From 6439676870ecce7b71fff1a21eb944f911207e24 Mon Sep 17 00:00:00 2001 From: Max Rees Date: Mon, 16 Mar 2020 18:32:38 -0500 Subject: system/pcre2: patch CVE-2019-20454 (#242) --- system/pcre2/APKBUILD | 13 +++++++--- system/pcre2/CVE-2019-20454.patch | 50 +++++++++++++++++++++++++++++++++++++++ 2 files changed, 60 insertions(+), 3 deletions(-) create mode 100644 system/pcre2/CVE-2019-20454.patch (limited to 'system') diff --git a/system/pcre2/APKBUILD b/system/pcre2/APKBUILD index 7bca0e450..4120d0a7b 100644 --- a/system/pcre2/APKBUILD +++ b/system/pcre2/APKBUILD @@ -2,7 +2,7 @@ # Maintainer: pkgname=pcre2 pkgver=10.33 -pkgrel=0 +pkgrel=1 pkgdesc="Perl-compatible regular expression library" url="https://pcre.org" arch="all" @@ -12,7 +12,13 @@ depends_dev="libedit-dev zlib-dev" makedepends="$depends_dev" subpackages="$pkgname-dev $pkgname-doc $pkgname-tools libpcre2-16:_libpcre libpcre2-32:_libpcre" -source="https://ftp.pcre.org/pub/pcre/$pkgname-$pkgver.tar.gz" +source="https://ftp.pcre.org/pub/pcre/$pkgname-$pkgver.tar.gz + CVE-2019-20454.patch + " + +# secfixes: +# 10.33-r1: +# - CVE-2019-20454 case "$CARCH" in s390x) _enable_jit="";; @@ -62,4 +68,5 @@ tools() { mv "$pkgdir"/usr/bin "$subpkgdir"/usr/ } -sha512sums="649983c7725e2fd2451ba89243b4c08c408fc279b7be3b2d225045cced3b0667ff6da4c9dd37510eb9e5aed6478aff54c2dbd1d92f4d0f1174579df9ec2c1882 pcre2-10.33.tar.gz" +sha512sums="649983c7725e2fd2451ba89243b4c08c408fc279b7be3b2d225045cced3b0667ff6da4c9dd37510eb9e5aed6478aff54c2dbd1d92f4d0f1174579df9ec2c1882 pcre2-10.33.tar.gz +07c43ccf130c1ed2b4f97036671f92e9c1d0100fd32c053b448e5dbdf976543c12f74568e37b661db7fbd603e815f5683a59cb2a9f9c307505dca3cb36db8120 CVE-2019-20454.patch" diff --git a/system/pcre2/CVE-2019-20454.patch b/system/pcre2/CVE-2019-20454.patch new file mode 100644 index 000000000..bdec87294 --- /dev/null +++ b/system/pcre2/CVE-2019-20454.patch @@ -0,0 +1,50 @@ +Revision: 1091 +Author: ph10 +Date: Mon May 13 16:26:17 2019 UTC +URL: https://vcs.pcre.org/pcre2?view=revision&revision=1091 + +Fix crash when \X is used without UTF in JIT. + +--- a/testdata/testinput4 2019/05/11 11:43:39 1090 ++++ b/testdata/testinput4 2019/05/13 16:26:17 1091 +@@ -2480,4 +2480,7 @@ + /^(?'אABC'...)(?&אABC)/utf + 123123123456 + ++/\X*/ ++ \xF3aaa\xE4\xEA\xEB\xFEa ++ + # End of testinput4 +--- a/testdata/testoutput4 2019/05/11 11:43:39 1090 ++++ b/testdata/testoutput4 2019/05/13 16:26:17 1091 +@@ -4012,4 +4012,8 @@ + 0: 123123 + 1: 123 + ++/\X*/ ++ \xF3aaa\xE4\xEA\xEB\xFEa ++ 0: \xf3aaa\xe4\xea\xeb\xfea ++ + # End of testinput4 + +Revision: 1092 +Author: ph10 +Date: Mon May 13 16:38:18 2019 UTC +URL: https://vcs.pcre.org/pcre2?view=revision&revision=1092 + +Forgot this file in previous commit. Fixes JIT non-UTF bug. + +--- a/src/pcre2_jit_compile.c 2019/05/13 16:26:17 1091 ++++ b/src/pcre2_jit_compile.c 2019/05/13 16:38:18 1092 +@@ -8571,7 +8571,10 @@ + PCRE2_SPTR bptr; + uint32_t c; + +-GETCHARINC(c, cc); ++/* Patch by PH */ ++/* GETCHARINC(c, cc); */ ++ ++c = *cc++; + #if PCRE2_CODE_UNIT_WIDTH == 32 + if (c >= 0x110000) + return NULL; -- cgit v1.2.3-70-g09d2