re2c: update to 2.0

CVE patch dropped as a backport present in the nre release. RP: Remove dropped CVE patch (From OE-Core rev: aec5bccc175e8ec7422095abe8ea86f99f74ad50) Signed-off-by: Oleksandr Kravchuk <open.source@oleksandr-kravchuk.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
author: Oleksandr Kravchuk <open.source@oleksandr-kravchuk.com> 2020-07-26 21:42:13 +0200
committer: Richard Purdie <richard.purdie@linuxfoundation.org> 2020-07-27 19:58:09 +0100
commit: 9e5dfa356cd3dc296e199088cabef4ed1e27421b (patch)
tree: eba3ed05b6e94d6dadfe0f4d61d454de2feee73d /meta
parent: 68dc5f24a770df29c7923af37f0726b7451cec18 (diff)
download: poky-9e5dfa356cd3dc296e199088cabef4ed1e27421b.tar.gz
2 files changed, 2 insertions, 45 deletions
diff --git a/meta/recipes-support/re2c/re2c/CVE-2020-11958.patch b/meta/recipes-support/re2c/re2c/CVE-2020-11958.patch
deleted file mode 100644
index 43462e642a..0000000000
--- a/meta/recipes-support/re2c/re2c/CVE-2020-11958.patch
+++ /dev/null
@@ -1,41 +0,0 @@
-From c4603ba5ce229db83a2a4fb93e6d4b4e3ec3776a Mon Sep 17 00:00:00 2001
-From: Ulya Trofimovich <skvadrik@gmail.com>
-Date: Fri, 17 Apr 2020 22:47:14 +0100
-Subject: [PATCH] Fix crash in lexer refill (reported by Agostino Sarubbo).
-The crash happened in a rare case of a very long lexeme that doen't fit
-into the buffer, forcing buffer reallocation.
-The crash was caused by an incorrect calculation of the shift offset
-(it was smaller than necessary). As a consequence, the data from buffer
-start and up to the beginning of the current lexeme was not discarded
-(as it should have been), resulting in less free space for new data than
-expected.
-Upstream-Status: Backport [https://github.com/skvadrik/re2c/commit/c4603ba5ce229db83a2a4fb93e6d4b4e3ec3776a]
-CVE: CVE-2020-11958
-Signed-off-by: Lee Chee Yang <chee.yang.lee@intel.com>
---
- src/parse/scanner.cc | 3 ++-
- 1 file changed, 2 insertions(+), 1 deletion(-)
-diff --git a/src/parse/scanner.cc b/src/parse/scanner.cc
-index 1d6e9efa..bd651314 100644
--- a/src/parse/scanner.cc
-+++ b/src/parse/scanner.cc
-@@ -155,13 +155,14 @@ bool Scanner::fill(size_t need)
-         if (!buf) fatal("out of memory");
- 
-         memmove(buf, tok, copy);
-        shift_ptrs_and_fpos(buf - bot);
-+        shift_ptrs_and_fpos(buf - tok);
-         delete [] bot;
-         bot = buf;
- 
-         free = BSIZE - copy;
-     }
- 
-+    DASSERT(lim + free <= bot + BSIZE);
-     if (!read(free)) {
-         eof = lim;
-         memset(lim, 0, YYMAXFILL);
diff --git a/meta/recipes-support/re2c/re2c_1.3.bb b/meta/recipes-support/re2c/re2c_2.0.bb
index e9053acdf6..b73b024072 100644
--- a/meta/recipes-support/re2c/re2c_1.3.bb
+++ b/meta/recipes-support/re2c/re2c_2.0.bb
@@ -5,10 +5,8 @@ SECTION = "devel"
 LICENSE = "PD"
 LIC_FILES_CHKSUM = "file://LICENSE;md5=64eca4d8a3b67f9dc7656094731a2c8d"
-SRC_URI = "https://github.com/skvadrik/re2c/releases/download/${PV}/${BPN}-${PV}.tar.xz \
+SRC_URI = "https://github.com/skvadrik/re2c/releases/download/${PV}/${BPN}-${PV}.tar.xz"
-           file://CVE-2020-11958.patch \
+SRC_URI[sha256sum] = "89a9d7ee14be10e3779ea7b2c8ea4a964afce6e76b8dbcd5479940681db46d20"
-"
-SRC_URI[sha256sum] = "f37f25ff760e90088e7d03d1232002c2c2672646d5844fdf8e0d51a5cd75a503"
 UPSTREAM_CHECK_URI = "https://github.com/skvadrik/re2c/releases"
 BBCLASSEXTEND = "native nativesdk"
author	Oleksandr Kravchuk <open.source@oleksandr-kravchuk.com>	2020-07-26 21:42:13 +0200
committer	Richard Purdie <richard.purdie@linuxfoundation.org>	2020-07-27 19:58:09 +0100
commit	9e5dfa356cd3dc296e199088cabef4ed1e27421b (patch)
tree	eba3ed05b6e94d6dadfe0f4d61d454de2feee73d /meta
parent	68dc5f24a770df29c7923af37f0726b7451cec18 (diff)
download	poky-9e5dfa356cd3dc296e199088cabef4ed1e27421b.tar.gz

