From 7302af99cca13878b57faa9b3e05c6f51bb7cb09 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Petr=20P=C3=ADsa=C5=99?= Date: Tue, 29 Oct 2019 17:15:53 +0100 Subject: [PATCH] Fix thread-safeness in regexec() --- ...s-thread-safe-to-avoid-sanitizer-war.patch | 37 ++++++++++ ...-error-offset-bug-introduced-at-1176.patch | 70 +++++++++++++++++++ pcre2.spec | 7 ++ 3 files changed, 114 insertions(+) create mode 100644 pcre2-10.33-Ensure-regexec-is-thread-safe-to-avoid-sanitizer-war.patch create mode 100644 pcre2-10.33-Fix-error-offset-bug-introduced-at-1176.patch diff --git a/pcre2-10.33-Ensure-regexec-is-thread-safe-to-avoid-sanitizer-war.patch b/pcre2-10.33-Ensure-regexec-is-thread-safe-to-avoid-sanitizer-war.patch new file mode 100644 index 0000000..dcad6ab --- /dev/null +++ b/pcre2-10.33-Ensure-regexec-is-thread-safe-to-avoid-sanitizer-war.patch @@ -0,0 +1,37 @@ +From 9835bbc7fbb3423163dc49e7d822dad2b135e192 Mon Sep 17 00:00:00 2001 +From: ph10 +Date: Tue, 15 Oct 2019 10:46:36 +0000 +Subject: [PATCH] Ensure regexec is thread safe to avoid sanitizer warnings. +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +git-svn-id: svn://vcs.exim.org/pcre2/code/trunk@1176 6239d852-aaf2-0410-a92c-79f79f948069 +Petr Písař: Ported to 10.33. +--- + src/pcre2posix.c | 3 +-- + +diff --git a/src/pcre2posix.c b/src/pcre2posix.c +index 34a8d80..b24620a 100644 +--- a/src/pcre2posix.c ++++ b/src/pcre2posix.c +@@ -323,6 +323,7 @@ if (preg->re_pcre2_code == NULL) + PCRE2_INFO_CAPTURECOUNT, &re_nsub); + preg->re_nsub = (size_t)re_nsub; + preg->re_match_data = pcre2_match_data_create(re_nsub + 1, NULL); ++preg->re_erroffset = (size_t)(-1); /* No meaning after successful compile */ + + if (preg->re_match_data == NULL) + { +@@ -356,8 +357,6 @@ if ((eflags & REG_NOTBOL) != 0) options |= PCRE2_NOTBOL; + if ((eflags & REG_NOTEOL) != 0) options |= PCRE2_NOTEOL; + if ((eflags & REG_NOTEMPTY) != 0) options |= PCRE2_NOTEMPTY; + +-((regex_t *)preg)->re_erroffset = (size_t)(-1); /* Only has meaning after compile */ +- + /* When REG_NOSUB was specified, or if no vector has been passed in which to + put captured strings, ensure that nmatch is zero. This will stop any attempt to + write to pmatch. */ +-- +2.21.0 + diff --git a/pcre2-10.33-Fix-error-offset-bug-introduced-at-1176.patch b/pcre2-10.33-Fix-error-offset-bug-introduced-at-1176.patch new file mode 100644 index 0000000..3336e39 --- /dev/null +++ b/pcre2-10.33-Fix-error-offset-bug-introduced-at-1176.patch @@ -0,0 +1,70 @@ +From 00acf0e2f3f01a3057fc099c60e4f530d744619b Mon Sep 17 00:00:00 2001 +From: ph10 +Date: Wed, 16 Oct 2019 17:12:13 +0000 +Subject: [PATCH] Fix error offset bug introduced at 1176. +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +git-svn-id: svn://vcs.exim.org/pcre2/code/trunk@1179 6239d852-aaf2-0410-a92c-79f79f948069 +Petr Písař: Ported to 10.33. + +Signed-off-by: Petr Písař +--- + src/pcre2_match.c | 4 ++++ + testdata/testinput10 | 6 ++++++ + testdata/testoutput10 | 10 ++++++++++ + 3 files changed, 20 insertions(+) + +diff --git a/src/pcre2_match.c b/src/pcre2_match.c +index 9f34e20..cca4d3a 100644 +--- a/src/pcre2_match.c ++++ b/src/pcre2_match.c +@@ -6186,6 +6186,10 @@ if ((match_data->flags & PCRE2_MD_COPIED_SUBJECT) != 0) + } + match_data->subject = NULL; + ++/* Zero the error offset in case the first code unit is invalid UTF. */ ++ ++match_data->startchar = 0; ++ + /* If the pattern was successfully studied with JIT support, run the JIT + executable instead of the rest of this function. Most options must be set at + compile time for the JIT code to be usable. Fallback to the normal code path if +diff --git a/testdata/testinput10 b/testdata/testinput10 +index 4399f82..19d2f2f 100644 +--- a/testdata/testinput10 ++++ b/testdata/testinput10 +@@ -493,4 +493,10 @@ + + /(?(á/utf + ++/x/utf ++ abxyz ++ \x80\=startchar ++ abc\x80\=startchar ++ abc\x80\=startchar,offset=3 ++ + # End of testinput10 +diff --git a/testdata/testoutput10 b/testdata/testoutput10 +index dfecda1..dd91c45 100644 +--- a/testdata/testoutput10 ++++ b/testdata/testoutput10 +@@ -1651,4 +1651,14 @@ Failed: error 142 at offset 4: syntax error in subpattern name (missing terminat + /(?(á/utf + Failed: error 142 at offset 5: syntax error in subpattern name (missing terminator?) + ++/x/utf ++ abxyz ++ 0: x ++ \x80\=startchar ++Failed: error -22: UTF-8 error: isolated byte with 0x80 bit set at offset 0 ++ abc\x80\=startchar ++Failed: error -22: UTF-8 error: isolated byte with 0x80 bit set at offset 3 ++ abc\x80\=startchar,offset=3 ++Error -36 (bad UTF-8 offset) ++ + # End of testinput10 +-- +2.21.0 + diff --git a/pcre2.spec b/pcre2.spec index c454182..9375362 100644 --- a/pcre2.spec +++ b/pcre2.spec @@ -100,6 +100,10 @@ Patch16: pcre2-10.33-Add-underflow-check-in-JIT.patch # Fix a use after free when freeing JIT memory, upstream bug #2453, # in upstream after 10.33 Patch17: pcre2-10.33-Fix-use-after-free-and-compilation-error-in-JIT.patch +# 1/2 Fix thread-safeness in regexec(), in upstream after 10.33 +Patch18: pcre2-10.33-Ensure-regexec-is-thread-safe-to-avoid-sanitizer-war.patch +# 2/2 Fix thread-safeness in regexec(), in upstream after 10.33 +Patch19: pcre2-10.33-Fix-error-offset-bug-introduced-at-1176.patch BuildRequires: autoconf BuildRequires: automake BuildRequires: coreutils @@ -195,6 +199,8 @@ Utilities demonstrating PCRE2 capabilities like pcre2grep or pcre2test. %patch15 -p1 %patch16 -p1 %patch17 -p1 +%patch18 -p1 +%patch19 -p1 # Because of multilib patch libtoolize --copy --force autoreconf -vif @@ -295,6 +301,7 @@ make %{?_smp_mflags} check VERBOSE=yes %changelog * Tue Oct 29 2019 Petr Pisar - 10.33-15 - Fix a use after free when freeing JIT memory (upstream bug #2453) +- Fix thread-safeness in regexec() * Mon Sep 09 2019 Petr Pisar - 10.33-14 - Fix a crash in JIT match when a subject has a zero length and an invalid