Fix an infinite loop when a single-byte newline is search in JIT if an invalid UTF-8 mode is enabled
This commit is contained in:
parent
2208fa9576
commit
2a84c20cef
@ -0,0 +1,157 @@
|
|||||||
|
From 58040c3b15f966857eef0b35885800f0805e7c7a Mon Sep 17 00:00:00 2001
|
||||||
|
From: zherczeg <zherczeg@6239d852-aaf2-0410-a92c-79f79f948069>
|
||||||
|
Date: Fri, 29 May 2020 14:20:23 +0000
|
||||||
|
Subject: [PATCH] Fix inifinite loop when a single byte newline is searched in
|
||||||
|
JIT.
|
||||||
|
MIME-Version: 1.0
|
||||||
|
Content-Type: text/plain; charset=UTF-8
|
||||||
|
Content-Transfer-Encoding: 8bit
|
||||||
|
|
||||||
|
git-svn-id: svn://vcs.exim.org/pcre2/code/trunk@1258 6239d852-aaf2-0410-a92c-79f79f948069
|
||||||
|
Petr Písař: Ported to 10.35.
|
||||||
|
---
|
||||||
|
src/pcre2_jit_compile.c | 9 ++++++++-
|
||||||
|
src/pcre2_jit_test.c | 38 +++++++++++++++++++++++++-------------
|
||||||
|
|
||||||
|
diff --git a/src/pcre2_jit_compile.c b/src/pcre2_jit_compile.c
|
||||||
|
index 33ad7e6..4a3ddd8 100644
|
||||||
|
--- a/src/pcre2_jit_compile.c
|
||||||
|
+++ b/src/pcre2_jit_compile.c
|
||||||
|
@@ -4578,7 +4578,14 @@ if (common->nltype != NLTYPE_ANY)
|
||||||
|
/* All newlines are ascii, just skip intermediate octets. */
|
||||||
|
jump[0] = CMP(SLJIT_GREATER_EQUAL, STR_PTR, 0, STR_END, 0);
|
||||||
|
loop = LABEL();
|
||||||
|
- OP1(MOV_UCHAR, TMP2, 0, SLJIT_MEM1(STR_PTR), IN_UCHARS(0));
|
||||||
|
+ if (sljit_emit_mem(compiler, MOV_UCHAR | SLJIT_MEM_SUPP | SLJIT_MEM_POST, TMP2, SLJIT_MEM1(STR_PTR), IN_UCHARS(1)) == SLJIT_SUCCESS)
|
||||||
|
+ sljit_emit_mem(compiler, MOV_UCHAR | SLJIT_MEM_POST, TMP2, SLJIT_MEM1(STR_PTR), IN_UCHARS(1));
|
||||||
|
+ else
|
||||||
|
+ {
|
||||||
|
+ OP1(MOV_UCHAR, TMP2, 0, SLJIT_MEM1(STR_PTR), IN_UCHARS(0));
|
||||||
|
+ OP2(SLJIT_ADD, STR_PTR, 0, STR_PTR, 0, SLJIT_IMM, IN_UCHARS(1));
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
OP2(SLJIT_AND, TMP2, 0, TMP2, 0, SLJIT_IMM, 0xc0);
|
||||||
|
CMPTO(SLJIT_EQUAL, TMP2, 0, SLJIT_IMM, 0x80, loop);
|
||||||
|
OP2(SLJIT_SUB, STR_PTR, 0, STR_PTR, 0, SLJIT_IMM, IN_UCHARS(1));
|
||||||
|
diff --git a/src/pcre2_jit_test.c b/src/pcre2_jit_test.c
|
||||||
|
index a29fffa..16dade7 100644
|
||||||
|
--- a/src/pcre2_jit_test.c
|
||||||
|
+++ b/src/pcre2_jit_test.c
|
||||||
|
@@ -1831,7 +1831,9 @@ struct invalid_utf8_regression_test_case {
|
||||||
|
const char *input;
|
||||||
|
};
|
||||||
|
|
||||||
|
-static struct invalid_utf8_regression_test_case invalid_utf8_regression_test_cases[] = {
|
||||||
|
+static const char invalid_utf8_newline_cr;
|
||||||
|
+
|
||||||
|
+static const struct invalid_utf8_regression_test_case invalid_utf8_regression_test_cases[] = {
|
||||||
|
{ UDA, CI, 0, 0, 0, 0, 4, { ".", NULL }, "\xf4\x8f\xbf\xbf" },
|
||||||
|
{ UDA, CI, 0, 0, 0, 0, 4, { ".", NULL }, "\xf0\x90\x80\x80" },
|
||||||
|
{ UDA, CI, 0, 0, 0, -1, -1, { ".", NULL }, "\xf4\x90\x80\x80" },
|
||||||
|
