guix-commits
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

01/01: gnu: pcre2: Update to 10.31.


From: Tobias Geerinckx-Rice
Subject: 01/01: gnu: pcre2: Update to 10.31.
Date: Wed, 28 Feb 2018 14:14:58 -0500 (EST)

nckx pushed a commit to branch core-updates
in repository guix.

commit 8297ff0f931a677c51ca7c64a844a55cd6cd2ef4
Author: Tobias Geerinckx-Rice <address@hidden>
Date:   Wed Feb 28 18:23:28 2018 +0100

    gnu: pcre2: Update to 10.31.
    
    * gnu/packages/pcre.scm (pcre2): Update to 10.31.
    [source]: Remove upstreamed patches.
    * gnu/packages/patches/pcre2-CVE-2017-7186.patch: Delete this file...
    * gnu/packages/patches/pcre2-CVE-2017-8786.patch: ...and this one.
    * gnu/local.mk (dist_patch_DATA): Remove them.
---
 gnu/local.mk                                   |   2 -
 gnu/packages/patches/pcre2-CVE-2017-7186.patch |  68 -----------
 gnu/packages/patches/pcre2-CVE-2017-8786.patch | 155 -------------------------
 gnu/packages/pcre.scm                          |   7 +-
 4 files changed, 3 insertions(+), 229 deletions(-)

