aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--gnu/local.mk1
-rw-r--r--gnu/packages/patches/pcre2-CVE-2016-3191.patch179
-rw-r--r--gnu/packages/pcre.scm15
3 files changed, 11 insertions, 184 deletions
diff --git a/gnu/local.mk b/gnu/local.mk
index e3bf241c8e..ee40c1bd30 100644
--- a/gnu/local.mk
+++ b/gnu/local.mk
@@ -811,7 +811,6 @@ dist_patch_DATA = \
%D%/packages/patches/patchutils-xfail-gendiff-tests.patch \
%D%/packages/patches/patch-hurd-path-max.patch \
%D%/packages/patches/pcre-CVE-2016-3191.patch \
- %D%/packages/patches/pcre2-CVE-2016-3191.patch \
%D%/packages/patches/perl-autosplit-default-time.patch \
%D%/packages/patches/perl-deterministic-ordering.patch \
%D%/packages/patches/perl-finance-quote-unuse-mozilla-ca.patch \
diff --git a/gnu/packages/patches/pcre2-CVE-2016-3191.patch b/gnu/packages/patches/pcre2-CVE-2016-3191.patch
deleted file mode 100644
index 80f9d3d4f1..0000000000
--- a/gnu/packages/patches/pcre2-CVE-2016-3191.patch
+++ /dev/null
@@ -1,179 +0,0 @@
-Fixes CVE-2016-3191 (remote execution of arbitrary code or denial of
-service (stack-based buffer overflow) via a crafted regular expression).
-
-See <https://bugzilla.redhat.com/show_bug.cgi?id=1311503>.
-
-This is svn r489 at <svn://vcs.exim.org/pcre2/code>, omitting the
-changes to 'testdata/testoutput8-16-4', which does not exist in the
-source tarball.
-
-git-svn-id: svn://vcs.exim.org/pcre2/code/trunk@489 6239d852-aaf2-0410-a92c-79f79f948069
----
- ChangeLog | 4 ++++
- src/pcre2_compile.c | 16 ++++++++++++++--
- testdata/testinput8 | 2 ++
- testdata/testoutput8-16-2 | 3 +++
- testdata/testoutput8-16-3 | 3 +++
- testdata/testoutput8-16-4 | 3 +++
- testdata/testoutput8-32-2 | 3 +++
- testdata/testoutput8-32-3 | 3 +++
- testdata/testoutput8-32-4 | 3 +++
- testdata/testoutput8-8-2 | 3 +++
- testdata/testoutput8-8-3 | 3 +++
- testdata/testoutput8-8-4 | 3 +++
- 12 files changed, 47 insertions(+), 2 deletions(-)
-
-diff --git a/ChangeLog b/ChangeLog
-index 3ce0207..65e333e 100644
---- a/ChangeLog
-+++ b/ChangeLog
-@@ -58,6 +58,10 @@ some head-scratching the next time this happens.
- assertion, caused pcre2test to output a very large number of spaces when the
- callout was taken, making the program appearing to loop.
-
-+12. A pattern that included (*ACCEPT) in the middle of a sufficiently deeply
-+nested set of parentheses of sufficient size caused an overflow of the
-+compiling workspace (which was diagnosed, but of course is not desirable).
-+
-
- Version 10.21 12-January-2016
- -----------------------------
-diff --git a/src/pcre2_compile.c b/src/pcre2_compile.c
-index e33d620..887fbfd 100644
---- a/src/pcre2_compile.c
-+++ b/src/pcre2_compile.c
-@@ -5901,10 +5901,22 @@ for (;; ptr++)
- goto FAILED;
- }
- cb->had_accept = TRUE;
-+
-+ /* In the first pass, just accumulate the length required;
-+ otherwise hitting (*ACCEPT) inside many nested parentheses can
-+ cause workspace overflow. */
-+
- for (oc = cb->open_caps; oc != NULL; oc = oc->next)
- {
-- *code++ = OP_CLOSE;
-- PUT2INC(code, 0, oc->number);
-+ if (lengthptr != NULL)
-+ {
-+ *lengthptr += CU2BYTES(1) + IMM2_SIZE;
-+ }
-+ else
-+ {
-+ *code++ = OP_CLOSE;
-+ PUT2INC(code, 0, oc->number);
-+ }
- }
- setverb = *code++ =
- (cb->assert_depth > 0)? OP_ASSERT_ACCEPT : OP_ACCEPT;
-diff --git a/testdata/testinput8 b/testdata/testinput8
-index ca3b1b9..7e2a1f0 100644
---- a/testdata/testinput8
-+++ b/testdata/testinput8
-@@ -182,4 +182,6 @@
-
- /((?1)(?2)(?3)(?4)(?5)(?6)(?7)(?8)(?9)(?9)(?8)(?7)(?6)(?5)(?4)(?3)(?2)(?1)(?0)){2,}()()()()()()()()()/debug
-
-+/([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00](*ACCEPT)/
-+
- # End of testinput8
-diff --git a/testdata/testoutput8-16-2 b/testdata/testoutput8-16-2
-index 05669bb..a5e8dec 100644
---- a/testdata/testoutput8-16-2
-+++ b/testdata/testoutput8-16-2
-@@ -1027,4 +1027,7 @@ Capturing subpattern count = 10
- May match empty string
- Subject length lower bound = 0
-
-+/([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00](*ACCEPT)/
-+Failed: error 186 at offset 490: regular expression is too complicated
-+
- # End of testinput8
-diff --git a/testdata/testoutput8-16-3 b/testdata/testoutput8-16-3
-index 31884e1..36133b3 100644
---- a/testdata/testoutput8-16-3
-+++ b/testdata/testoutput8-16-3
-@@ -1023,4 +1023,7 @@ Capturing subpattern count = 10