@@ -1974,6 +1976,8 @@ static struct invalid_utf8_regression_test_case invalid_utf8_regression_test_cas
|
||||||
|
{ 0, PCRE2_JIT_COMPLETE, 0, 0, 1, -1, -1, { "\\X{2}", NULL }, "\r\n\n" },
|
||||||
|
{ 0, PCRE2_JIT_COMPLETE, 0, 0, 1, -1, -1, { "\\R{2}", NULL }, "\r\n\n" },
|
||||||
|
|
||||||
|
+ { PCRE2_UTF | PCRE2_MULTILINE, CI, 0, 0, 0, -1, -1, { "^.a", &invalid_utf8_newline_cr }, "\xc3\xa7#a" },
|
||||||
|
+
|
||||||
|
{ 0, 0, 0, 0, 0, 0, 0, { NULL, NULL }, NULL }
|
||||||
|
};
|
||||||
|
|
||||||
|
@@ -1981,7 +1985,7 @@ static struct invalid_utf8_regression_test_case invalid_utf8_regression_test_cas
|
||||||
|
#undef CI
|
||||||
|
#undef CPI
|
||||||
|
|
||||||
|
-static int run_invalid_utf8_test(struct invalid_utf8_regression_test_case *current,
|
||||||
|
+static int run_invalid_utf8_test(const struct invalid_utf8_regression_test_case *current,
|
||||||
|
int pattern_index, int i, pcre2_compile_context_8 *ccontext, pcre2_match_data_8 *mdata)
|
||||||
|
{
|
||||||
|
pcre2_code_8 *code;
|
||||||
|
@@ -2034,7 +2038,7 @@ static int run_invalid_utf8_test(struct invalid_utf8_regression_test_case *curre
|
||||||
|
|
||||||
|
static int invalid_utf8_regression_tests(void)
|
||||||
|
{
|
||||||
|
- struct invalid_utf8_regression_test_case *current;
|
||||||
|
+ const struct invalid_utf8_regression_test_case *current;
|
||||||
|
pcre2_compile_context_8 *ccontext;
|
||||||
|
pcre2_match_data_8 *mdata;
|
||||||
|
int total = 0, successful = 0;
|
||||||
|
@@ -2051,10 +2055,18 @@ static int invalid_utf8_regression_tests(void)
|
||||||
|
total++;
|
||||||
|
|
||||||
|
result = 1;
|
||||||
|
- if (!run_invalid_utf8_test(current, total - 1, 0, ccontext, mdata))
|
||||||
|
- result = 0;
|
||||||
|
- if (!run_invalid_utf8_test(current, total - 1, 1, ccontext, mdata))
|
||||||
|
- result = 0;
|
||||||
|
+ if (current->pattern[1] != &invalid_utf8_newline_cr)
|
||||||
|
+ {
|
||||||
|
+ if (!run_invalid_utf8_test(current, total - 1, 0, ccontext, mdata))
|
||||||
|
+ result = 0;
|
||||||
|
+ if (!run_invalid_utf8_test(current, total - 1, 1, ccontext, mdata))
|
||||||
|
+ result = 0;
|
||||||
|
+ } else {
|
||||||
|
+ pcre2_set_newline_8(ccontext, PCRE2_NEWLINE_CR);
|
||||||
|
+ if (!run_invalid_utf8_test(current, total - 1, 0, ccontext, mdata))
|
||||||
|
+ result = 0;
|
||||||
|
+ pcre2_set_newline_8(ccontext, PCRE2_NEWLINE_ANY);
|
||||||
|
+ }
|
||||||
|
|
||||||
|
if (result) {
|
||||||
|
successful++;
|
||||||
|
@@ -2128,7 +2140,7 @@ static PCRE2_UCHAR16 test16_10[] = { ' ', 0xdc00, 0xd800, 0x2028, '#', 0 };
|
||||||
|
static PCRE2_UCHAR16 test16_11[] = { 0xdc00, 0xdc00, 0xd800, 0xdc00, 0xdc00, '#', 0xd800, 0xdc00, '#', 0 };
|
||||||
|
static PCRE2_UCHAR16 test16_12[] = { '#', 0xd800, 0xdc00, 0xd800, '#', 0xd800, 0xdc00, 0xdc00, 0xdc00, '#', 0xd800, 0xdc00, '#', 0 };
|
||||||
|
|
||||||
|
-static struct invalid_utf16_regression_test_case invalid_utf16_regression_test_cases[] = {
|
||||||
|
