[pcre/f17] Fix ovector overflow
Petr Pisar
ppisar at fedoraproject.org
Mon Apr 23 08:41:08 UTC 2012
commit b57dd1cfa2c2556e3a1f444f186f4c3ab21bd1e3
Author: Petr Písař <ppisar at redhat.com>
Date: Mon Apr 23 09:34:59 2012 +0200
Fix ovector overflow
pcre-8.21-Fix-ovector-overflow.patch | 71 ++++++++++++++++++++++++++++++++++
pcre.spec | 4 ++
2 files changed, 75 insertions(+), 0 deletions(-)
---
diff --git a/pcre-8.21-Fix-ovector-overflow.patch b/pcre-8.21-Fix-ovector-overflow.patch
new file mode 100644
index 0000000..ec0d823
--- /dev/null
+++ b/pcre-8.21-Fix-ovector-overflow.patch
@@ -0,0 +1,71 @@
+From 4fe8af811700836b5e1806af5d9259b6491cd49d Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Petr=20P=C3=ADsa=C5=99?= <ppisar at redhat.com>
+Date: Mon, 23 Apr 2012 09:38:46 +0200
+Subject: [PATCH] Fix ovector overflow
+
+Back-port to 8.21:
+
+r963 | ph10 | 2012-04-21 20:06:31 +0200 (So, 21 dub 2012) | 3 lines
+Fix ovector overrun when backreferences need temporary memory and the
+highest block is not used.
+---
+ pcre_exec.c | 2 +-
+ pcretest.c | 1 +
+ testdata/testinput2 | 3 +++
+ testdata/testoutput2 | 5 +++++
+ 4 files changed, 10 insertions(+), 1 deletions(-)
+
+diff --git a/pcre_exec.c b/pcre_exec.c
+index a7cec30..7266e3a 100644
+--- a/pcre_exec.c
++++ b/pcre_exec.c
+@@ -6601,7 +6601,7 @@ if (rc == MATCH_MATCH || rc == MATCH_ACCEPT)
+ {
+ register int *iptr, *iend;
+ int resetcount = 2 + re->top_bracket * 2;
+- if (resetcount > offsetcount) resetcount = ocount;
++ if (resetcount > offsetcount) resetcount = offsetcount;
+ iptr = offsets + md->end_offset_top;
+ iend = offsets + resetcount;
+ while (iptr < iend) *iptr++ = -1;
+diff --git a/pcretest.c b/pcretest.c
+index 1371552..1130e2d 100644
+--- a/pcretest.c
++++ b/pcretest.c
+@@ -2558,6 +2558,7 @@ while (!done)
+ }
+ use_size_offsets = n;
+ if (n == 0) use_offsets = NULL; /* Ensures it can't write to it */
++ else use_offsets = offsets + size_offsets_max - n; /* To catch overruns */
+ continue;
+
+ case 'P':
+diff --git a/testdata/testinput2 b/testdata/testinput2
+index 0c5d840..86e068a 100644
+--- a/testdata/testinput2
++++ b/testdata/testinput2
+@@ -3894,4 +3894,7 @@ replaced by single letters. --/
+ /^a(*:X)bcde/K
+ abc\P
+
++"AB(C(D))(E(F))?(?(?=\2)(?=\4))"
++ ABCDGHI\O03
++
+ /-- End of testinput2 --/
+diff --git a/testdata/testoutput2 b/testdata/testoutput2
+index e2cecc3..e3d1716 100644
+--- a/testdata/testoutput2
++++ b/testdata/testoutput2
+@@ -12442,4 +12442,9 @@ No match, mark = m
+ abc\P
+ Partial match, mark=X: abc
+
++"AB(C(D))(E(F))?(?(?=\2)(?=\4))"
++ ABCDGHI\O03
++Matched, but too many substrings
++ 0: ABCD
++
+ /-- End of testinput2 --/
+--
+1.7.7.6
+
diff --git a/pcre.spec b/pcre.spec
index fae8850..9d92f1e 100644
--- a/pcre.spec
+++ b/pcre.spec
@@ -23,6 +23,8 @@ Patch4: pcre-8.21-Fix-look-behind-assertion-in-UTF-8-JIT-mode.patch
Patch5: pcre-8.30-possesify_sr.patch
# bug #815217, fixed in upstream after 8.30
Patch6: pcre-8.21-Possessify-high-ASCII.patch
+# Bug #815214, fixed in upstream after 8.30
+Patch7: pcre-8.21-Fix-ovector-overflow.patch
BuildRequires: readline-devel
# New libtool to get rid of rpath
BuildRequires: autoconf, automake, libtool
@@ -68,6 +70,7 @@ libtoolize --copy --force && autoreconf
%patch4 -p1 -b .lookbehind_assertion
%patch5 -p0 -b .possesify_sr
%patch6 -p1 -b .possessify_high_ascii
+%patch7 -p1 -b .ovector_overflow
# One contributor's name is non-UTF-8
for F in ChangeLog; do
iconv -f latin1 -t utf8 "$F" >"${F}.utf8"
@@ -140,6 +143,7 @@ make check
%changelog
* Mon Apr 23 2012 Petr Pisar <ppisar at redhat.com> - 8.21-5
- Possessify high ASCII (bug #815217)
+- Fix ovector overflow (bug #815214)
* Fri Apr 20 2012 Petr Pisar <ppisar at redhat.com> - 8.21-4
- Possesify \s*\R (bug #813237)
More information about the scm-commits
mailing list