diff --git a/gnu/local.mk b/gnu/local.mk
index 6cc73cb..2df1195 100644
--- a/gnu/local.mk
+++ b/gnu/local.mk
@@ -961,8 +961,6 @@ dist_patch_DATA =                                           
\
   %D%/packages/patches/patchutils-xfail-gendiff-tests.patch    \
   %D%/packages/patches/patch-hurd-path-max.patch               \
   %D%/packages/patches/pcmanfm-CVE-2017-8934.patch             \
-  %D%/packages/patches/pcre2-CVE-2017-7186.patch               \
-  %D%/packages/patches/pcre2-CVE-2017-8786.patch               \
   %D%/packages/patches/perl-file-path-CVE-2017-6512.patch      \
   %D%/packages/patches/perl-autosplit-default-time.patch       \
   %D%/packages/patches/perl-dbd-mysql-CVE-2017-10788.patch     \
diff --git a/gnu/packages/patches/pcre2-CVE-2017-7186.patch 
b/gnu/packages/patches/pcre2-CVE-2017-7186.patch
deleted file mode 100644
index 5c16955..0000000
--- a/gnu/packages/patches/pcre2-CVE-2017-7186.patch
+++ /dev/null
@@ -1,68 +0,0 @@
-Patch for <https://nvd.nist.gov/vuln/detail?vulnId=CVE-2017-7186>
-taken from <https://vcs.pcre.org/pcre2?view=revision&revision=670>.
-
---- trunk/src/pcre2_internal.h 2016/11/19 12:46:24     600
-+++ trunk/src/pcre2_internal.h 2017/02/24 18:25:32     670
-@@ -1774,10 +1774,17 @@
- /* UCD access macros */
- 
- #define UCD_BLOCK_SIZE 128
--#define GET_UCD(ch) (PRIV(ucd_records) + \
-+#define REAL_GET_UCD(ch) (PRIV(ucd_records) + \
-         PRIV(ucd_stage2)[PRIV(ucd_stage1)[(int)(ch) / UCD_BLOCK_SIZE] * \
-         UCD_BLOCK_SIZE + (int)(ch) % UCD_BLOCK_SIZE])
- 
-+#if PCRE2_CODE_UNIT_WIDTH == 32
-+#define GET_UCD(ch) ((ch > MAX_UTF_CODE_POINT)? \
-+  PRIV(dummy_ucd_record) : REAL_GET_UCD(ch))
-+#else
-+#define GET_UCD(ch) REAL_GET_UCD(ch)
-+#endif
-+
- #define UCD_CHARTYPE(ch)    GET_UCD(ch)->chartype
- #define UCD_SCRIPT(ch)      GET_UCD(ch)->script
- #define UCD_CATEGORY(ch)    PRIV(ucp_gentype)[UCD_CHARTYPE(ch)]
-@@ -1834,6 +1841,9 @@
- #define _pcre2_default_compile_context 
PCRE2_SUFFIX(_pcre2_default_compile_context_)
- #define _pcre2_default_match_context   
PCRE2_SUFFIX(_pcre2_default_match_context_)
- #define _pcre2_default_tables          PCRE2_SUFFIX(_pcre2_default_tables_)
-+#if PCRE2_CODE_UNIT_WIDTH == 32
-+#define _pcre2_dummy_ucd_record        PCRE2_SUFFIX(_pcre2_dummy_ucd_record_)
-+#endif
- #define _pcre2_hspace_list             PCRE2_SUFFIX(_pcre2_hspace_list_)
- #define _pcre2_vspace_list             PCRE2_SUFFIX(_pcre2_vspace_list_)
- #define _pcre2_ucd_caseless_sets       PCRE2_SUFFIX(_pcre2_ucd_caseless_sets_)
-@@ -1858,6 +1868,9 @@
- extern const uint32_t                  PRIV(vspace_list)[];
- extern const uint32_t                  PRIV(ucd_caseless_sets)[];
- extern const ucd_record                PRIV(ucd_records)[];
-+#if PCRE2_CODE_UNIT_WIDTH == 32
-+extern const ucd_record                PRIV(dummy_ucd_record)[];
-+#endif
- extern const uint8_t                   PRIV(ucd_stage1)[];
- extern const uint16_t                  PRIV(ucd_stage2)[];
- extern const uint32_t                  PRIV(ucp_gbtable)[];
-
---- trunk/src/pcre2_ucd.c      2015/07/17 15:44:51     316
-+++ trunk/src/pcre2_ucd.c      2017/02/24 18:25:32     670
-@@ -41,6 +41,20 @@
- 
- const char *PRIV(unicode_version) = "8.0.0";
- 
-+/* If the 32-bit library is run in non-32-bit mode, character values
-+greater than 0x10ffff may be encountered. For these we set up a
-+special record. */
-+
-+#if PCRE2_CODE_UNIT_WIDTH == 32
-+const ucd_record PRIV(dummy_ucd_record)[] = {{
-+  ucp_Common,    /* script */
-+  ucp_Cn,        /* type unassigned */
-+  ucp_gbOther,   /* grapheme break property */
-+  0,             /* case set */
-+  0,             /* other case */
-+  }};
-+#endif
-+
- /* When recompiling tables with a new Unicode version, please check the
- types in this structure definition from pcre2_internal.h (the actual
- field names will be different):
diff --git a/gnu/packages/patches/pcre2-CVE-2017-8786.patch 
