From a4410a1e225a4302a87108220e97f1b0343ec723 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Petr=20P=C3=ADsa=C5=99?= Date: Wed, 22 Mar 2017 11:11:46 +0100 Subject: [PATCH] Fix a potential NULL dereference in pcre2_callout_enumerate() if called with a NULL pattern pointer when Unicode support is available --- ...ce-if-pcre2_callout_enumerate-is-cal.patch | 37 +++++++++++++++++++ pcre2.spec | 7 ++++ 2 files changed, 44 insertions(+) create mode 100644 pcre2-10.23-Fix-NULL-deference-if-pcre2_callout_enumerate-is-cal.patch diff --git a/pcre2-10.23-Fix-NULL-deference-if-pcre2_callout_enumerate-is-cal.patch b/pcre2-10.23-Fix-NULL-deference-if-pcre2_callout_enumerate-is-cal.patch new file mode 100644 index 0000000..4e3afb1 --- /dev/null +++ b/pcre2-10.23-Fix-NULL-deference-if-pcre2_callout_enumerate-is-cal.patch @@ -0,0 +1,37 @@ +From d5790ad94d486405ecaac3d8f5796f642e57bf06 Mon Sep 17 00:00:00 2001 +From: ph10 +Date: Tue, 21 Mar 2017 16:31:54 +0000 +Subject: [PATCH] Fix NULL deference if pcre2_callout_enumerate() is called + with a NULL pattern when Unicode support is available (Bugzilla 2076). +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +git-svn-id: svn://vcs.exim.org/pcre2/code/trunk@694 6239d852-aaf2-0410-a92c-79f79f948069 + +Petr Písař: Ported to 10.23. + +diff --git a/src/pcre2_pattern_info.c b/src/pcre2_pattern_info.c +index 0392a0b..5dd8ac5 100644 +--- a/src/pcre2_pattern_info.c ++++ b/src/pcre2_pattern_info.c +@@ -261,11 +261,15 @@ pcre2_real_code *re = (pcre2_real_code *)code; + pcre2_callout_enumerate_block cb; + PCRE2_SPTR cc; + #ifdef SUPPORT_UNICODE +-BOOL utf = (re->overall_options & PCRE2_UTF) != 0; ++BOOL utf; + #endif + + if (re == NULL) return PCRE2_ERROR_NULL; + ++#ifdef SUPPORT_UNICODE ++utf = (re->overall_options & PCRE2_UTF) != 0; ++#endif ++ + /* Check that the first field in the block is the magic number. If it is not, + return with PCRE2_ERROR_BADMAGIC. */ + +-- +2.7.4 + diff --git a/pcre2.spec b/pcre2.spec index faa40cd..5d8a79d 100644 --- a/pcre2.spec +++ b/pcre2.spec @@ -54,6 +54,10 @@ Patch5: pcre2-10.23-Close-serialization-file-in-pcre2test-after-any-erro.pat # Fix a memory leak in pcre2_serialize_decode() when the input is invalid, # upstream bug #2075, in upsream after 10.23. Patch6: pcre2-10.23-Fix-memory-leak-when-deserializing-invalid-data-Bugz.patch +# Fix a potential NULL dereference in pcre2_callout_enumerate() if called with +# a NULL pattern pointer when Unicode support is available, upstream bug #2076, +# in upstream after 10.23 +Patch7: pcre2-10.23-Fix-NULL-deference-if-pcre2_callout_enumerate-is-cal.patch BuildRequires: autoconf BuildRequires: automake BuildRequires: coreutils @@ -136,6 +140,7 @@ Utilities demonstrating PCRE2 capabilities like pcre2grep or pcre2test. %patch4 -p1 %patch5 -p1 %patch6 -p1 +%patch7 -p1 # Because of multilib patch libtoolize --copy --force autoreconf -vif @@ -238,6 +243,8 @@ make %{?_smp_mflags} check VERBOSE=yes - Close serialization file in pcre2test after any error (upstream bug #2074) - Fix a memory leak in pcre2_serialize_decode() when the input is invalid (upstream bug #2075) +- Fix a potential NULL dereference in pcre2_callout_enumerate() if called with + a NULL pattern pointer when Unicode support is available (upstream bug #2076) * Mon Mar 20 2017 Petr Pisar - 10.23-3 - Fix an internal error for a forward reference in a lookbehind with