Mercurial Mercurial > upstream > oracle > userland-gate / diff
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | comparison | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
components/pcre/patches/05-CVE-2015-3217.patch
branchs11u3-sru
changeset 5230 03a3a267d872
parent 5208 0606ba1c1cc6
child 5237 c85859d16ccb 
--- a/components/pcre/patches/05-CVE-2015-3217.patch	Thu Dec 17 09:15:10 2015 -0800
+++ /dev/null	Thu Jan 01 00:00:00 1970 +0000
@@ -1,65 +0,0 @@
-Patch from upstream:
-http://vcs.pcre.org/pcre?view=revision&revision=1566
-to fix CVE-2015-3217 for this upstream bug
-https://bugs.exim.org/show_bug.cgi?id=1638
-
-This patch may be removed when pcre is upgraded from version 8.37
-
---- pcre-8.37-orig/ChangeLog	2015-06-18 14:42:05.162869794 -0700
-+++ pcre-8.37/ChangeLog	2015-06-18 14:42:49.750142570 -0700
-@@ -23,6 +23,10 @@ Changes since Version 8.37
-     another group caused a buffer overflow. For example:
-     /(?J)(?'d'(?'d'\g{d}))/. This bug was discovered by the LLVM fuzzer.
-  
-+5.  If a non-capturing group containing a conditional group that could match
-+    an empty string was repeated, it was not identified as matching an empty
-+    string itself. For example: /^(?:(?(1)x|)+)+$()/.
-+
- 
- Version 8.37 28-April-2015
- --------------------------
---- pcre-8.37-orig/pcre_compile.c	2015-06-18 14:43:18.613383953 -0700
-+++ pcre-8.37/pcre_compile.c	2015-06-18 14:44:14.866515479 -0700
-@@ -2487,7 +2487,7 @@ for (code = first_significant_code(code 
-   if (c == OP_BRA  || c == OP_BRAPOS ||
-       c == OP_CBRA || c == OP_CBRAPOS ||
-       c == OP_ONCE || c == OP_ONCE_NC ||
--      c == OP_COND)
-+      c == OP_COND || c == OP_SCOND)
-     {
-     BOOL empty_branch;
-     if (GET(code, 1) == 0) return TRUE;    /* Hit unclosed bracket */
---- pcre-8.37-orig/testdata/testinput2	2015-06-18 14:45:30.453719449 -0700
-+++ pcre-8.37/testdata/testinput2	2015-06-18 14:46:14.175672070 -0700
-@@ -4168,4 +4168,6 @@ backtracking verbs. --/
- 
- "(?J)(?'d'(?'d'\g{d}))"
- 
-+/^(?:(?(1)x|)+)+$()/BZ
-+
- /-- End of testinput2 --/
---- pcre-8.37-orig/testdata/testoutput2	2015-06-18 14:45:38.047882931 -0700
-+++ pcre-8.37/testdata/testoutput2	2015-06-18 14:47:02.815368178 -0700
-@@ -14456,4 +14456,22 @@ Failed: reference to non-existent subpat
- 
- "(?J)(?'d'(?'d'\g{d}))"
- 
-+/^(?:(?(1)x|)+)+$()/BZ
-+------------------------------------------------------------------
-+        Bra
-+        ^
-+        SBra
-+        SCond
-+      1 Cond ref
-+        x
-+        Alt
-+        KetRmax
-+        KetRmax
-+        $
-+        CBra 1
-+        Ket
-+        Ket
-+        End
-+------------------------------------------------------------------
-+
- /-- End of testinput2 --/
upstream/oracle/userland-gate