| author | Craig Mohrman <craig.mohrman@oracle.com> |
| Tue, 15 Sep 2015 14:10:14 -0700 | |
| branch | s11u3-sru |
| changeset 4861 | 27f95cbe0040 |
| parent 4583 | 66352b5ed68a |
| permissions | -rw-r--r-- |
|
4583
66352b5ed68a
21290075 update pcre to version 8.37
April Chin <april.chin@oracle.com>
parents:
diff
changeset
|
1 |
Patch from upstream: |
|
66352b5ed68a
21290075 update pcre to version 8.37
April Chin <april.chin@oracle.com>
parents:
diff
changeset
|
2 |
http://vcs.pcre.org/pcre?view=revision&revision=1566 |
|
66352b5ed68a
21290075 update pcre to version 8.37
April Chin <april.chin@oracle.com>
parents:
diff
changeset
|
3 |
to fix CVE-2015-3217 for this upstream bug |
|
66352b5ed68a
21290075 update pcre to version 8.37
April Chin <april.chin@oracle.com>
parents:
diff
changeset
|
4 |
https://bugs.exim.org/show_bug.cgi?id=1638 |
|
66352b5ed68a
21290075 update pcre to version 8.37
April Chin <april.chin@oracle.com>
parents:
diff
changeset
|
5 |
|
|
66352b5ed68a
21290075 update pcre to version 8.37
April Chin <april.chin@oracle.com>
parents:
diff
changeset
|
6 |
This patch may be removed when pcre is upgraded from version 8.37 |
|
66352b5ed68a
21290075 update pcre to version 8.37
April Chin <april.chin@oracle.com>
parents:
diff
changeset
|
7 |
|
|
66352b5ed68a
21290075 update pcre to version 8.37
April Chin <april.chin@oracle.com>
parents:
diff
changeset
|
8 |
--- pcre-8.37-orig/ChangeLog 2015-06-18 14:42:05.162869794 -0700 |
|
66352b5ed68a
21290075 update pcre to version 8.37
April Chin <april.chin@oracle.com>
parents:
diff
changeset
|
9 |
+++ pcre-8.37/ChangeLog 2015-06-18 14:42:49.750142570 -0700 |
|
66352b5ed68a
21290075 update pcre to version 8.37
April Chin <april.chin@oracle.com>
parents:
diff
changeset
|
10 |
@@ -23,6 +23,10 @@ Changes since Version 8.37 |
|
66352b5ed68a
21290075 update pcre to version 8.37
April Chin <april.chin@oracle.com>
parents:
diff
changeset
|
11 |
another group caused a buffer overflow. For example: |
|
66352b5ed68a
21290075 update pcre to version 8.37
April Chin <april.chin@oracle.com>
parents:
diff
changeset
|
12 |
/(?J)(?'d'(?'d'\g{d}))/. This bug was discovered by the LLVM fuzzer.
|
|
66352b5ed68a
21290075 update pcre to version 8.37
April Chin <april.chin@oracle.com>
parents:
diff
changeset
|
13 |
|
|
66352b5ed68a
21290075 update pcre to version 8.37
April Chin <april.chin@oracle.com>
parents:
diff
changeset
|
14 |
+5. If a non-capturing group containing a conditional group that could match |
|
66352b5ed68a
21290075 update pcre to version 8.37
April Chin <april.chin@oracle.com>
parents:
diff
changeset
|
15 |
+ an empty string was repeated, it was not identified as matching an empty |
|
66352b5ed68a
21290075 update pcre to version 8.37
April Chin <april.chin@oracle.com>
parents:
diff
changeset
|
16 |
+ string itself. For example: /^(?:(?(1)x|)+)+$()/. |
|
66352b5ed68a
21290075 update pcre to version 8.37
April Chin <april.chin@oracle.com>
parents:
diff
changeset
|
17 |
+ |
|
66352b5ed68a
21290075 update pcre to version 8.37
April Chin <april.chin@oracle.com>
parents:
diff
changeset
|
18 |
|
|
66352b5ed68a
21290075 update pcre to version 8.37
April Chin <april.chin@oracle.com>
parents:
diff
changeset
|
19 |
Version 8.37 28-April-2015 |
|
66352b5ed68a
21290075 update pcre to version 8.37
April Chin <april.chin@oracle.com>
parents:
diff
