Apply patches to fix CVE-2008-0171 in boost-headers and boost-libs.

This is a fix for a possible DoS when using Boost.Regex in an application.

Note that the fix goes into a header, so all applications that use
Boost.Regex may be affected by the problem and need to be rebuilt.

3 files changed, 66 insertions, 1 deletions

diff --git a/meta-pkgs/boost/distinfo b/meta-pkgs/boost/distinfo
index 5e09483305f..9f02070cf72 100644
--- a/meta-pkgs/boost/distinfo
+++ b/meta-pkgs/boost/distinfo
@@ -1,4 +1,4 @@
-$NetBSD: distinfo,v 1.11 2008/01/04 19:58:41 jmmv Exp $
+$NetBSD: distinfo,v 1.12 2008/04/28 21:35:25 jmmv Exp $
 
 SHA1 (boost_1_34_1.tar.bz2) = b771271d5cbd3bdb0f119dd66dfd36bad7a66866
 RMD160 (boost_1_34_1.tar.bz2) = 303327ff852bc19dd7a94657fdef3c56f5882e06
@@ -12,3 +12,5 @@ SHA1 (patch-al) = 23756770d17d7958b0b9423e379fe0a1a2dd83f8
 SHA1 (patch-am) = 07f1e1e15d4129c7a8762ad2e81632fdd24e9515
 SHA1 (patch-an) = 91887a9a37e9d891252e0556ee40b58a1c6bc6cf
 SHA1 (patch-ao) = a8499a326f72c9fbfd31f0b0f23014729a2a0dae
+SHA1 (patch-r42674) = f115b4ae5ab3e184d711a9d8968f3a435249e5f3
+SHA1 (patch-r42745) = 432417b0ad4944c9da9f68cf2e855d91c698c4f6
diff --git a/meta-pkgs/boost/patches/patch-r42674 b/meta-pkgs/boost/patches/patch-r42674
new file mode 100644
index 00000000000..b176221603f
--- /dev/null
+++ b/meta-pkgs/boost/patches/patch-r42674
@@ -0,0 +1,50 @@
+$NetBSD: patch-r42674,v 1.1 2008/04/28 21:35:25 jmmv Exp $

+

+Fix for CVE-2008-0171.  Patch from Boost's svn repository, r42674.

+

+--- boost/regex/v4/basic_regex_parser.hpp (revision 38864)

++++ boost/regex/v4/basic_regex_parser.hpp (revision 42674)

+@@ -785,4 +785,5 @@

+       case syntax_element_jump:

+       case syntax_element_startmark:

++      case syntax_element_backstep:

+          // can't legally repeat any of the above:

+          fail(regex_constants::error_badrepeat, m_position - m_base);

+@@ -1870,4 +1871,5 @@

+    {

+       re_syntax_base* b = this->getaddress(expected_alt_point);

++      // Make sure we have exactly one alternative following this state:

+       if(b->type != syntax_element_alt)

+       {

+@@ -1878,4 +1880,13 @@

+       {

+          fail(regex_constants::error_bad_pattern, m_position - m_base);

++         return false;

++      }

++      // check for invalid repetition of next state:

++      b = this->getaddress(expected_alt_point);

++      b = this->getaddress(static_cast<re_alt*>(b)->next.i, b);

++      if((b->type != syntax_element_assert_backref)

++         && (b->type != syntax_element_startmark))

++      {

++         fail(regex_constants::error_badrepeat, m_position - m_base);

+          return false;

+       }

+--- libs/regex/test/regress/test_perl_ex.cpp (revision 30980)

++++ libs/regex/test/regress/test_perl_ex.cpp (revision 42674)

+@@ -122,4 +122,15 @@

+    TEST_INVALID_REGEX("(?:(a)|b)(?(?<", perl);

+    TEST_INVALID_REGEX("(?:(a)|b)(?(?<a", perl);

++

++   TEST_INVALID_REGEX("(?(?!#?)+)", perl);

++   TEST_INVALID_REGEX("(?(?=:-){0})", perl);

++   TEST_INVALID_REGEX("(?(123){1})", perl);

++   TEST_INVALID_REGEX("(?(?<=A)*)", perl);

++   TEST_INVALID_REGEX("(?(?<=A)+)", perl);

++

++   TEST_INVALID_REGEX("(?<!*|^)", perl);

++   TEST_INVALID_REGEX("(?<!*|A)", perl);

++   TEST_INVALID_REGEX("(?<=?|A)", perl);

++   TEST_INVALID_REGEX("(?<=*|\B)", perl);

+ }

+ 

diff --git a/meta-pkgs/boost/patches/patch-r42745 b/meta-pkgs/boost/patches/patch-r42745
new file mode 100644
index 00000000000..2944354b281
--- /dev/null
+++ b/meta-pkgs/boost/patches/patch-r42745
@@ -0,0 +1,13 @@
+$NetBSD: patch-r42745,v 1.1 2008/04/28 21:35:25 jmmv Exp $

+

+Fix for CVE-2008-0171.  Patch from Boost's svn repository, r42745.

+

+--- libs/regex/test/regress/test_perl_ex.cpp (revision 42674)

++++ libs/regex/test/regress/test_perl_ex.cpp (revision 42745)

+@@ -132,5 +132,5 @@

+    TEST_INVALID_REGEX("(?<!*|A)", perl);

+    TEST_INVALID_REGEX("(?<=?|A)", perl);

+-   TEST_INVALID_REGEX("(?<=*|\B)", perl);

++   TEST_INVALID_REGEX("(?<=*|\\B)", perl);

+ }

+