- May match empty string
- Subject length lower bound = 0
-
-+/([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00](*ACCEPT)/
-+Failed: error 114 at offset 509: missing closing parenthesis
-+
- # End of testinput8
-diff --git a/testdata/testoutput8-32-2 b/testdata/testoutput8-32-2
-index babd0c7..99c4fad 100644
---- a/testdata/testoutput8-32-2
-+++ b/testdata/testoutput8-32-2
-@@ -1023,4 +1023,7 @@ Capturing subpattern count = 10
- May match empty string
- Subject length lower bound = 0
-
-+/([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00](*ACCEPT)/
-+Failed: error 114 at offset 509: missing closing parenthesis
-+
- # End of testinput8
-diff --git a/testdata/testoutput8-32-3 b/testdata/testoutput8-32-3
-index babd0c7..99c4fad 100644
---- a/testdata/testoutput8-32-3
-+++ b/testdata/testoutput8-32-3
-@@ -1023,4 +1023,7 @@ Capturing subpattern count = 10
- May match empty string
- Subject length lower bound = 0
-
-+/([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00](*ACCEPT)/
-+Failed: error 114 at offset 509: missing closing parenthesis
-+
- # End of testinput8
-diff --git a/testdata/testoutput8-32-4 b/testdata/testoutput8-32-4
-index babd0c7..99c4fad 100644
---- a/testdata/testoutput8-32-4
-+++ b/testdata/testoutput8-32-4
-@@ -1023,4 +1023,7 @@ Capturing subpattern count = 10
- May match empty string
- Subject length lower bound = 0
-
-+/([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00](*ACCEPT)/
-+Failed: error 114 at offset 509: missing closing parenthesis
-+
- # End of testinput8
-diff --git a/testdata/testoutput8-8-2 b/testdata/testoutput8-8-2
-index 6a9aa0a..6dc1f42 100644
---- a/testdata/testoutput8-8-2
-+++ b/testdata/testoutput8-8-2
-@@ -1026,4 +1026,7 @@ Capturing subpattern count = 10
- May match empty string
- Subject length lower bound = 0
-
-+/([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00](*ACCEPT)/
-+Failed: error 114 at offset 509: missing closing parenthesis
-+
- # End of testinput8
-diff --git a/testdata/testoutput8-8-3 b/testdata/testoutput8-8-3
-index 2fe1168..ae14946 100644
---- a/testdata/testoutput8-8-3
-+++ b/testdata/testoutput8-8-3
-@@ -1024,4 +1024,7 @@ Capturing subpattern count = 10
- May match empty string
- Subject length lower bound = 0
-
-+/([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00](*ACCEPT)/
-+Failed: error 114 at offset 509: missing closing parenthesis
-+
- # End of testinput8
-diff --git a/testdata/testoutput8-8-4 b/testdata/testoutput8-8-4
-index 91993b2..6c79956 100644
---- a/testdata/testoutput8-8-4
-+++ b/testdata/testoutput8-8-4
-@@ -1022,4 +1022,7 @@ Capturing subpattern count = 10
- May match empty string
- Subject length lower bound = 0
-
-+/([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00](*ACCEPT)/
-+Failed: error 114 at offset 509: missing closing parenthesis
-+
- # End of testinput8
---
-2.8.3
-
diff --git a/gnu/packages/pcre.scm b/gnu/packages/pcre.scm
index fe9157af12..8b92e47a4d 100644
--- a/gnu/packages/pcre.scm
+++ b/gnu/packages/pcre.scm
@@ -3,6 +3,7 @@
;;; Copyright © 2014, 2015 Mark H Weaver <mhw@netris.org>
;;; Copyright © 2015 Ricardo Wurmus <rekado@elephly.net>
;;; Copyright © 2016 Leo Famulari <leo@famulari.name>
+;;; Copyright © 2017 Marius Bakke <mbakke@fastmail.com>
;;;
;;; This file is part of GNU Guix.
;;;
@@ -73,16 +74,15 @@ POSIX regular expression API.")
(define-public pcre2
(package
(name "pcre2")
- (version "10.21")
+ (version "10.23")
(source (origin
(method url-fetch)
(uri (string-append "mirror://sourceforge/pcre/pcre2/"
version "/pcre2-" version ".tar.bz2"))
- (patches (search-patches "pcre2-CVE-2016-3191.patch"))
(sha256
(base32
- "1q6lrj9b08l1q39vxipb0fi88x6ybvkr6439h8bjb9r8jd81fsn6"))))
+ "0vn5g0mkkp99mmzpissa06hpyj6pk9s4mlwbjqrjvw3ihy8rpiyz"))))
(build-system gnu-build-system)
(inputs `(("bzip2" ,bzip2)
("readline" ,readline)
@@ -95,7 +95,14 @@ POSIX regular expression API.")
"--enable-unicode-properties"
"--enable-pcre2-16"
"--enable-pcre2-32"
- "--enable-jit")))
+ "--enable-jit")
+ #:phases
+ (modify-phases %standard-phases
+ (add-after 'unpack 'patch-paths
+ (lambda _
+ (substitute* "RunGrepTest"
+ (("/bin/echo") (which "echo")))
+ #t)))))
(synopsis "Perl Compatible Regular Expressions")
(description
"The PCRE library is a set of functions that implement regular expression