+static const struct invalid_utf16_regression_test_case invalid_utf16_regression_test_cases[] = {
|
||||||
|
{ UDA, CI, 0, 0, 0, 0, 1, { allany16, NULL }, test16_1 },
|
||||||
|
{ UDA, CI, 1, 0, 0, 1, 2, { allany16, NULL }, test16_1 },
|
||||||
|
{ UDA, CI, 2, 0, 0, 2, 3, { allany16, NULL }, test16_1 },
|
||||||
|
@@ -2182,7 +2194,7 @@ static struct invalid_utf16_regression_test_case invalid_utf16_regression_test_c
|
||||||
|
#undef CI
|
||||||
|
#undef CPI
|
||||||
|
|
||||||
|
-static int run_invalid_utf16_test(struct invalid_utf16_regression_test_case *current,
|
||||||
|
+static int run_invalid_utf16_test(const struct invalid_utf16_regression_test_case *current,
|
||||||
|
int pattern_index, int i, pcre2_compile_context_16 *ccontext, pcre2_match_data_16 *mdata)
|
||||||
|
{
|
||||||
|
pcre2_code_16 *code;
|
||||||
|
@@ -2242,7 +2254,7 @@ static int run_invalid_utf16_test(struct invalid_utf16_regression_test_case *cur
|
||||||
|
|
||||||
|
static int invalid_utf16_regression_tests(void)
|
||||||
|
{
|
||||||
|
- struct invalid_utf16_regression_test_case *current;
|
||||||
|
+ const struct invalid_utf16_regression_test_case *current;
|
||||||
|
pcre2_compile_context_16 *ccontext;
|
||||||
|
pcre2_match_data_16 *mdata;
|
||||||
|
int total = 0, successful = 0;
|
||||||
|
@@ -2329,7 +2341,7 @@ static PCRE2_UCHAR32 test32_4[] = { '#', 0x10ffff, 0x110000, 0 };
|
||||||
|
static PCRE2_UCHAR32 test32_5[] = { ' ', 0x2028, '#', 0 };
|
||||||
|
static PCRE2_UCHAR32 test32_6[] = { ' ', 0x110000, 0x2028, '#', 0 };
|
||||||
|
|
||||||
|
-static struct invalid_utf32_regression_test_case invalid_utf32_regression_test_cases[] = {
|
||||||
|
+static const struct invalid_utf32_regression_test_case invalid_utf32_regression_test_cases[] = {
|
||||||
|
{ UDA, CI, 0, 0, 0, 0, 1, { allany32, NULL }, test32_1 },
|
||||||
|
{ UDA, CI, 2, 0, 0, -1, -1, { allany32, NULL }, test32_1 },
|
||||||
|
{ UDA, CI, 0, 0, 0, 0, 1, { allany32, NULL }, test32_2 },
|
||||||
|
@@ -2369,7 +2381,7 @@ static struct invalid_utf32_regression_test_case invalid_utf32_regression_test_c
|
||||||
|
#undef CI
|
||||||
|
#undef CPI
|
||||||
|
|
||||||
|
-static int run_invalid_utf32_test(struct invalid_utf32_regression_test_case *current,
|
||||||
|
+static int run_invalid_utf32_test(const struct invalid_utf32_regression_test_case *current,
|
||||||
|
int pattern_index, int i, pcre2_compile_context_32 *ccontext, pcre2_match_data_32 *mdata)
|
||||||
|
{
|
||||||
|
pcre2_code_32 *code;
|
||||||
|
@@ -2429,7 +2441,7 @@ static int run_invalid_utf32_test(struct invalid_utf32_regression_test_case *cur
|
||||||
|
|
||||||
|
static int invalid_utf32_regression_tests(void)
|
||||||
|
{
|
||||||
|
- struct invalid_utf32_regression_test_case *current;
|
||||||
|
+ const struct invalid_utf32_regression_test_case *current;
|
||||||
|
pcre2_compile_context_32 *ccontext;
|
||||||
|
pcre2_match_data_32 *mdata;
|
||||||
|
int total = 0, successful = 0;
|
||||||