diff --git a/meta/recipes-support/re2c/re2c/CVE-2020-11958.patch b/meta/recipes-support/re2c/re2c/CVE-2020-11958.patch deleted file mode 100644 index 43462e642a..0000000000 --- a/meta/recipes-support/re2c/re2c/CVE-2020-11958.patch +++ /dev/null
@@ -1,41 +0,0 @@
1	From c4603ba5ce229db83a2a4fb93e6d4b4e3ec3776a Mon Sep 17 00:00:00 2001
2	From: Ulya Trofimovich <skvadrik@gmail.com>
3	Date: Fri, 17 Apr 2020 22:47:14 +0100
4	Subject: [PATCH] Fix crash in lexer refill (reported by Agostino Sarubbo).
5
6	The crash happened in a rare case of a very long lexeme that doen't fit
7	into the buffer, forcing buffer reallocation.
8
9	The crash was caused by an incorrect calculation of the shift offset
10	(it was smaller than necessary). As a consequence, the data from buffer
11	start and up to the beginning of the current lexeme was not discarded
12	(as it should have been), resulting in less free space for new data than
13	expected.
14
15	Upstream-Status: Backport [https://github.com/skvadrik/re2c/commit/c4603ba5ce229db83a2a4fb93e6d4b4e3ec3776a]
16	CVE: CVE-2020-11958
17	Signed-off-by: Lee Chee Yang <chee.yang.lee@intel.com>
18	---
19	src/parse/scanner.cc \| 3 ++-
20	1 file changed, 2 insertions(+), 1 deletion(-)
21
22	diff --git a/src/parse/scanner.cc b/src/parse/scanner.cc
23	index 1d6e9efa..bd651314 100644
24	--- a/src/parse/scanner.cc
25	+++ b/src/parse/scanner.cc
26	@@ -155,13 +155,14 @@ bool Scanner::fill(size_t need)
27	if (!buf) fatal("out of memory");
28
29	memmove(buf, tok, copy);
30	- shift_ptrs_and_fpos(buf - bot);
31	+ shift_ptrs_and_fpos(buf - tok);
32	delete [] bot;
33	bot = buf;
34
35	free = BSIZE - copy;
36	}
37
38	+ DASSERT(lim + free <= bot + BSIZE);
39	if (!read(free)) {
40	eof = lim;
41	memset(lim, 0, YYMAXFILL);


diff --git a/meta/recipes-support/re2c/re2c_1.3.bb b/meta/recipes-support/re2c/re2c_2.0.bb index e9053acdf6..b73b024072 100644 --- a/meta/recipes-support/re2c/re2c_1.3.bb +++ b/meta/recipes-support/re2c/re2c_2.0.bb
@@ -5,10 +5,8 @@ SECTION = "devel"
5	LICENSE = "PD"	5	LICENSE = "PD"
6	LIC_FILES_CHKSUM = "file://LICENSE;md5=64eca4d8a3b67f9dc7656094731a2c8d"	6	LIC_FILES_CHKSUM = "file://LICENSE;md5=64eca4d8a3b67f9dc7656094731a2c8d"
7		7
8	SRC_URI = "https://github.com/skvadrik/re2c/releases/download/${PV}/${BPN}-${PV}.tar.xz \	8	SRC_URI = "https://github.com/skvadrik/re2c/releases/download/${PV}/${BPN}-${PV}.tar.xz"
9	file://CVE-2020-11958.patch \	9	SRC_URI[sha256sum] = "89a9d7ee14be10e3779ea7b2c8ea4a964afce6e76b8dbcd5479940681db46d20"
10	"
11	SRC_URI[sha256sum] = "f37f25ff760e90088e7d03d1232002c2c2672646d5844fdf8e0d51a5cd75a503"
12	UPSTREAM_CHECK_URI = "https://github.com/skvadrik/re2c/releases"	10	UPSTREAM_CHECK_URI = "https://github.com/skvadrik/re2c/releases"
13		11
14	BBCLASSEXTEND = "native nativesdk"	12	BBCLASSEXTEND = "native nativesdk"