[clucene09] Fix strcpy on overlapping areas and another unterminated buffer
Kevin Kofler
kkofler at fedoraproject.org
Sat Oct 25 21:59:07 UTC 2014
commit 7dfbc56cb88c79a1d8454be5224718eb872a86c9
Author: Kevin Kofler <Kevin at tigcc.ticalc.org>
Date: Sat Oct 25 23:59:02 2014 +0200
Fix strcpy on overlapping areas and another unterminated buffer
clucene-core-0.9.21b-fix-unescaping.patch | 37 ++++++++++++++++++++++++++++-
clucene09.spec | 4 +-
2 files changed, 38 insertions(+), 3 deletions(-)
---
diff --git a/clucene-core-0.9.21b-fix-unescaping.patch b/clucene-core-0.9.21b-fix-unescaping.patch
index 48aef1b..4278ff8 100644
--- a/clucene-core-0.9.21b-fix-unescaping.patch
+++ b/clucene-core-0.9.21b-fix-unescaping.patch
@@ -1,6 +1,6 @@
diff -ur clucene-core-0.9.21b/src/CLucene/queryParser/Lexer.cpp clucene-core-0.9.21b-fix-unescaping/src/CLucene/queryParser/Lexer.cpp
--- clucene-core-0.9.21b/src/CLucene/queryParser/Lexer.cpp 2008-10-23 19:44:35.000000000 +0200
-+++ clucene-core-0.9.21b-fix-unescaping/src/CLucene/queryParser/Lexer.cpp 2014-10-25 22:59:57.000000000 +0200
++++ clucene-core-0.9.21b-fix-unescaping/src/CLucene/queryParser/Lexer.cpp 2014-10-25 23:43:21.000000000 +0200
@@ -354,6 +354,7 @@
TCHAR ch = prev;
int bp=0;
@@ -9,3 +9,38 @@ diff -ur clucene-core-0.9.21b/src/CLucene/queryParser/Lexer.cpp clucene-core-0.9
ch = reader->GetNext();
int32_t idx = _tcscspn( buf, _T("\\+-!():^[]{}\"~*") );
+diff -ur clucene-core-0.9.21b/src/CLucene/queryParser/QueryParserBase.cpp clucene-core-0.9.21b-fix-unescaping/src/CLucene/queryParser/QueryParserBase.cpp
+--- clucene-core-0.9.21b/src/CLucene/queryParser/QueryParserBase.cpp 2008-10-23 19:44:35.000000000 +0200
++++ clucene-core-0.9.21b-fix-unescaping/src/CLucene/queryParser/QueryParserBase.cpp 2014-10-25 23:57:30.000000000 +0200
+@@ -14,6 +14,8 @@
+ #include "CLucene/search/WildcardQuery.h"
+ #include "CLucene/search/PrefixQuery.h"
+
++#include <cstring>
++
+
+ CL_NS_USE(search)
+ CL_NS_USE(util)
+@@ -44,7 +46,9 @@
+ int j = 0;
+ for (int i = 0; i < len; i++) {
+ if (source[i] == '\\' && source[i+1] != '\0' ) {
+- _tcscpy(source+i,source+i+1);
++ // move from i+1 to len+1 (terminating 0)
++ // i.e. (len+1)-i = len-i+1 characters
++ std::memmove(source+i,source+i+1,(len-i+1)*sizeof(TCHAR));
+ len--;
+ }
+ }
+diff -ur clucene-core-0.9.21b/src/CLucene/queryParser/QueryToken.cpp clucene-core-0.9.21b-fix-unescaping/src/CLucene/queryParser/QueryToken.cpp
+--- clucene-core-0.9.21b/src/CLucene/queryParser/QueryToken.cpp 2008-10-23 19:44:35.000000000 +0200
++++ clucene-core-0.9.21b-fix-unescaping/src/CLucene/queryParser/QueryToken.cpp 2014-10-25 23:43:35.000000000 +0200
+@@ -57,7 +57,7 @@
+ Value = STRDUP_TtoT(value);
+ #else
+ _tcsncpy(Value,value,LUCENE_TOKEN_WORD_LENGTH);
+- Value[LUCENE_TOKEN_WORD_LENGTH];
++ Value[LUCENE_TOKEN_WORD_LENGTH] = 0;
+ #endif
+ this->Start = start;
+ this->End = end;
diff --git a/clucene09.spec b/clucene09.spec
index 89e6aa8..6eb67e8 100644
--- a/clucene09.spec
+++ b/clucene09.spec
@@ -21,7 +21,7 @@ Patch3: clucene-core-0.9.21b-fix-soversion.patch
# make tests always verbose
Patch4: clucene-core-0.9.21b-verbose-tests.patch
-# fix uninitialized read in Lexer::ReadEscape
+# fix strcpy on overlapping areas and 2 unterminated buffers
Patch5: clucene-core-0.9.21b-fix-unescaping.patch
%description
@@ -127,7 +127,7 @@ rm -rf $RPM_BUILD_ROOT
- Bump soversion to 3.0.1, as apparently intended by upstream to begin with
- Better GCC 4.8 fix, works with refcount without adding throwspecs everywhere
- Make tests always verbose
-- Fix uninitialized read in Lexer::ReadEscape
+- Fix strcpy on overlapping areas and 2 unterminated buffers
* Sat Aug 16 2014 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 0.9.21b-10
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild
More information about the scm-commits
mailing list