|
--
|
||||||
|
2.25.4
|
||||||
|
|
10
pcre2.spec
10
pcre2.spec
@ -9,7 +9,7 @@
|
|||||||
#%%global rcversion RC1
|
#%%global rcversion RC1
|
||||||
Name: pcre2
|
Name: pcre2
|
||||||
Version: 10.35
|
Version: 10.35
|
||||||
Release: %{?rcversion:0.}2%{?rcversion:.%rcversion}%{?dist}
|
Release: %{?rcversion:0.}3%{?rcversion:.%rcversion}%{?dist}
|
||||||
%global myversion %{version}%{?rcversion:-%rcversion}
|
%global myversion %{version}%{?rcversion:-%rcversion}
|
||||||
Summary: Perl-compatible regular expression library
|
Summary: Perl-compatible regular expression library
|
||||||
# the library: BSD with exceptions
|
# the library: BSD with exceptions
|
||||||
@ -57,6 +57,9 @@ Patch1: pcre2-10.35-Apply-H.J.-Lu-s-patch-to-pass-mshstk-to-the-compiler.pat
|
|||||||
# 2/2 Enable shadow stack built-in functions if -fcf-protection compiler flag is
|
# 2/2 Enable shadow stack built-in functions if -fcf-protection compiler flag is
|
||||||
# used, upstream bug #2578, in upstream after 10.35
|
# used, upstream bug #2578, in upstream after 10.35
|
||||||
Patch2: pcre2-10.35-Fix-previous-commit-include-CET_CFLAGS-in-16-bit-and.patch
|
Patch2: pcre2-10.35-Fix-previous-commit-include-CET_CFLAGS-in-16-bit-and.patch
|
||||||
|
# Fix an infinite loop when a single-byte newline is search in JIT if an
|
||||||
|
# invalid UTF-8 mode is enabled, upstream bug #2581, in upstream after 10.35
|
||||||
|
Patch3: pcre2-10.35-Fix-inifinite-loop-when-a-single-byte-newline-is-sea.patch
|
||||||
BuildRequires: autoconf
|
BuildRequires: autoconf
|
||||||
BuildRequires: automake
|
BuildRequires: automake
|
||||||
BuildRequires: coreutils
|
BuildRequires: coreutils
|
||||||
@ -150,6 +153,7 @@ Utilities demonstrating PCRE2 capabilities like pcre2grep or pcre2test.
|
|||||||
%patch0 -p1
|
%patch0 -p1
|
||||||
%patch1 -p1
|
%patch1 -p1
|
||||||
%patch2 -p1
|
%patch2 -p1
|
||||||
|
%patch3 -p1
|
||||||
# Because of multilib patch
|
# Because of multilib patch
|
||||||
libtoolize --copy --force
|
libtoolize --copy --force
|
||||||
autoreconf -vif
|
autoreconf -vif
|
||||||
@ -263,6 +267,10 @@ make %{?_smp_mflags} check VERBOSE=yes
|
|||||||
%{_mandir}/man1/pcre2test.*
|
%{_mandir}/man1/pcre2test.*
|
||||||
|
|
||||||
%changelog
|
%changelog
|
||||||
|
* Tue Jun 02 2020 Petr Pisar <ppisar@redhat.com> - 10.35-3
|
||||||
|
- Fix an infinite loop when a single-byte newline is search in JIT if an
|
||||||
|
invalid UTF-8 mode is enabled (upstream bug #2581)
|
||||||
|
|
||||||
* Wed May 27 2020 Petr Pisar <ppisar@redhat.com> - 10.35-2
|
* Wed May 27 2020 Petr Pisar <ppisar@redhat.com> - 10.35-2
|
||||||
- Enable shadow stack built-in functions if -fcf-protection compiler flag is
|
- Enable shadow stack built-in functions if -fcf-protection compiler flag is
|
||||||
used by patching a build script (upstream bug #2578)
|
used by patching a build script (upstream bug #2578)
|
||||||
|
Loading…
Reference in New Issue
Block a user