- sync with double-free upstream fixes
- fix #222531: Replace dist by ?dist - Resolves: rhbz#222531
This commit is contained in:
parent
653a18c546
commit
c118600f22
@ -1,17 +1,24 @@
|
|||||||
--- gawk-3.1.5/field.c.freewstr 2007-01-12 12:48:50.000000000 +0100
|
--- gawk-3.1.5/field.c.freewstr 2007-01-15 11:02:51.000000000 +0100
|
||||||
+++ gawk-3.1.5/field.c 2007-01-12 12:50:27.000000000 +0100
|
+++ gawk-3.1.5/field.c 2007-01-15 11:21:56.000000000 +0100
|
||||||
@@ -211,6 +211,9 @@
|
@@ -155,6 +155,7 @@
|
||||||
|
ofs = force_string(OFS_node->var_value);
|
||||||
n->stptr = cops;
|
ofslen = ofs->stlen;
|
||||||
unref(fields_arr[i]);
|
for (i = NF; i > 0; i--) {
|
||||||
+ n->wstptr = NULL;
|
+ free_wstr(fields_arr[i]);
|
||||||
+ n->wstlen = 0;
|
tmp = fields_arr[i];
|
||||||
+ n->flags &= ~WSTRCUR;
|
tmp = force_string(tmp);
|
||||||
fields_arr[i] = n;
|
tlen += tmp->stlen;
|
||||||
|
@@ -922,7 +923,7 @@
|
||||||
|
FIELDWIDTHS[0] = 0;
|
||||||
|
for (i = 1; ; i++) {
|
||||||
|
unsigned long int tmp;
|
||||||
|
- if (i >= fw_alloc) {
|
||||||
|
+ if (i + 1 >= fw_alloc) {
|
||||||
|
fw_alloc *= 2;
|
||||||
|
erealloc(FIELDWIDTHS, int *, fw_alloc * sizeof(int), "set_FIELDWIDTHS");
|
||||||
}
|
}
|
||||||
cops += fields_arr[i]->stlen + ofslen;
|
|
||||||
--- gawk-3.1.5/builtin.c.freewstr 2005-07-26 20:07:43.000000000 +0200
|
--- gawk-3.1.5/builtin.c.freewstr 2005-07-26 20:07:43.000000000 +0200
|
||||||
+++ gawk-3.1.5/builtin.c 2007-01-12 12:48:51.000000000 +0100
|
+++ gawk-3.1.5/builtin.c 2007-01-15 11:12:52.000000000 +0100
|
||||||
@@ -2089,9 +2089,9 @@
|
@@ -2089,9 +2089,9 @@
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -42,7 +49,7 @@
|
|||||||
if (mb_indices != NULL)
|
if (mb_indices != NULL)
|
||||||
free(mb_indices);
|
free(mb_indices);
|
||||||
--- gawk-3.1.5/awk.h.freewstr 2005-07-26 20:07:43.000000000 +0200
|
--- gawk-3.1.5/awk.h.freewstr 2005-07-26 20:07:43.000000000 +0200
|
||||||
+++ gawk-3.1.5/awk.h 2007-01-12 12:48:51.000000000 +0100
|
+++ gawk-3.1.5/awk.h 2007-01-15 11:02:51.000000000 +0100
|
||||||
@@ -1166,6 +1166,9 @@
|
@@ -1166,6 +1166,9 @@
|
||||||
#define force_wstring(n) str2wstr(n, NULL)
|
#define force_wstring(n) str2wstr(n, NULL)
|
||||||
extern const wchar_t *wstrstr P((const wchar_t *haystack, size_t hs_len, const wchar_t *needle, size_t needle_len));
|
extern const wchar_t *wstrstr P((const wchar_t *haystack, size_t hs_len, const wchar_t *needle, size_t needle_len));
