git a/grep.spec b/grep.spec index 34a324b..36be668 100644 --- a/grep.spec +++ b/grep.spec @@ -2,8 +2,8 @@ Summary: Pattern matching utilities Name: grep -Version: 2.8 -Release: 4%{?dist} +Version: 2.9 +Release: 1%{?dist} License: GPLv3+ Group: Applications/Text Source: ftp://ftp.gnu.org/pub/gnu/grep/grep-%{version}.tar.xz @@ -16,8 +16,6 @@ Requires(preun): /sbin/install-info BuildRoot: %(mktemp -ud %{_tmppath}/%{name}-%{version}-%{release}-XXXXXX) BuildRequires: pcre-devel >= 3.9-10, texinfo, gettext BuildRequires: autoconf automake -# dfa: don't overrun a malloc'd buffer for certain regexps (#713328) -Patch0: grep-2.8-dfa-buffer-overrun-fix.patch %description The GNU versions of commonly used grep utilities. Grep searches through @@ -29,8 +27,6 @@ GNU grep is needed by many scripts, so it shall be installed on every system. %prep %setup -q -%patch0 -p1 -b .dfa-buffer-overrun-fix - %build %configure --without-included-regex CPPFLAGS="-I%{_includedir}/pcre" make %{?_smp_mflags} @@ -71,6 +67,10 @@ fi %{_mandir}/*/* %changelog +* Wed Jun 22 2011 Jaroslav Škarvada - 2.9-1 +- New version: grep-2.9 +- Removed dfa-buffer-overrun-fix patch + * Mon Jun 20 2011 Jaroslav Škarvada - 2.8-4 - dfa: don't overrun a malloc'd buffer for certain regexps (patch dfa-buffer-overrun-fix) diff --git a/sources b/sources index 1a1cc07..ee66c1b 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -b59003c42b330bdabd417e00d07102da grep-2.8.tar.xz +25e41b2aa201104354740961ef36005a grep-2.9.tar.xz