Fix for CVE-2016-3191 from

http://vcs.pcre.org/pcre?view=revision&revision=1631
author: tez <tez@pkgsrc.org> 2016-03-22 19:38:15 +0000
committer: tez <tez@pkgsrc.org> 2016-03-22 19:38:15 +0000
commit: c1494c69b804367d508f1a69e4e035242815b969 (patch)
tree: 33eb647831a11f0fd3ea80dc0554f03d98b0d794 /devel/pcre
parent: 17786722741d9f60a93efa70f2a947215d3a68b5 (diff)
download: pkgsrc-c1494c69b804367d508f1a69e4e035242815b969.tar.gz
5 files changed, 114 insertions, 7 deletions
diff --git a/devel/pcre/Makefile b/devel/pcre/Makefile
index 2887c79d386..12cb348f31b 100644
--- a/devel/pcre/Makefile
+++ b/devel/pcre/Makefile
@@ -1,7 +1,7 @@
-# $NetBSD: Makefile,v 1.78 2016/03/18 21:25:10 tez Exp $
+# $NetBSD: Makefile,v 1.79 2016/03/22 19:38:15 tez Exp $
 
 DISTNAME=	pcre-8.38
-PKGREVISION=	1
+PKGREVISION=	2
 
 CATEGORIES=	devel
 MASTER_SITES=	ftp://ftp.csx.cam.ac.uk/pub/software/programming/pcre/ \
diff --git a/devel/pcre/distinfo b/devel/pcre/distinfo
index 93c5fb991e2..d51b2d5cc15 100644
--- a/devel/pcre/distinfo
+++ b/devel/pcre/distinfo
@@ -1,4 +1,4 @@
-$NetBSD: distinfo,v 1.59 2016/03/18 21:25:10 tez Exp $
+$NetBSD: distinfo,v 1.60 2016/03/22 19:38:15 tez Exp $
 
 SHA1 (pcre-8.38.tar.bz2) = ae84e3b3ef0764788ce33b1adeff1add938126e1
 RMD160 (pcre-8.38.tar.bz2) = eba6da5ef34780f63f8b96c60bd70ac197df3b52
@@ -7,4 +7,6 @@ Size (pcre-8.38.tar.bz2) = 1562265 bytes
 SHA1 (patch-aa) = ed20cfb5ca7b1e620e368c8e41a7f691d6f93282
 SHA1 (patch-ab) = 0b8fbde09c27e2716e5bfa32abce8ee4a79fb7fb
 SHA1 (patch-doc_pcredemo.3) = 90f9b3a021f58973149d839735d40c5e2e245912
-SHA1 (patch-pcre_compile.c) = a901b33130bc421eb16883cc2de959b452e13840
+SHA1 (patch-pcre_compile.c) = 71ab3ebc517dc7c1fe74c447e0c2b1391c1403c7
+SHA1 (patch-pcre_internal.h) = 0005aded75cb7e68e1a271ed6f64174a5343c94b
+SHA1 (patch-pcreposix.c) = 39ed9f8eb3fba1de64cbeae1fd8ff7ea88a383e2
diff --git a/devel/pcre/patches/patch-pcre_compile.c b/devel/pcre/patches/patch-pcre_compile.c
index 62b62de1717..4907cc5c601 100644
--- a/devel/pcre/patches/patch-pcre_compile.c
+++ b/devel/pcre/patches/patch-pcre_compile.c
@@ -1,11 +1,65 @@
-$NetBSD: patch-pcre_compile.c,v 1.1 2016/03/18 21:25:10 tez Exp $
+$NetBSD: patch-pcre_compile.c,v 1.2 2016/03/22 19:38:15 tez Exp $
 
 Fix for CVE-2016-1283 from
  http://vcs.pcre.org/pcre?view=revision&revision=1636
 
---- pcre_compile.c.orig	2016-03-18 21:00:47.095736300 +0000
+Fix for CVE-2016-3191 from
+ http://vcs.pcre.org/pcre?view=revision&revision=1631
+
+--- pcre_compile.c.orig	2015-11-23 12:37:21.000000000 +0000
 +++ pcre_compile.c
-@@ -7274,7 +7274,12 @@ for (;; ptr++)
+@@ -6,7 +6,7 @@
+ and semantics are as close as possible to those of the Perl 5 language.
+ 
+                        Written by Philip Hazel
+-           Copyright (c) 1997-2014 University of Cambridge
++           Copyright (c) 1997-2016 University of Cambridge
+ 
+ -----------------------------------------------------------------------------
+ Redistribution and use in source and binary forms, with or without
+@@ -560,6 +560,7 @@ static const char error_texts[] =
+   /* 85 */
+   "parentheses are too deeply nested (stack check)\0"
+   "digits missing in \\x{} or \\o{}\0"
++  "regular expression is too complicated\0"
+   ;
+ 
+ /* Table to identify digits and hex digits. This is used when compiling
+@@ -4591,7 +4592,8 @@ for (;; ptr++)
+     if (code > cd->start_workspace + cd->workspace_size -
+         WORK_SIZE_SAFETY_MARGIN)                       /* Check for overrun */
+       {
+-      *errorcodeptr = ERR52;
++      *errorcodeptr = (code >= cd->start_workspace + cd->workspace_size)?
++       ERR52 : ERR87;
+       goto FAILED;
+       }
+ 
+@@ -6604,8 +6606,21 @@ for (;; ptr++)
+             cd->had_accept = TRUE;
+             for (oc = cd->open_caps; oc != NULL; oc = oc->next)
+               {
+-              *code++ = OP_CLOSE;
+-              PUT2INC(code, 0, oc->number);
++              if (lengthptr != NULL)
++                {
++#ifdef COMPILE_PCRE8
++                *lengthptr += 1 + IMM2_SIZE;
++#elif defined COMPILE_PCRE16
++                *lengthptr += 2 + IMM2_SIZE;
++#elif defined COMPILE_PCRE32
++                *lengthptr += 4 + IMM2_SIZE;
++#endif
++                }
++              else
++                {
++                *code++ = OP_CLOSE;
++                PUT2INC(code, 0, oc->number);
++                }
+               }
+             setverb = *code++ =
+               (cd->assert_depth > 0)? OP_ASSERT_ACCEPT : OP_ACCEPT;
+@@ -7274,7 +7289,12 @@ for (;; ptr++)
            so far in order to get the number. If the name is not found, leave
            the value of recno as 0 for a forward reference. */
  
