diff options
author | ginsbach <ginsbach@pkgsrc.org> | 2018-05-30 16:03:48 +0000 |
---|---|---|
committer | ginsbach <ginsbach@pkgsrc.org> | 2018-05-30 16:03:48 +0000 |
commit | ce9f01dffda7766492926391f138eaf9e3b9981d (patch) | |
tree | 9bd758b40a455c9777954b31f0819d7be0bb2e36 /devel/jq | |
parent | 8c53aec61c11899b1e69a68e01b09797c6a517b4 (diff) | |
download | pkgsrc-ce9f01dffda7766492926391f138eaf9e3b9981d.tar.gz |
CVE-2016-4074 denial-of-service (via upstream)
Fix present in jq-1.6rc1 (https://github.com/stedolan/jq/commit/83e2cf6).
The fix prevents 'infinite' recursion preventing stack exhaustion.
Diffstat (limited to 'devel/jq')
-rw-r--r-- | devel/jq/Makefile | 4 | ||||
-rw-r--r-- | devel/jq/distinfo | 3 | ||||
-rw-r--r-- | devel/jq/patches/patch-src_jv__print.c | 41 |
3 files changed, 45 insertions, 3 deletions
diff --git a/devel/jq/Makefile b/devel/jq/Makefile index 10261a1a315..fc87e30d9a5 100644 --- a/devel/jq/Makefile +++ b/devel/jq/Makefile @@ -1,7 +1,7 @@ -# $NetBSD: Makefile,v 1.14 2018/03/22 08:14:52 adam Exp $ +# $NetBSD: Makefile,v 1.15 2018/05/30 16:03:48 ginsbach Exp $ DISTNAME= jq-1.5 -PKGREVISION= 3 +PKGREVISION= 4 CATEGORIES= devel MASTER_SITES= ${MASTER_SITE_GITHUB:=stedolan/} diff --git a/devel/jq/distinfo b/devel/jq/distinfo index a2ee386d11b..13bdbe8b5f2 100644 --- a/devel/jq/distinfo +++ b/devel/jq/distinfo @@ -1,4 +1,4 @@ -$NetBSD: distinfo,v 1.8 2018/01/15 08:51:55 adam Exp $ +$NetBSD: distinfo,v 1.9 2018/05/30 16:03:48 ginsbach Exp $ SHA1 (jq-1.5.tar.gz) = 664638b560d9e734178e8cafb21d98817af5b5f3 RMD160 (jq-1.5.tar.gz) = 33ac77ac93e0539f6d66d29cd717013cdab8cf61 @@ -6,3 +6,4 @@ SHA512 (jq-1.5.tar.gz) = 3f9049321e8430b04dbccf81d7f2ab691b89383e91526eaf585bbee Size (jq-1.5.tar.gz) = 1118086 bytes SHA1 (patch-Makefile.in) = 446be0fa3517fb6fc1e2f5761d1f8fb28339c79c SHA1 (patch-src_jv__parse.c) = efca86e70daf27291a01bf538487b745b7bd600c +SHA1 (patch-src_jv__print.c) = 4d53dc1a1f0bb1cc827dd1adb62ecef2b7393970 diff --git a/devel/jq/patches/patch-src_jv__print.c b/devel/jq/patches/patch-src_jv__print.c new file mode 100644 index 00000000000..3dfd543f8ae --- /dev/null +++ b/devel/jq/patches/patch-src_jv__print.c @@ -0,0 +1,41 @@ +$NetBSD: patch-src_jv__print.c,v 1.1 2018/05/30 16:03:48 ginsbach Exp $ + +CVE-2016-4074 + +From 83e2cf607f3599d208b6b3129092fa7deb2e5292 Mon Sep 17 00:00:00 2001 +From: W-Mark Kubacki <wmark@hurrikane.de> +Date: Fri, 19 Aug 2016 19:50:39 +0200 +Subject: [PATCH] Skip printing what's below a MAX_PRINT_DEPTH + +This addresses #1136, and mitigates a stack exhaustion when printing +a very deeply nested term. +--- + src/jv_print.c | 8 +++++++- + 1 file changed, 7 insertions(+), 1 deletion(-) + +diff --git a/src/jv_print.c b/src/jv_print.c +index 5f4f234b..ce4a59af 100644 +--- jv_print.c ++++ jv_print.c +@@ -13,6 +13,10 @@ + #include "jv_dtoa.h" + #include "jv_unicode.h" + ++#ifndef MAX_PRINT_DEPTH ++#define MAX_PRINT_DEPTH (256) ++#endif ++ + #define ESC "\033" + #define COL(c) (ESC "[" c "m") + #define COLRESET (ESC "[0m") +@@ -150,7 +154,9 @@ static void jv_dump_term(struct dtoa_context* C, jv x, int flags, int indent, FI + } + } + } +- switch (jv_get_kind(x)) { ++ if (indent > MAX_PRINT_DEPTH) { ++ put_str("<skipped: too deep>", F, S, flags & JV_PRINT_ISATTY); ++ } else switch (jv_get_kind(x)) { + default: + case JV_KIND_INVALID: + if (flags & JV_PRINT_INVALID) { |