[pcre] Fix ovector overflow
Petr Pisar
ppisar at fedoraproject.org
Mon Apr 23 07:54:45 UTC 2012
commit 745a9c808cd2725890c29bc0a8a6eef4d3b8a0d5
Author: Petr Písař <ppisar at redhat.com>
Date: Mon Apr 23 09:34:59 2012 +0200
Fix ovector overflow
pcre-8.30-Fix-ovector-overflow.patch | 71 ++++++++++++++++++++++++++++++++++
pcre.spec | 4 ++
2 files changed, 75 insertions(+), 0 deletions(-)
---
diff --git a/pcre-8.30-Fix-ovector-overflow.patch b/pcre-8.30-Fix-ovector-overflow.patch
new file mode 100644
index 0000000..ce60bf3
--- /dev/null
+++ b/pcre-8.30-Fix-ovector-overflow.patch
@@ -0,0 +1,71 @@
+From 329c0abf511737da0afcb9a8c53ab572c3ebadc3 Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Petr=20P=C3=ADsa=C5=99?= <ppisar at redhat.com>
+Date: Mon, 23 Apr 2012 09:38:46 +0200
+Subject: [PATCH] Fix ovector overflow
+
+Back-port to 8.30:
+
+r963 | ph10 | 2012-04-21 20:06:31 +0200 (So, 21 dub 2012) | 3 lines
+Fix ovector overrun when backreferences need temporary memory and the
+highest block is not used.
+---
+ pcre_exec.c | 2 +-
+ pcretest.c | 1 +
+ testdata/testinput2 | 3 +++
+ testdata/testoutput2 | 5 +++++
+ 4 files changed, 10 insertions(+), 1 deletions(-)
+
+diff --git a/pcre_exec.c b/pcre_exec.c
+index b715353..85e12df 100644
+--- a/pcre_exec.c
++++ b/pcre_exec.c
+@@ -6887,7 +6887,7 @@ if (rc == MATCH_MATCH || rc == MATCH_ACCEPT)
+ {
+ register int *iptr, *iend;
+ int resetcount = 2 + re->top_bracket * 2;
+- if (resetcount > offsetcount) resetcount = ocount;
++ if (resetcount > offsetcount) resetcount = offsetcount;
+ iptr = offsets + md->end_offset_top;
+ iend = offsets + resetcount;
+ while (iptr < iend) *iptr++ = -1;
+diff --git a/pcretest.c b/pcretest.c
+index 1974453..4eee0ed 100644
+--- a/pcretest.c
++++ b/pcretest.c
+@@ -3653,6 +3653,7 @@ while (!done)
+ }
+ use_size_offsets = n;
+ if (n == 0) use_offsets = NULL; /* Ensures it can't write to it */
++ else use_offsets = offsets + size_offsets_max - n; /* To catch overruns */
+ continue;
+
+ case 'P':
+diff --git a/testdata/testinput2 b/testdata/testinput2
+index 5cc61e0..0c746da 100644
+--- a/testdata/testinput2
++++ b/testdata/testinput2
+@@ -3619,4 +3619,7 @@ replaced by single letters. --/
+ /(?=a(*:x))(?=a(*:y)c|)/K+
+ ab
+
++"AB(C(D))(E(F))?(?(?=\2)(?=\4))"
++ ABCDGHI\O03
++
+ /-- End of testinput2 --/
+diff --git a/testdata/testoutput2 b/testdata/testoutput2
+index 90cfa4f..a9093fd 100644
+--- a/testdata/testoutput2
++++ b/testdata/testoutput2
+@@ -12076,4 +12076,9 @@ MK: x
+ 0+ ab
+ MK: x
+
++"AB(C(D))(E(F))?(?(?=\2)(?=\4))"
++ ABCDGHI\O03
++Matched, but too many substrings
++ 0: ABCD
++
+ /-- End of testinput2 --/
+--
+1.7.7.6
+
diff --git a/pcre.spec b/pcre.spec
index 4ddc9b3..d42c024 100644
--- a/pcre.spec
+++ b/pcre.spec
@@ -19,6 +19,8 @@ Patch2: pcre-8.30-Fix-look-behind-assertion-in-UTF-8-JIT-mode.patch
Patch3: pcre-8.30-possesify_sr.patch
# bug #815217, fixed in upstream after 8.30
Patch4: pcre-8.30-possessify_high_ascii.patch
+# Bug #815214, fixed in upstream after 8.30
+Patch5: pcre-8.30-Fix-ovector-overflow.patch
BuildRequires: readline-devel
# New libtool to get rid of rpath
BuildRequires: autoconf, automake, libtool
@@ -61,6 +63,7 @@ Utilities demonstrating PCRE capabilities like pcregrep or pcretest.
%patch2 -p1 -b .lookbehind_assertion
%patch3 -p0 -b .possesify_sr
%patch4 -p0 -b .possessify_high_ascii
+%patch5 -p1 -b .ovector_overflow
# Because of rpath patch
libtoolize --copy --force && autoreconf
# One contributor's name is non-UTF-8
@@ -126,6 +129,7 @@ make check
%changelog
* Mon Apr 23 2012 Petr Pisar <ppisar at redhat.com> - 8.30-5
- Possessify high ASCII (bug #815217)
+- Fix ovector overflow (bug #815214)
* Fri Apr 20 2012 Petr Pisar <ppisar at redhat.com> - 8.30-4
- Possesify \s*\R (bug #813237)
More information about the scm-commits
mailing list