diff --git a/devel/pcre/patches/patch-pcre_internal.h b/devel/pcre/patches/patch-pcre_internal.h
new file mode 100644
index 00000000000..00a6da49e1b
--- /dev/null
+++ b/devel/pcre/patches/patch-pcre_internal.h
@@ -0,0 +1,25 @@
+$NetBSD: patch-pcre_internal.h,v 1.1 2016/03/22 19:38:15 tez Exp $
+
+Fix for CVE-2016-3191 from
+ http://vcs.pcre.org/pcre?view=revision&revision=1631
+
+--- pcre_internal.h.orig	2016-03-22 19:14:14.468718400 +0000
++++ pcre_internal.h
+@@ -7,7 +7,7 @@
+ and semantics are as close as possible to those of the Perl 5 language.
+ 
+                        Written by Philip Hazel
+-           Copyright (c) 1997-2014 University of Cambridge
++           Copyright (c) 1997-2016 University of Cambridge
+ 
+ -----------------------------------------------------------------------------
+ Redistribution and use in source and binary forms, with or without
+@@ -2289,7 +2289,7 @@ enum { ERR0,  ERR1,  ERR2,  ERR3,  ERR4,
+        ERR50, ERR51, ERR52, ERR53, ERR54, ERR55, ERR56, ERR57, ERR58, ERR59,
+        ERR60, ERR61, ERR62, ERR63, ERR64, ERR65, ERR66, ERR67, ERR68, ERR69,
+        ERR70, ERR71, ERR72, ERR73, ERR74, ERR75, ERR76, ERR77, ERR78, ERR79,
+-       ERR80, ERR81, ERR82, ERR83, ERR84, ERR85, ERR86, ERRCOUNT };
++       ERR80, ERR81, ERR82, ERR83, ERR84, ERR85, ERR86, ERR87, ERRCOUNT };
+ 
+ /* JIT compiling modes. The function list is indexed by them. */
+ 
diff --git a/devel/pcre/patches/patch-pcreposix.c b/devel/pcre/patches/patch-pcreposix.c
new file mode 100644
index 00000000000..4b5c03c4acf
--- /dev/null
+++ b/devel/pcre/patches/patch-pcreposix.c
@@ -0,0 +1,26 @@
+$NetBSD: patch-pcreposix.c,v 1.1 2016/03/22 19:38:15 tez Exp $
+
+Fix for CVE-2016-3191 from
+ http://vcs.pcre.org/pcre?view=revision&revision=1631
+
+--- pcreposix.c.orig	2016-03-22 19:29:47.648202900 +0000
++++ pcreposix.c
+@@ -6,7 +6,7 @@
+ and semantics are as close as possible to those of the Perl 5 language.
+ 
+                        Written by Philip Hazel
+-           Copyright (c) 1997-2014 University of Cambridge
++           Copyright (c) 1997-2016 University of Cambridge
+ 
+ -----------------------------------------------------------------------------
+ Redistribution and use in source and binary forms, with or without
+@@ -173,7 +173,8 @@ static const int eint[] = {
+   REG_BADPAT,  /* group name must start with a non-digit */
+   /* 85 */
+   REG_BADPAT,  /* parentheses too deeply nested (stack check) */
+-  REG_BADPAT   /* missing digits in \x{} or \o{} */
++  REG_BADPAT,  /* missing digits in \x{} or \o{} */
++  REG_BADPAT   /* pattern too complicated */
+ };
+ 
+ /* Table of texts corresponding to POSIX error codes */
author	tez <tez@pkgsrc.org>	2016-03-22 19:38:15 +0000
committer	tez <tez@pkgsrc.org>	2016-03-22 19:38:15 +0000
commit	c1494c69b804367d508f1a69e4e035242815b969 (patch)
tree	33eb647831a11f0fd3ea80dc0554f03d98b0d794 /devel/pcre
parent	17786722741d9f60a93efa70f2a947215d3a68b5 (diff)
download	pkgsrc-c1494c69b804367d508f1a69e4e035242815b969.tar.gz