|
||||||
@ -53,9 +60,17 @@
|
|||||||
#endif
|
#endif
|
||||||
/* re.c */
|
/* re.c */
|
||||||
extern Regexp *make_regexp P((const char *s, size_t len, int ignorecase, int dfa));
|
extern Regexp *make_regexp P((const char *s, size_t len, int ignorecase, int dfa));
|
||||||
--- gawk-3.1.5/node.c.freewstr 2007-01-12 12:48:50.000000000 +0100
|
--- gawk-3.1.5/node.c.freewstr 2007-01-15 11:02:51.000000000 +0100
|
||||||
+++ gawk-3.1.5/node.c 2007-01-12 12:48:51.000000000 +0100
|
+++ gawk-3.1.5/node.c 2007-01-15 11:33:44.000000000 +0100
|
||||||
@@ -218,15 +218,7 @@
|
@@ -96,6 +96,7 @@
|
||||||
|
if (! do_traditional && isnondecimal(cp, TRUE)) {
|
||||||
|
n->numbr = nondec2awknum(cp, cpend - cp);
|
||||||
|
n->flags |= NUMCUR;
|
||||||
|
+ ptr = cpend;
|
||||||
|
goto finish;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
@@ -218,15 +219,7 @@
|
||||||
no_malloc:
|
no_malloc:
|
||||||
s->stref = 1;
|
s->stref = 1;
|
||||||
s->flags |= STRCUR;
|
s->flags |= STRCUR;
|
||||||
@ -72,7 +87,7 @@
|
|||||||
return s;
|
return s;
|
||||||
}
|
}
|
||||||
|
|
||||||
@@ -289,8 +281,14 @@
|
@@ -289,8 +282,14 @@
|
||||||
*r = *n;
|
*r = *n;
|
||||||
r->flags &= ~(PERM|TEMP|FIELD);
|
r->flags &= ~(PERM|TEMP|FIELD);
|
||||||
r->flags |= MALLOC;
|
r->flags |= MALLOC;
|
||||||
@ -88,7 +103,7 @@
|
|||||||
#endif /* defined MBS_SUPPORT */
|
#endif /* defined MBS_SUPPORT */
|
||||||
if (n->type == Node_val && (n->flags & STRCUR) != 0) {
|
if (n->type == Node_val && (n->flags & STRCUR) != 0) {
|
||||||
r->stref = 1;
|
r->stref = 1;
|
||||||
@@ -346,11 +344,7 @@
|
@@ -346,11 +345,7 @@
|
||||||
r->stref = 1;
|
r->stref = 1;
|
||||||
r->stptr = NULL;
|
r->stptr = NULL;
|
||||||
r->stlen = 0;
|
r->stlen = 0;
|
||||||
@ -101,7 +116,7 @@
|
|||||||
#endif /* GAWKDEBUG */
|
#endif /* GAWKDEBUG */
|
||||||
return r;
|
return r;
|
||||||
}
|
}
|
||||||
@@ -365,10 +359,11 @@
|
@@ -365,10 +360,11 @@
|
||||||
getnode(r);
|
getnode(r);
|
||||||
r->type = Node_val;
|
r->type = Node_val;
|
||||||
r->flags = (STRING|STRCUR|MALLOC);
|
r->flags = (STRING|STRCUR|MALLOC);
|
||||||
@ -115,7 +130,7 @@
|
|||||||
if (flags & ALREADY_MALLOCED)
|
if (flags & ALREADY_MALLOCED)
|
||||||
r->stptr = s;
|
r->stptr = s;
|
||||||
else {
|
else {
|
||||||
@@ -512,20 +507,13 @@
|
@@ -512,20 +508,13 @@
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
free(tmp->stptr);
