diff --git a/SOURCES/pcre2-10.32-Fix-crash-when-X-is-used-without-UTF-in-JIT.patch b/SOURCES/pcre2-10.32-Fix-crash-when-X-is-used-without-UTF-in-JIT.patch new file mode 100644 index 0000000..c4232e8 --- /dev/null +++ b/SOURCES/pcre2-10.32-Fix-crash-when-X-is-used-without-UTF-in-JIT.patch @@ -0,0 +1,45 @@ +From 01d8a82b6333fac75799f475e1d543c2ba6d6744 Mon Sep 17 00:00:00 2001 +From: ph10 +Date: Mon, 13 May 2019 16:26:17 +0000 +Subject: [PATCH] Fix crash when \X is used without UTF in JIT. +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +git-svn-id: svn://vcs.exim.org/pcre2/code/trunk@1091 6239d852-aaf2-0410-a92c-79f79f948069 +Petr Písař: Ported to 10.32. + +Signed-off-by: Petr Písař +--- + testdata/testinput4 | 3 +++ + testdata/testoutput4 | 4 ++++ + 2 files changed, 7 insertions(+) + +diff --git a/testdata/testinput4 b/testdata/testinput4 +index a27b6af..8592666 100644 +--- a/testdata/testinput4 ++++ b/testdata/testinput4 +@@ -2318,4 +2318,7 @@ + /[^\x{100}-\x{ffff}]*[\x80-\xff]/i,utf + \x{99}\x{99}\x{99} + ++/\X*/ ++ \xF3aaa\xE4\xEA\xEB\xFEa ++ + # End of testinput4 +diff --git a/testdata/testoutput4 b/testdata/testoutput4 +index ba3df37..0291149 100644 +--- a/testdata/testoutput4 ++++ b/testdata/testoutput4 +@@ -3742,4 +3742,8 @@ No match + \x{99}\x{99}\x{99} + 0: \x{99}\x{99}\x{99} + ++/\X*/ ++ \xF3aaa\xE4\xEA\xEB\xFEa ++ 0: \xf3aaa\xe4\xea\xeb\xfea ++ + # End of testinput4 +-- +2.20.1 + diff --git a/SOURCES/pcre2-10.32-Forgot-this-file-in-previous-commit.-Fixes-JIT-non-U.patch b/SOURCES/pcre2-10.32-Forgot-this-file-in-previous-commit.-Fixes-JIT-non-U.patch new file mode 100644 index 0000000..e18e0af --- /dev/null +++ b/SOURCES/pcre2-10.32-Forgot-this-file-in-previous-commit.-Fixes-JIT-non-U.patch @@ -0,0 +1,35 @@ +From 79fb8db65fa27070aac6dde8d6d468306ab6b9a9 Mon Sep 17 00:00:00 2001 +From: ph10 +Date: Mon, 13 May 2019 16:38:18 +0000 +Subject: [PATCH] Forgot this file in previous commit. Fixes JIT non-UTF bug. +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +git-svn-id: svn://vcs.exim.org/pcre2/code/trunk@1092 6239d852-aaf2-0410-a92c-79f79f948069 +Petr Písař: Ported to 10.32. + +Signed-off-by: Petr Písař +--- + src/pcre2_jit_compile.c | 5 ++++- + 1 file changed, 4 insertions(+), 1 deletion(-) + +diff --git a/src/pcre2_jit_compile.c b/src/pcre2_jit_compile.c +index 3cd3891..100b63c 100644 +--- a/src/pcre2_jit_compile.c ++++ b/src/pcre2_jit_compile.c +@@ -7288,7 +7288,10 @@ int lgb, rgb, ricount; + PCRE2_SPTR bptr; + uint32_t c; + +-GETCHARINC(c, cc); ++/* Patch by PH */ ++/* GETCHARINC(c, cc); */ ++ ++c = *cc++; + lgb = UCD_GRAPHBREAK(c); + + while (cc < end_subject) +-- +2.20.1 + diff --git a/SPECS/pcre2.spec b/SPECS/pcre2.spec index 743aabe..df3f0aa 100644 --- a/SPECS/pcre2.spec +++ b/SPECS/pcre2.spec @@ -9,7 +9,7 @@ #%%global rcversion RC1 Name: pcre2 Version: 10.32 -Release: %{?rcversion:0.}1%{?rcversion:.%rcversion}%{?dist} +Release: %{?rcversion:0.}2%{?rcversion:.%rcversion}%{?dist} %global myversion %{version}%{?rcversion:-%rcversion} Summary: Perl-compatible regular expression library # the library: BSD with exceptions @@ -62,6 +62,12 @@ Patch3: pcre2-10.32-Fix-zero-repeated-subroutine-call-at-start-of-patter.pat # Fix heap limit checking overflow in pcre2_dfa_match(), upstream bug #2334, # bug#1628200, in upstream after 10.32 Patch4: pcre2-10.32-Fix-heap-limit-checking-overflow-bug-in-pcre2_dfa_ma.patch +# 1/2 Fix CVE-2019-20454 (a crash when \X is used without UTF mode in a JIT), +# upstream bug #2399, bug #1734468, in upstream after 10.33 +Patch5: pcre2-10.32-Fix-crash-when-X-is-used-without-UTF-in-JIT.patch +# 2/2 Fix CVE-2019-20454 (a crash when \X is used without UTF mode in a JIT), +# upstream bug #2399, bug #1734468, in upstream after 10.33 +Patch6: pcre2-10.32-Forgot-this-file-in-previous-commit.-Fixes-JIT-non-U.patch BuildRequires: autoconf BuildRequires: automake BuildRequires: coreutils @@ -142,6 +148,8 @@ Utilities demonstrating PCRE2 capabilities like pcre2grep or pcre2test. %patch2 -p1 %patch3 -p1 %patch4 -p1 +%patch5 -p1 +%patch6 -p1 # Because of multilib patch libtoolize --copy --force autoreconf -vif @@ -243,6 +251,10 @@ make %{?_smp_mflags} check VERBOSE=yes %{_mandir}/man1/pcre2test.* %changelog +* Mon May 13 2019 Petr Pisar - 10.32-2 +- Fix CVE-2019-20454 (a crash when \X is used without UTF mode in a JIT) + (bug #1734468) + * Fri Dec 07 2018 Petr Pisar - 10.32-1 - 10.32 bump (bug #1628200) - Fix a subject buffer overread in JIT when UTF is disabled and \X or \R has