rpms/icu
5
0
Fork 0
Code Issues Pull Requests Releases Activity

Update to 60.2

Browse Source
This commit is contained in:
Pete Walter 2017-12-14 14:28:33 +00:00
parent e38c7fb2e1
commit 8b2dd11a06
4 changed files with 7 additions and 213 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
icu.spec
View File

@ -1,13 +1,13 @@
#%%global debugtrace 1 #%%global debugtrace 1
Name: icu Name: icu
Version: 60.1 Version: 60.2
Release: 2%{?dist} Release: 1%{?dist}
Summary: International Components for Unicode Summary: International Components for Unicode
License: MIT and UCD and Public Domain License: MIT and UCD and Public Domain
URL: http://www.icu-project.org/ URL: http://www.icu-project.org/
Source0: http://download.icu-project.org/files/icu4c/60.1/icu4c-60_1-src.tgz Source0: http://download.icu-project.org/files/icu4c/60.2/icu4c-60_2-src.tgz
Source1: icu-config.sh Source1: icu-config.sh
BuildRequires: doxygen, autoconf, python BuildRequires: doxygen, autoconf, python
@ -15,8 +15,6 @@ Requires: lib%{name}%{?_isa} = %{version}-%{release}
Patch4: gennorm2-man.patch Patch4: gennorm2-man.patch
Patch5: icuinfo-man.patch Patch5: icuinfo-man.patch
Patch6: rhbz1524820-icu-changeset-40714.patch
Patch7: rhbz1524820-icu-changeset-40715.patch
Patch100: armv7hl-disable-tests.patch Patch100: armv7hl-disable-tests.patch
%description %description
@ -60,8 +58,6 @@ BuildArch: noarch
%setup -q -n %{name} %setup -q -n %{name}
%patch4 -p1 -b .gennorm2-man.patch %patch4 -p1 -b .gennorm2-man.patch
%patch5 -p1 -b .icuinfo-man.patch %patch5 -p1 -b .icuinfo-man.patch
%patch6 -p3 -b .rhbz1524820-icu-changeset-40714.patch
%patch7 -p3 -b .rhbz1524820-icu-changeset-40715.patch
%ifarch armv7hl %ifarch armv7hl
%patch100 -p1 -b .armv7hl-disable-tests.patch %patch100 -p1 -b .armv7hl-disable-tests.patch
%endif %endif
@ -189,6 +185,9 @@ LD_LIBRARY_PATH=lib:stubdata:tools/ctestfw:$LD_LIBRARY_PATH bin/uconv -l
%changelog %changelog
* Thu Dec 14 2017 Pete Walter <pwalter@fedoraproject.org> - 60.2-1
- Update to 60.2
* Thu Dec 14 2017 Eike Rathke <erack@redhat.com> - 60.1-2 * Thu Dec 14 2017 Eike Rathke <erack@redhat.com> - 60.1-2
- Resolves: rhbz#1524820 CVE-2017-17484 - Resolves: rhbz#1524820 CVE-2017-17484