|
free(tmp->stptr);
|
||||||
@ -138,20 +153,32 @@
|
|||||||
freenode(tmp);
|
freenode(tmp);
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
@@ -708,11 +696,8 @@
|
@@ -706,12 +695,8 @@
|
||||||
|
return n;
|
||||||
|
/* otherwise
|
||||||
fall through and recompute to fill in the array */
|
fall through and recompute to fill in the array */
|
||||||
}
|
- }
|
||||||
|
-
|
||||||
- if (n->wstptr != NULL) {
|
- if (n->wstptr != NULL) {
|
||||||
- free(n->wstptr);
|
- free(n->wstptr);
|
||||||
- n->wstptr = NULL;
|
- n->wstptr = NULL;
|
||||||
- n->wstlen = 0;
|
- n->wstlen = 0;
|
||||||
- }
|
|
||||||
+ if (n->wstptr != NULL)
|
+ if (n->wstptr != NULL)
|
||||||
+ free_wstr(n);
|
+ free_wstr(n);
|
||||||
|
}
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* After consideration and consultation, this
|
@@ -752,8 +737,8 @@
|
||||||
|
case (size_t) -2:
|
||||||
|
case (size_t) -1:
|
||||||
|
case 0:
|
||||||
|
- goto done;
|
||||||
|
-
|
||||||
|
+ count = 1;
|
||||||
|
+ /* fall through */
|
||||||
|
default:
|
||||||
|
*wsp++ = wc;
|
||||||
|
src_count -= count;
|
||||||
@@ -777,6 +762,20 @@
|
@@ -777,6 +762,20 @@
|
||||||
return n;
|
return n;
|
||||||
}
|
}
|
||||||
@ -164,30 +191,53 @@
|
|||||||
+ if ((n->flags & WSTRCUR) != 0) {
|
+ if ((n->flags & WSTRCUR) != 0) {
|
||||||
+ assert(n->wstptr != NULL);
|
+ assert(n->wstptr != NULL);
|
||||||
+ free(n->wstptr);
|
+ free(n->wstptr);
|
||||||
|
+ }
|
||||||
+ n->wstptr = NULL;
|
+ n->wstptr = NULL;
|
||||||
+ n->wstlen = 0;
|
+ n->wstlen = 0;
|
||||||
+ n->flags &= ~WSTRCUR;
|
+ n->flags &= ~WSTRCUR;
|
||||||
+}
|
+}
|
||||||
+}
|
|
||||||
+
|
+
|
||||||
#if 0
|
#if 0
|
||||||
static void
|
static void
|
||||||
dump_wstr(FILE *fp, const wchar_t *str, size_t len)
|
dump_wstr(FILE *fp, const wchar_t *str, size_t len)
|
||||||
@@ -839,11 +838,10 @@
|
--- gawk-3.1.5/dfa.c.freewstr 2007-01-15 11:13:19.000000000 +0100
|
||||||
h = towlower(*start);
|
+++ gawk-3.1.5/dfa.c 2007-01-15 11:17:44.000000000 +0100
|
||||||
n = towlower(needle[j]);
|
@@ -516,7 +516,6 @@
|
||||||
if (h != n)
|
|
||||||
- goto out;
|
|
||||||
+ continue;
|
|
||||||
}
|
|
||||||
return haystack + i;
|
|
||||||
}
|
|
||||||
-out: ;
|
|
||||||
}
|
|
||||||
|
|
||||||
return NULL;
|
work_mbc->nchars = work_mbc->nranges = work_mbc->nch_classes = 0;
|
||||||
--- gawk-3.1.5/eval.c.freewstr 2007-01-12 12:48:50.000000000 +0100
|