b/gnu/packages/patches/pcre2-CVE-2017-8786.patch
deleted file mode 100644
index 6071d58..0000000
--- a/gnu/packages/patches/pcre2-CVE-2017-8786.patch
+++ /dev/null
@@ -1,155 +0,0 @@
-Fix CVE-2017-8786:
-
-https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8786
-https://bugs.exim.org/show_bug.cgi?id=2079
-https://blogs.gentoo.org/ago/2017/04/29/libpcre-heap-based-buffer-overflow-write-in-pcre2test-c/
-
-Patch copied from upstream source repository:
-
-https://vcs.pcre.org/pcre2?view=revision&revision=696
-https://vcs.pcre.org/pcre2?view=revision&revision=697
-
---- trunk/doc/pcre2api.3       2017/03/21 16:48:40     695
-+++ trunk/doc/pcre2api.3       2017/03/21 17:46:21     696
-@@ -1,4 +1,4 @@
--.TH PCRE2API 3 "24 December 2016" "PCRE2 10.23"
-+.TH PCRE2API 3 "21 March 2017" "PCRE2 10.30"
- .SH NAME
- PCRE2 - Perl-compatible regular expressions (revised API)
- .sp
-@@ -2633,8 +2633,8 @@
- A text message for an error code from any PCRE2 function (compile, match, or
- auxiliary) can be obtained by calling \fBpcre2_get_error_message()\fP. The 
code
- is passed as the first argument, with the remaining two arguments specifying a
--code unit buffer and its length, into which the text message is placed. Note
--that the message is returned in code units of the appropriate width for the
-+code unit buffer and its length in code units, into which the text message is
-+placed. The message is returned in code units of the appropriate width for the
- library that is being used.
- .P
- The returned message is terminated with a trailing zero, and the function
-@@ -3321,6 +3321,6 @@
- .rs
- .sp
- .nf
--Last updated: 23 December 2016
--Copyright (c) 1997-2016 University of Cambridge.
-+Last updated: 21 March 2017
-+Copyright (c) 1997-2017 University of Cambridge.
- .fi
---- trunk/src/pcre2_error.c    2017/03/21 16:48:40     695
-+++ trunk/src/pcre2_error.c    2017/03/21 17:46:21     696
-@@ -271,7 +271,7 @@
- Arguments:
-   enumber       error number
-   buffer        where to put the message (zero terminated)
--  size          size of the buffer
-+  size          size of the buffer in code units
- 
- Returns:        length of message if all is well
-                 negative on error
---- trunk/src/pcre2test.c      2017/03/21 17:46:21     696
-+++ trunk/src/pcre2test.c      2017/03/21 18:36:13     697
-@@ -1017,9 +1017,9 @@
-   if (test_mode == PCRE8_MODE) \
-     r = pcre2_get_error_message_8(a,G(b,8),G(G(b,8),_size)); \
-   else if (test_mode == PCRE16_MODE) \
--    r = pcre2_get_error_message_16(a,G(b,16),G(G(b,16),_size)); \
-+    r = pcre2_get_error_message_16(a,G(b,16),G(G(b,16),_size/2)); \
-   else \
--    r = pcre2_get_error_message_32(a,G(b,32),G(G(b,32),_size))
-+    r = pcre2_get_error_message_32(a,G(b,32),G(G(b,32),_size/4))
- 
- #define PCRE2_GET_OVECTOR_COUNT(a,b) \
-   if (test_mode == PCRE8_MODE) \
-@@ -1399,6 +1399,9 @@
- 
- /* ----- Common macros for two-mode cases ----- */
- 
-+#define BYTEONE (BITONE/8)
-+#define BYTETWO (BITTWO/8)
-+
- #define CASTFLD(t,a,b) \
-   ((test_mode == G(G(PCRE,BITONE),_MODE))? (t)(G(a,BITONE)->b) : \
-     (t)(G(a,BITTWO)->b))
-@@ -1481,9 +1484,9 @@
- 
- #define PCRE2_GET_ERROR_MESSAGE(r,a,b) \
-   if (test_mode == G(G(PCRE,BITONE),_MODE)) \
--    r = 
G(pcre2_get_error_message_,BITONE)(a,G(b,BITONE),G(G(b,BITONE),_size)); \
-+    r = 
G(pcre2_get_error_message_,BITONE)(a,G(b,BITONE),G(G(b,BITONE),_size/BYTEONE)); 
\
-   else \
--    r = G(pcre2_get_error_message_,BITTWO)(a,G(b,BITTWO),G(G(b,BITTWO),_size))
-+    r = 
G(pcre2_get_error_message_,BITTWO)(a,G(b,BITTWO),G(G(b,BITTWO),_size/BYTETWO))
- 
- #define PCRE2_GET_OVECTOR_COUNT(a,b) \
-   if (test_mode == G(G(PCRE,BITONE),_MODE)) \
-@@ -1904,7 +1907,7 @@
- #define PCRE2_DFA_MATCH(a,b,c,d,e,f,g,h,i,j) \
-   a = pcre2_dfa_match_16(G(b,16),(PCRE2_SPTR16)c,d,e,f,G(g,16),h,i,j)
- #define PCRE2_GET_ERROR_MESSAGE(r,a,b) \