changeset
|
20 |
-------------------------- |
|
66352b5ed68a
21290075 update pcre to version 8.37
April Chin <april.chin@oracle.com>
parents:
diff
changeset
|
21 |
--- pcre-8.37-orig/pcre_compile.c 2015-06-18 14:43:18.613383953 -0700 |
|
66352b5ed68a
21290075 update pcre to version 8.37
April Chin <april.chin@oracle.com>
parents:
diff
changeset
|
22 |
+++ pcre-8.37/pcre_compile.c 2015-06-18 14:44:14.866515479 -0700 |
|
66352b5ed68a
21290075 update pcre to version 8.37
April Chin <april.chin@oracle.com>
parents:
diff
changeset
|
23 |
@@ -2487,7 +2487,7 @@ for (code = first_significant_code(code |
|
66352b5ed68a
21290075 update pcre to version 8.37
April Chin <april.chin@oracle.com>
parents:
diff
changeset
|
24 |
if (c == OP_BRA || c == OP_BRAPOS || |
|
66352b5ed68a
21290075 update pcre to version 8.37
April Chin <april.chin@oracle.com>
parents:
diff
changeset
|
25 |
c == OP_CBRA || c == OP_CBRAPOS || |
|
66352b5ed68a
21290075 update pcre to version 8.37
April Chin <april.chin@oracle.com>
parents:
diff
changeset
|
26 |
c == OP_ONCE || c == OP_ONCE_NC || |
|
66352b5ed68a
21290075 update pcre to version 8.37
April Chin <april.chin@oracle.com>
parents:
diff
changeset
|
27 |
- c == OP_COND) |
|
66352b5ed68a
21290075 update pcre to version 8.37
April Chin <april.chin@oracle.com>
parents:
diff
changeset
|
28 |
+ c == OP_COND || c == OP_SCOND) |
|
66352b5ed68a
21290075 update pcre to version 8.37
April Chin <april.chin@oracle.com>
parents:
diff
changeset
|
29 |
{
|
|
66352b5ed68a
21290075 update pcre to version 8.37
April Chin <april.chin@oracle.com>
parents:
diff
changeset
|
30 |
BOOL empty_branch; |
|
66352b5ed68a
21290075 update pcre to version 8.37
April Chin <april.chin@oracle.com>
parents:
diff
changeset
|
31 |
if (GET(code, 1) == 0) return TRUE; /* Hit unclosed bracket */ |
|
66352b5ed68a
21290075 update pcre to version 8.37
April Chin <april.chin@oracle.com>
parents:
diff
changeset
|
32 |
--- pcre-8.37-orig/testdata/testinput2 2015-06-18 14:45:30.453719449 -0700 |
|
66352b5ed68a
21290075 update pcre to version 8.37
April Chin <april.chin@oracle.com>
parents:
diff
changeset
|
33 |
+++ pcre-8.37/testdata/testinput2 2015-06-18 14:46:14.175672070 -0700 |
|
66352b5ed68a
21290075 update pcre to version 8.37
April Chin <april.chin@oracle.com>
parents:
diff
changeset
|
34 |
@@ -4168,4 +4168,6 @@ backtracking verbs. --/ |
|
66352b5ed68a
21290075 update pcre to version 8.37
April Chin <april.chin@oracle.com>
parents:
diff
changeset
|
35 |
|
|
66352b5ed68a
21290075 update pcre to version 8.37
April Chin <april.chin@oracle.com>
parents:
diff
changeset
|
36 |
"(?J)(?'d'(?'d'\g{d}))"
|
|
66352b5ed68a
21290075 update pcre to version 8.37
April Chin <april.chin@oracle.com>
parents:
diff
changeset
|
37 |
|
|
66352b5ed68a
21290075 update pcre to version 8.37
April Chin <april.chin@oracle.com>
parents:
diff
changeset
|
38 |
+/^(?:(?(1)x|)+)+$()/BZ |
|
66352b5ed68a
21290075 update pcre to version 8.37
April Chin <april.chin@oracle.com>
parents:
diff
changeset
|
39 |
+ |
|
66352b5ed68a
21290075 update pcre to version 8.37
April Chin <april.chin@oracle.com>
parents:
diff
changeset
|
40 |
/-- End of testinput2 --/ |
|
66352b5ed68a
21290075 update pcre to version 8.37
April Chin <april.chin@oracle.com>
parents:
diff
changeset
|
41 |
--- pcre-8.37-orig/testdata/testoutput2 2015-06-18 14:45:38.047882931 -0700 |