128
rhbz1524820-icu-changeset-40714.patch
View File

@ -1,128 +0,0 @@
# CVE-2017-17484
# https://bugzilla.redhat.com/show_bug.cgi?id=1524820
# https://ssl.icu-project.org/trac/ticket/13510
# https://ssl.icu-project.org/trac/changeset/40714
Index: /trunk/icu4c/source/common/ucnv_u8.cpp
===================================================================
--- /trunk/icu4c/source/common/ucnv_u8.cpp (revision 40713)
+++ /trunk/icu4c/source/common/ucnv_u8.cpp (revision 40714)
@@ -29,4 +29,5 @@
#include "unicode/utf8.h"
#include "unicode/utf16.h"
+#include "uassert.h"
#include "ucnv_bld.h"
#include "ucnv_cnv.h"
@@ -695,5 +696,7 @@
// the source length and the target capacity.
// Let the standard converter handle edge cases.
+ const uint8_t *limit=sourceLimit;
if(count>targetCapacity) {
+ limit-=(count-targetCapacity);
count=targetCapacity;
}
@@ -708,9 +711,9 @@
int32_t length=count-toULimit;
if(length>0) {
- uint8_t b1=*(sourceLimit-1);
+ uint8_t b1=*(limit-1);
if(U8_IS_SINGLE(b1)) {
// common ASCII character
} else if(U8_IS_TRAIL(b1) && length>=2) {
- uint8_t b2=*(sourceLimit-2);
+ uint8_t b2=*(limit-2);
if(0xe0<=b2 && b2<0xf0 && U8_IS_VALID_LEAD3_AND_T1(b2, b1)) {
// truncated 3-byte sequence
@@ -826,4 +829,5 @@
}
}
+ U_ASSERT(count>=0);
if(U_SUCCESS(*pErrorCode) && source<sourceLimit) {
Index: /trunk/icu4c/source/test/intltest/convtest.cpp
===================================================================
--- /trunk/icu4c/source/test/intltest/convtest.cpp (revision 40713)
+++ /trunk/icu4c/source/test/intltest/convtest.cpp (revision 40714)
@@ -69,19 +69,14 @@
ConversionTest::runIndexedTest(int32_t index, UBool exec, const char *&name, char * /*par*/) {
if (exec) logln("TestSuite ConversionTest: ");
- switch (index) {
+ TESTCASE_AUTO_BEGIN;
#if !UCONFIG_NO_FILE_IO
- case 0: name="TestToUnicode"; if (exec) TestToUnicode(); break;
- case 1: name="TestFromUnicode"; if (exec) TestFromUnicode(); break;
- case 2: name="TestGetUnicodeSet"; if (exec) TestGetUnicodeSet(); break;
- case 3: name="TestDefaultIgnorableCallback"; if (exec) TestDefaultIgnorableCallback(); break;
-#else
- case 0:
- case 1:
- case 2:
- case 3: name="skip"; break;
+ TESTCASE_AUTO(TestToUnicode);
+ TESTCASE_AUTO(TestFromUnicode);
+ TESTCASE_AUTO(TestGetUnicodeSet);
#endif
- case 4: name="TestGetUnicodeSet2"; if (exec) TestGetUnicodeSet2(); break;
- default: name=""; break; //needed to end loop
- }
+ TESTCASE_AUTO(TestGetUnicodeSet2);
+ TESTCASE_AUTO(TestDefaultIgnorableCallback);
+ TESTCASE_AUTO(TestUTF8ToUTF8Overflow);
+ TESTCASE_AUTO_END;
}
@@ -724,4 +719,45 @@
}
+void
+ConversionTest::TestUTF8ToUTF8Overflow() {
+ IcuTestErrorCode errorCode(*this, "TestUTF8ToUTF8Overflow");
+ LocalUConverterPointer cnv1(ucnv_open("UTF-8", errorCode));
+ LocalUConverterPointer cnv2(ucnv_open("UTF-8", errorCode));
+ static const char *text = "aä";
+ const char *source = text;
+ const char *sourceLimit = text + strlen(text);
+ char result[20];
+ char *target = result;
+ const char *targetLimit = result + sizeof(result);
+ UChar buffer16[20];
+ UChar *pivotSource = buffer16;
+ UChar *pivotTarget = buffer16;
+ const UChar *pivotLimit = buffer16 + UPRV_LENGTHOF(buffer16);
+
+ // Convert with insufficient target capacity.
+ result[2] = 5;
+ ucnv_convertEx(cnv2.getAlias(), cnv1.getAlias(),
+ &target, result + 2, &source, sourceLimit,
+ buffer16, &pivotSource, &pivotTarget, pivotLimit,
+ FALSE, FALSE, errorCode);
+ assertEquals("overflow", U_BUFFER_OVERFLOW_ERROR, errorCode.reset());
+ int32_t length = (int32_t)(target - result);
+ assertEquals("number of bytes written", 2, length);
+ assertEquals("next byte not clobbered", 5, result[2]);
+
+ // Convert the rest and flush.
+ ucnv_convertEx(cnv2.getAlias(), cnv1.getAlias(),
+ &target, targetLimit, &source, sourceLimit,
+ buffer16, &pivotSource, &pivotTarget, pivotLimit,
+ FALSE, TRUE, errorCode);
+
+ assertSuccess("UTF-8->UTF-8", errorCode);
+ length = (int32_t)(target - result);
+ assertEquals("3 bytes", 3, length);
+ if (length == 3) {
+ assertTrue("result same as input", memcmp(text, result, length) == 0);
+ }
+}
+
// open testdata or ICU data converter ------------------------------------- ***
Index: /trunk/icu4c/source/test/intltest/convtest.h
===================================================================
--- /trunk/icu4c/source/test/intltest/convtest.h (revision 40713)
+++ /trunk/icu4c/source/test/intltest/convtest.h (revision 40714)
@@ -77,4 +77,5 @@
void TestGetUnicodeSet2();
void TestDefaultIgnorableCallback();
+ void TestUTF8ToUTF8Overflow();
private:

77
rhbz1524820-icu-changeset-40715.patch
View File

@ -1,77 +0,0 @@
# CVE-2017-17484
# https://bugzilla.redhat.com/show_bug.cgi?id=1524820
# https://ssl.icu-project.org/trac/ticket/13510
# https://ssl.icu-project.org/trac/changeset/40715
Index: /trunk/icu4c/source/common/ucnv_u8.cpp
===================================================================
--- /trunk/icu4c/source/common/ucnv_u8.cpp (revision 40714)
+++ /trunk/icu4c/source/common/ucnv_u8.cpp (revision 40715)
@@ -815,5 +815,5 @@
/* copy the legal byte sequence to the target */
- {
+ if(count>=toULength) {
int8_t i;
@@ -826,4 +826,12 @@
}
count-=toULength;
+ } else {
+ // A supplementary character that does not fit into the target.
+ // Let the standard converter handle this.
+ source-=(toULength-oldToULength);
+ pToUArgs->source=(char *)source;
+ pFromUArgs->target=(char *)target;
+ *pErrorCode=U_USING_DEFAULT_WARNING;
+ return;
}
}
Index: /trunk/icu4c/source/test/intltest/convtest.cpp
===================================================================
--- /trunk/icu4c/source/test/intltest/convtest.cpp (revision 40714)
+++ /trunk/icu4c/source/test/intltest/convtest.cpp (revision 40715)
@@ -724,5 +724,5 @@
LocalUConverterPointer cnv1(ucnv_open("UTF-8", errorCode));
LocalUConverterPointer cnv2(ucnv_open("UTF-8", errorCode));
- static const char *text = "aä";
+ static const char *text = "aä"; // ä: 2 bytes
const char *source = text;
const char *sourceLimit = text + strlen(text);
@@ -757,4 +757,37 @@
if (length == 3) {
assertTrue("result same as input", memcmp(text, result, length) == 0);
+ }
+
+ ucnv_reset(cnv1.getAlias());
+ ucnv_reset(cnv2.getAlias());
+ memset(result, 0, sizeof(result));
+ static const char *text2 = "a🚲"; // U+1F6B2 bicycle: 4 bytes
+ source = text2;
+ sourceLimit = text2 + strlen(text2);
+ target = result;
+ pivotSource = pivotTarget = buffer16;
+
+ // Convert with insufficient target capacity.
+ result[3] = 5;
+ ucnv_convertEx(cnv2.getAlias(), cnv1.getAlias(),
+ &target, result + 3, &source, sourceLimit,
+ buffer16, &pivotSource, &pivotTarget, pivotLimit,
+ FALSE, FALSE, errorCode);
+ assertEquals("text2 overflow", U_BUFFER_OVERFLOW_ERROR, errorCode.reset());
+ length = (int32_t)(target - result);
+ assertEquals("text2 number of bytes written", 3, length);
+ assertEquals("text2 next byte not clobbered", 5, result[3]);
+
+ // Convert the rest and flush.
+ ucnv_convertEx(cnv2.getAlias(), cnv1.getAlias(),
+ &target, targetLimit, &source, sourceLimit,
+ buffer16, &pivotSource, &pivotTarget, pivotLimit,
+ FALSE, TRUE, errorCode);
+
+ assertSuccess("text2 UTF-8->UTF-8", errorCode);
+ length = (int32_t)(target - result);
+ assertEquals("text2 5 bytes", 5, length);
+ if (length == 5) {
+ assertTrue("text2 result same as input", memcmp(text2, result, length) == 0);
}
}

2
sources
View File

@ -1,2 +1,2 @@
SHA512 (icu4c-60_1-src.tgz) = a6798f70add1b3bac2197a49e09a0bb636279af7019ce572f63a30ab713e09657ee9d9b20aac7ea806fbb84667ca2eca981411e5053b47c3c705aa496a669233 SHA512 (icu4c-60_2-src.tgz) = 8e718e66c13e7f25714404c46b91ed6305efff1df70c328be2ec743023a7719016dae72a5fa0a05d6f5599983590a2044ff72d3453a048d987ab546d0416d694
SHA512 (icu-config.sh) = f4f01fa393d279b9123655296aaf51629f7a25707827882c4886e3fc286671b52a8afb50e77a0d7a29fa029a5dcbf021584efdca79385760c4602a6f8835ce9c SHA512 (icu-config.sh) = f4f01fa393d279b9123655296aaf51629f7a25707827882c4886e3fc286671b52a8afb50e77a0d7a29fa029a5dcbf021584efdca79385760c4602a6f8835ce9c