--  r = pcre2_get_error_message_16(a,G(b,16),G(G(b,16),_size))
-+  r = pcre2_get_error_message_16(a,G(b,16),G(G(b,16),_size/2))
- #define PCRE2_GET_OVECTOR_COUNT(a,b) a = pcre2_get_ovector_count_16(G(b,16))
- #define PCRE2_GET_STARTCHAR(a,b) a = pcre2_get_startchar_16(G(b,16))
- #define PCRE2_JIT_COMPILE(r,a,b) r = pcre2_jit_compile_16(G(a,16),b)
-@@ -2000,7 +2003,7 @@
- #define PCRE2_DFA_MATCH(a,b,c,d,e,f,g,h,i,j) \
-   a = pcre2_dfa_match_32(G(b,32),(PCRE2_SPTR32)c,d,e,f,G(g,32),h,i,j)
- #define PCRE2_GET_ERROR_MESSAGE(r,a,b) \
--  r = pcre2_get_error_message_32(a,G(b,32),G(G(b,32),_size))
-+  r = pcre2_get_error_message_32(a,G(b,32),G(G(b,32),_size/4))
- #define PCRE2_GET_OVECTOR_COUNT(a,b) a = pcre2_get_ovector_count_32(G(b,32))
- #define PCRE2_GET_STARTCHAR(a,b) a = pcre2_get_startchar_32(G(b,32))
- #define PCRE2_JIT_COMPILE(r,a,b) r = pcre2_jit_compile_32(G(a,32),b)
---- trunk/src/pcre2test.c      2017/03/21 16:48:40     695
-+++ trunk/src/pcre2test.c      2017/03/21 17:46:21     696
-@@ -2889,7 +2889,7 @@
-   {
-   if (pbuffer32 != NULL) free(pbuffer32);
-   pbuffer32_size = 4*len + 4;
--  if (pbuffer32_size < 256) pbuffer32_size = 256;
-+  if (pbuffer32_size < 512) pbuffer32_size = 512;
-   pbuffer32 = (uint32_t *)malloc(pbuffer32_size);
-   if (pbuffer32 == NULL)
-     {
-@@ -7600,7 +7600,8 @@
-   int errcode;
-   char *endptr;
- 
--/* Ensure the relevant non-8-bit buffer is available. */
-+/* Ensure the relevant non-8-bit buffer is available. Ensure that it is at 
-+least 128 code units, because it is used for retrieving error messages. */
- 
- #ifdef SUPPORT_PCRE2_16
-   if (test_mode == PCRE16_MODE)
-@@ -7620,7 +7621,7 @@
- #ifdef SUPPORT_PCRE2_32
-   if (test_mode == PCRE32_MODE)
-     {
--    pbuffer32_size = 256;
-+    pbuffer32_size = 512;
-     pbuffer32 = (uint32_t *)malloc(pbuffer32_size);
-     if (pbuffer32 == NULL)
-       {
---- trunk/testdata/testinput2  2017/03/21 16:48:40     695
-+++ trunk/testdata/testinput2  2017/03/21 17:46:21     696
-@@ -5017,4 +5017,6 @@
- 
- /(?<!\1((?U)1((?U))))(*F)/never_backslash_c,alt_bsux,anchored,extended
- 
-+/\g{3/
-+
- # End of testinput2 
---- trunk/testdata/testoutput2 2017/03/21 16:48:40     695
-+++ trunk/testdata/testoutput2 2017/03/21 17:46:21     696
-@@ -15570,6 +15570,9 @@
- 
- /(?<!\1((?U)1((?U))))(*F)/never_backslash_c,alt_bsux,anchored,extended
- 
-+/\g{3/
-+Failed: error 157 at offset 2: \g is not followed by a braced, 
angle-bracketed, or quoted name/number or by a plain number
-+
- # End of testinput2 
- Error -63: PCRE2_ERROR_BADDATA (unknown error number)
- Error -62: bad serialized data
diff --git a/gnu/packages/pcre.scm b/gnu/packages/pcre.scm
index ee853d5..5719b7b 100644
--- a/gnu/packages/pcre.scm
+++ b/gnu/packages/pcre.scm
@@ -6,6 +6,7 @@
 ;;; Copyright © 2017 Marius Bakke <address@hidden>
 ;;; Copyright © 2017 Ludovic Courtès <address@hidden>
 ;;; Copyright © 2017 Efraim Flashner <address@hidden>
+;;; Copyright © 2018 Tobias Geerinckx-Rice <address@hidden>
 ;;;
 ;;; This file is part of GNU Guix.
 ;;;
@@ -75,7 +76,7 @@ POSIX regular expression API.")
 (define-public pcre2
   (package
     (name "pcre2")
-    (version "10.23")
+    (version "10.31")
     (source (origin
               (method url-fetch)
               (uri (string-append "mirror://sourceforge/pcre/pcre2/"
@@ -83,9 +84,7 @@ POSIX regular expression API.")
 
               (sha256
                (base32
-                "0vn5g0mkkp99mmzpissa06hpyj6pk9s4mlwbjqrjvw3ihy8rpiyz"))
-              (patches (search-patches "pcre2-CVE-2017-7186.patch"
-                                       "pcre2-CVE-2017-8786.patch"))))
+                "1b389pzw91k1hzydsh4smdsxyppwz4pv74m3nrvy8rda0j3m6zg0"))))
    (build-system gnu-build-system)
    (inputs `(("bzip2" ,bzip2)
              ("readline" ,readline)



reply via email to

[Prev in Thread] Current Thread [Next in Thread]