work_mbc->nequivs = work_mbc->ncoll_elems = 0;
|
||||||
+++ gawk-3.1.5/eval.c 2007-01-12 12:48:51.000000000 +0100
|
- work_mbc->chars = NULL;
|
||||||
|
work_mbc->ch_classes = NULL;
|
||||||
|
work_mbc->range_sts = work_mbc->range_ends = NULL;
|
||||||
|
work_mbc->equivs = work_mbc->coll_elems = NULL;
|
||||||
|
@@ -1602,8 +1601,8 @@
|
||||||
|
d->states[i].constraint = 0;
|
||||||
|
d->states[i].first_end = 0;
|
||||||
|
#ifdef MBS_SUPPORT
|
||||||
|
- if (MB_CUR_MAX > 1)
|
||||||
|
- d->states[i].mbps.nelem = 0;
|
||||||
|
+ d->states[i].mbps.nelem = 0;
|
||||||
|
+ d->states[i].mbps.elems = NULL;
|
||||||
|
#endif
|
||||||
|
for (j = 0; j < s->nelem; ++j)
|
||||||
|
if (d->tokens[s->elems[j].index] < 0)
|
||||||
|
@@ -3136,8 +3135,13 @@
|
||||||
|
}
|
||||||
|
#endif /* MBS_SUPPORT */
|
||||||
|
|
||||||
|
- for (i = 0; i < d->sindex; ++i)
|
||||||
|
+ for (i = 0; i < d->sindex; ++i) {
|
||||||
|
free((ptr_t) d->states[i].elems.elems);
|
||||||
|
+#ifdef MBS_SUPPORT
|
||||||
|
+ if (d->states[i].mbps.nelem > 0)
|
||||||
|
+ free((ptr_t) d->states[i].mbps.elems);
|
||||||
|
+#endif /* MBS_SUPPORT */
|
||||||
|
+ }
|
||||||
|
free((ptr_t) d->states);
|
||||||
|
for (i = 0; i < d->tindex; ++i)
|
||||||
|
if (d->follows[i].elems)
|
||||||
|
--- gawk-3.1.5/eval.c.freewstr 2007-01-15 11:02:51.000000000 +0100
|
||||||
|
+++ gawk-3.1.5/eval.c 2007-01-15 11:02:51.000000000 +0100
|
||||||
@@ -1176,13 +1176,7 @@
|
@@ -1176,13 +1176,7 @@
|
||||||
memcpy(l->stptr + l->stlen, r->stptr, r->stlen);
|
memcpy(l->stptr + l->stlen, r->stptr, r->stlen);
|
||||||
l->stlen += r->stlen;
|
l->stlen += r->stlen;
|
||||||
|
40
gawk-3.1.5-mbread.patch
Normal file
40
gawk-3.1.5-mbread.patch
Normal file
@ -0,0 +1,40 @@
|
|||||||
|
|
||||||
|
Date: Mon, 18 Dec 2006 18:38:13 +0300
|
||||||
|
From: "Dmitry V. Levin" <ldv@altlinux.org>
|
||||||
|
Subject: gawk: do_match() invalid read
|
||||||
|
To: bug-gawk@gnu.org
|
||||||
|
|
||||||
|
Due to missing mounds check, do_match() may do invalid read in multibyte
|
||||||
|
locales:
|
||||||
|
|
||||||
|
$ printf '\n\n' |env -i gawk '{print match(""," *")}'
|
||||||
|
1
|
||||||
|
1
|
||||||
|
$ printf '\n\n' |env -i LC_ALL=3Dru_RU.UTF-8 gawk '{print match(""," *")}'
|
||||||
|
-1208299079
|
||||||
|
134843273
|
||||||
|
|
||||||
|
As you see, match() output in multibyte locale is wrong; valgrind reports
|
||||||
|
about "Invalid read of size 4".