|
66352b5ed68a
21290075 update pcre to version 8.37
April Chin <april.chin@oracle.com>
parents:
diff
changeset
|
42 |
+++ pcre-8.37/testdata/testoutput2 2015-06-18 14:47:02.815368178 -0700 |
|
66352b5ed68a
21290075 update pcre to version 8.37
April Chin <april.chin@oracle.com>
parents:
diff
changeset
|
43 |
@@ -14456,4 +14456,22 @@ Failed: reference to non-existent subpat |
|
66352b5ed68a
21290075 update pcre to version 8.37
April Chin <april.chin@oracle.com>
parents:
diff
changeset
|
44 |
|
|
66352b5ed68a
21290075 update pcre to version 8.37
April Chin <april.chin@oracle.com>
parents:
diff
changeset
|
45 |
"(?J)(?'d'(?'d'\g{d}))"
|
|
66352b5ed68a
21290075 update pcre to version 8.37
April Chin <april.chin@oracle.com>
parents:
diff
changeset
|
46 |
|
|
66352b5ed68a
21290075 update pcre to version 8.37
April Chin <april.chin@oracle.com>
parents:
diff
changeset
|
47 |
+/^(?:(?(1)x|)+)+$()/BZ |
|
66352b5ed68a
21290075 update pcre to version 8.37
April Chin <april.chin@oracle.com>
parents:
diff
changeset
|
48 |
+------------------------------------------------------------------ |
|
66352b5ed68a
21290075 update pcre to version 8.37
April Chin <april.chin@oracle.com>
parents:
diff
changeset
|
49 |
+ Bra |
|
66352b5ed68a
21290075 update pcre to version 8.37
April Chin <april.chin@oracle.com>
parents:
diff
changeset
|
50 |
+ ^ |
|
66352b5ed68a
21290075 update pcre to version 8.37
April Chin <april.chin@oracle.com>
parents:
diff
changeset
|
51 |
+ SBra |
|
66352b5ed68a
21290075 update pcre to version 8.37
April Chin <april.chin@oracle.com>
parents:
diff
changeset
|
52 |
+ SCond |
|
66352b5ed68a
21290075 update pcre to version 8.37
April Chin <april.chin@oracle.com>
parents:
diff
changeset
|
53 |
+ 1 Cond ref |
|
66352b5ed68a
21290075 update pcre to version 8.37
April Chin <april.chin@oracle.com>
parents:
diff
changeset
|
54 |
+ x |
|
66352b5ed68a
21290075 update pcre to version 8.37
April Chin <april.chin@oracle.com>
parents:
diff
changeset
|
55 |
+ Alt |
|
66352b5ed68a
21290075 update pcre to version 8.37
April Chin <april.chin@oracle.com>
parents:
diff
changeset
|
56 |
+ KetRmax |
|
66352b5ed68a
21290075 update pcre to version 8.37
April Chin <april.chin@oracle.com>
parents:
diff
changeset
|
57 |
+ KetRmax |
|
66352b5ed68a
21290075 update pcre to version 8.37
April Chin <april.chin@oracle.com>
parents:
diff
changeset
|
58 |
+ $ |
|
66352b5ed68a
21290075 update pcre to version 8.37
April Chin <april.chin@oracle.com>
parents:
diff
changeset
|
59 |
+ CBra 1 |
|
66352b5ed68a
21290075 update pcre to version 8.37
April Chin <april.chin@oracle.com>
parents:
diff
changeset
|
60 |
+ Ket |
|
66352b5ed68a
21290075 update pcre to version 8.37
April Chin <april.chin@oracle.com>
parents:
diff
changeset
|
61 |
+ Ket |
|
66352b5ed68a
21290075 update pcre to version 8.37
April Chin <april.chin@oracle.com>
parents:
diff
changeset
|
62 |
+ End |
|
66352b5ed68a
21290075 update pcre to version 8.37
April Chin <april.chin@oracle.com>
parents:
diff
changeset
|
63 |
+------------------------------------------------------------------ |
|
66352b5ed68a
21290075 update pcre to version 8.37
April Chin <april.chin@oracle.com>
parents:
diff
changeset
|
64 |
+ |
|
66352b5ed68a
21290075 update pcre to version 8.37
April Chin <april.chin@oracle.com>
parents:
diff
changeset
|
65 |
/-- End of testinput2 --/ |