pcre2/pcre2-10.33-Fix-use-after-free-and-compilation-error-in-JIT.patch

From 2a182963f0b897ea898693771b885a5cead47826 Mon Sep 17 00:00:00 2001
From: zherczeg <zherczeg@6239d852-aaf2-0410-a92c-79f79f948069>
Date: Sun, 6 Oct 2019 03:36:20 +0000
Subject: [PATCH] Fix use after free and compilation error in JIT.
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

git-svn-id: svn://vcs.exim.org/pcre2/code/trunk@1175 6239d852-aaf2-0410-a92c-79f79f948069
Petr Písař: Ported to 10.33.

Signed-off-by: Petr Písař <ppisar@redhat.com>
---
 src/pcre2_jit_compile.c | 10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)

diff --git a/src/pcre2_jit_compile.c b/src/pcre2_jit_compile.c
index bd423a7..aea563d 100644
--- a/src/pcre2_jit_compile.c
+++ b/src/pcre2_jit_compile.c
@@ -13749,7 +13749,7 @@ if (SLJIT_UNLIKELY(sljit_get_compiler_error(compiler)))
   sljit_free_compiler(compiler);
   SLJIT_FREE(common->optimized_cbracket, allocator_data);
   SLJIT_FREE(common->private_data_ptrs, allocator_data);
-  PRIV(jit_free_rodata)(common->read_only_data_head, compiler->allocator_data);
+  PRIV(jit_free_rodata)(common->read_only_data_head, allocator_data);
   return PCRE2_ERROR_NOMEMORY;
   }
 
@@ -13803,7 +13803,7 @@ if (SLJIT_UNLIKELY(sljit_get_compiler_error(compiler)))
   sljit_free_compiler(compiler);
   SLJIT_FREE(common->optimized_cbracket, allocator_data);
   SLJIT_FREE(common->private_data_ptrs, allocator_data);
-  PRIV(jit_free_rodata)(common->read_only_data_head, compiler->allocator_data);
+  PRIV(jit_free_rodata)(common->read_only_data_head, allocator_data);
   return PCRE2_ERROR_NOMEMORY;
   }
 
@@ -13892,7 +13892,7 @@ while (common->currententry != NULL)
     sljit_free_compiler(compiler);
     SLJIT_FREE(common->optimized_cbracket, allocator_data);
     SLJIT_FREE(common->private_data_ptrs, allocator_data);
-    PRIV(jit_free_rodata)(common->read_only_data_head, compiler->allocator_data);
+    PRIV(jit_free_rodata)(common->read_only_data_head, allocator_data);
     return PCRE2_ERROR_NOMEMORY;
     }
   flush_stubs(common);
@@ -14044,7 +14044,7 @@ while (label_addr != NULL)
 sljit_free_compiler(compiler);
 if (executable_func == NULL)
   {
-  PRIV(jit_free_rodata)(common->read_only_data_head, compiler->allocator_data);
+  PRIV(jit_free_rodata)(common->read_only_data_head, allocator_data);
   return PCRE2_ERROR_NOMEMORY;
   }
 
@@ -14059,7 +14059,7 @@ else
     /* This case is highly unlikely since we just recently
     freed a lot of memory. Not impossible though. */
     sljit_free_code(executable_func);
-    PRIV(jit_free_rodata)(common->read_only_data_head, compiler->allocator_data);
+    PRIV(jit_free_rodata)(common->read_only_data_head, allocator_data);
     return PCRE2_ERROR_NOMEMORY;
     }
   memset(functions, 0, sizeof(executable_functions));
-- 
2.21.0
Fix a use after free when freeing JIT memory 2019-10-29 16:00:32 +00:00			`From 2a182963f0b897ea898693771b885a5cead47826 Mon Sep 17 00:00:00 2001`
			`From: zherczeg <zherczeg@6239d852-aaf2-0410-a92c-79f79f948069>`
			`Date: Sun, 6 Oct 2019 03:36:20 +0000`
			`Subject: [PATCH] Fix use after free and compilation error in JIT.`
			`MIME-Version: 1.0`
			`Content-Type: text/plain; charset=UTF-8`
			`Content-Transfer-Encoding: 8bit`

			`git-svn-id: svn://vcs.exim.org/pcre2/code/trunk@1175 6239d852-aaf2-0410-a92c-79f79f948069`
			`Petr Písař: Ported to 10.33.`

			`Signed-off-by: Petr Písař <ppisar@redhat.com>`
			`---`
			`src/pcre2_jit_compile.c \| 10 +++++-----`
			`1 file changed, 5 insertions(+), 5 deletions(-)`

			`diff --git a/src/pcre2_jit_compile.c b/src/pcre2_jit_compile.c`
			`index bd423a7..aea563d 100644`
			`--- a/src/pcre2_jit_compile.c`
			`+++ b/src/pcre2_jit_compile.c`
			`@@ -13749,7 +13749,7 @@ if (SLJIT_UNLIKELY(sljit_get_compiler_error(compiler)))`
			`sljit_free_compiler(compiler);`
			`SLJIT_FREE(common->optimized_cbracket, allocator_data);`
			`SLJIT_FREE(common->private_data_ptrs, allocator_data);`
			`- PRIV(jit_free_rodata)(common->read_only_data_head, compiler->allocator_data);`
			`+ PRIV(jit_free_rodata)(common->read_only_data_head, allocator_data);`
			`return PCRE2_ERROR_NOMEMORY;`
			`}`

			`@@ -13803,7 +13803,7 @@ if (SLJIT_UNLIKELY(sljit_get_compiler_error(compiler)))`
			`sljit_free_compiler(compiler);`
			`SLJIT_FREE(common->optimized_cbracket, allocator_data);`
			`SLJIT_FREE(common->private_data_ptrs, allocator_data);`
			`- PRIV(jit_free_rodata)(common->read_only_data_head, compiler->allocator_data);`
			`+ PRIV(jit_free_rodata)(common->read_only_data_head, allocator_data);`
			`return PCRE2_ERROR_NOMEMORY;`
			`}`

			`@@ -13892,7 +13892,7 @@ while (common->currententry != NULL)`
			`sljit_free_compiler(compiler);`
			`SLJIT_FREE(common->optimized_cbracket, allocator_data);`
			`SLJIT_FREE(common->private_data_ptrs, allocator_data);`
			`- PRIV(jit_free_rodata)(common->read_only_data_head, compiler->allocator_data);`
			`+ PRIV(jit_free_rodata)(common->read_only_data_head, allocator_data);`
			`return PCRE2_ERROR_NOMEMORY;`
			`}`
			`flush_stubs(common);`
			`@@ -14044,7 +14044,7 @@ while (label_addr != NULL)`
			`sljit_free_compiler(compiler);`
			`if (executable_func == NULL)`
			`{`
			`- PRIV(jit_free_rodata)(common->read_only_data_head, compiler->allocator_data);`
			`+ PRIV(jit_free_rodata)(common->read_only_data_head, allocator_data);`
			`return PCRE2_ERROR_NOMEMORY;`
			`}`

			`@@ -14059,7 +14059,7 @@ else`
			`/* This case is highly unlikely since we just recently`
			`freed a lot of memory. Not impossible though. */`
			`sljit_free_code(executable_func);`
			`- PRIV(jit_free_rodata)(common->read_only_data_head, compiler->allocator_data);`
			`+ PRIV(jit_free_rodata)(common->read_only_data_head, allocator_data);`
			`return PCRE2_ERROR_NOMEMORY;`
			`}`
			`memset(functions, 0, sizeof(executable_functions));`
			`--`
			`2.21.0`