|
||||||
|
|
||||||
|
|
||||||
|
--- gawk-3.1.5/builtin.c.mbread 2007-01-12 13:23:55.000000000 +0100
|
||||||
|
+++ gawk-3.1.5/builtin.c 2007-01-12 13:24:41.000000000 +0100
|
||||||
|
@@ -2020,7 +2020,7 @@
|
||||||
|
|
||||||
|
rlength = REEND(rp, t1->stptr) - RESTART(rp, t1->stptr); /* byte length */
|
||||||
|
#ifdef MBS_SUPPORT
|
||||||
|
- if (gawk_mb_cur_max > 1) {
|
||||||
|
+ if (rlength > 0 && gawk_mb_cur_max > 1) {
|
||||||
|
t1 = str2wstr(t1, & wc_indices);
|
||||||
|
rlength = wc_indices[rstart + rlength - 1] - wc_indices[rstart] + 1;
|
||||||
|
rstart = wc_indices[rstart];
|
||||||
|
@@ -2046,7 +2046,7 @@
|
||||||
|
subpat_start = s;
|
||||||
|
subpat_len = len = SUBPATEND(rp, t1->stptr, ii) - s;
|
||||||
|
#ifdef MBS_SUPPORT
|
||||||
|
- if (gawk_mb_cur_max > 1) {
|
||||||
|
+ if (len > 0 && gawk_mb_cur_max > 1) {
|
||||||
|
subpat_start = wc_indices[s];
|
||||||
|
subpat_len = wc_indices[s + len - 1] - subpat_start + 1;
|
||||||
|
}
|
12
gawk.spec
12
gawk.spec
@ -1,7 +1,7 @@
|
|||||||
Summary: The GNU version of the awk text processing utility.
|
Summary: The GNU version of the awk text processing utility.
|
||||||
Name: gawk
|
Name: gawk
|
||||||
Version: 3.1.5
|
Version: 3.1.5
|
||||||
Release: 13%{dist}
|
Release: 14%{?dist}
|
||||||
License: GPL
|
License: GPL
|
||||||
Group: Applications/Text
|
Group: Applications/Text
|
||||||
Source0: ftp://ftp.gnu.org/gnu/gawk/gawk-%{version}.tar.bz2
|
Source0: ftp://ftp.gnu.org/gnu/gawk/gawk-%{version}.tar.bz2
|
||||||
@ -31,6 +31,8 @@ Patch9: gawk-3.1.5-numflags.patch
|
|||||||
Patch10: gawk-3.1.5-ipv6.patch
|
Patch10: gawk-3.1.5-ipv6.patch
|
||||||
# 222080 - double free or corruption
|
# 222080 - double free or corruption
|
||||||
Patch11: gawk-3.1.5-freewstr.patch
|
Patch11: gawk-3.1.5-freewstr.patch
|
||||||
|
# upstream patch - Invalid read of size 4
|
||||||
|
Patch12: gawk-3.1.5-mbread.patch
|
||||||
|
|
||||||
%description
|
%description
|
||||||
The gawk packages contains the GNU version of awk, a text processing
|
The gawk packages contains the GNU version of awk, a text processing
|
||||||
@ -53,6 +55,7 @@ considered to be a standard Linux tool for processing text.
|
|||||||
%patch9 -p1 -b .numflag
|
%patch9 -p1 -b .numflag
|
||||||
%patch10 -p1 -b .ipv6
|
%patch10 -p1 -b .ipv6
|
||||||
%patch11 -p1 -b .freewstr
|
%patch11 -p1 -b .freewstr
|
||||||
|
%patch12 -p1 -b .mbread
|
||||||
|
|
||||||
%build
|
%build
|
||||||
%configure
|
%configure
|
||||||
@ -101,6 +104,13 @@ fi
|
|||||||
%{_datadir}/awk
|
%{_datadir}/awk
|
||||||
|
|
||||||
%changelog
|
%changelog
|
||||||
|
* Mon Jan 15 2007 Karel Zak <kzak@redhat.com> 3.1.5-14
|
||||||
|
- sync with double-free upstream fixes
|
||||||
|
- fix #222531: Replace dist by ?dist
|
||||||
|
|
||||||
|
* Fri Jan 12 2007 Karel Zak <kzak@redhat.com> 3.1.5-13
|
||||||
|
- fix MB read
|
||||||
|
|
||||||
* Fri Jan 12 2007 Karel Zak <kzak@redhat.com> 3.1.5-13
|
* Fri Jan 12 2007 Karel Zak <kzak@redhat.com> 3.1.5-13
|
||||||
- improve freewstr patch
|
- improve freewstr patch
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user