diff options
author | drochner <drochner> | 2008-03-20 17:07:54 +0000 |
---|---|---|
committer | drochner <drochner> | 2008-03-20 17:07:54 +0000 |
commit | ecbc627543919ea7fa9e3ce4863359a26eb1cd09 (patch) | |
tree | 1df9dd1aef8e3ec37b83c97cec7949f6d6d46b79 /textproc/icu/patches/patch-be | |
parent | 8900c3a19767bcb16a717dba12d900106868f113 (diff) | |
download | pkgsrc-ecbc627543919ea7fa9e3ce4863359a26eb1cd09.tar.gz |
fix RE vulnerabilities (CVE-2007-(4770|4771)), patch from redhat
via Gentoo bug #208001,
bump PKGREVISION
Diffstat (limited to 'textproc/icu/patches/patch-be')
-rw-r--r-- | textproc/icu/patches/patch-be | 56 |
1 files changed, 56 insertions, 0 deletions
diff --git a/textproc/icu/patches/patch-be b/textproc/icu/patches/patch-be new file mode 100644 index 00000000000..08d698736f4 --- /dev/null +++ b/textproc/icu/patches/patch-be @@ -0,0 +1,56 @@ +$NetBSD: patch-be,v 1.1 2008/03/20 17:07:54 drochner Exp $ + +--- test/intltest/regextst.cpp.orig 2005-07-05 20:39:00.000000000 +0200 ++++ test/intltest/regextst.cpp +@@ -66,6 +66,10 @@ void RegexTest::runIndexedTest( int32_t + case 6: name = "PerlTests"; + if (exec) PerlTests(); + break; ++ case 7: name = "Bug 6149"; ++ if (exec) Bug6149(); ++ break; ++ + + + default: name = ""; +@@ -1637,6 +1641,13 @@ void RegexTest::Errors() { + // UnicodeSet containing a string + REGEX_ERR("abc[{def}]xyz", 1, 10, U_REGEX_SET_CONTAINS_STRING); + ++ ++ // Invalid Back Reference \0 ++ // For ICU 3.8 and earlier ++ // For ICU versions newer than 3.8, \0 introduces an octal escape. ++ // ++ REGEX_ERR("(ab)\\0", 1, 6, U_REGEX_INVALID_BACK_REF); ++ + } + + +@@ -2119,6 +2130,26 @@ void RegexTest::PerlTests() { + } + + ++//-------------------------------------------------------------- ++// ++// Bug6149 Verify limits to heap expansion for backtrack stack. ++// Use this pattern, ++// "(a?){1,}" ++// The zero-length match will repeat forever. ++// (That this goes into a loop is another bug) ++// ++//--------------------------------------------------------------- ++void RegexTest::Bug6149() { ++ UnicodeString pattern("(a?){1,}"); ++ UnicodeString s("xyz"); ++ uint32_t flags = 0; ++ UErrorCode status = U_ZERO_ERROR; ++ ++ RegexMatcher matcher(pattern, s, flags, status); ++ UBool result = false; ++ REGEX_ASSERT_FAIL(result=matcher.matches(status), U_BUFFER_OVERFLOW_ERROR); ++ REGEX_ASSERT(result == FALSE); ++ } + + #endif /* !UCONFIG_NO_REGULAR_EXPRESSIONS */ + |