diff options
-rw-r--r-- | meta/recipes-support/libpcre/libpcre2/CVE-2022-41409.patch | 74 | ||||
-rw-r--r-- | meta/recipes-support/libpcre/libpcre2_10.34.bb | 1 |
2 files changed, 75 insertions, 0 deletions
diff --git a/meta/recipes-support/libpcre/libpcre2/CVE-2022-41409.patch b/meta/recipes-support/libpcre/libpcre2/CVE-2022-41409.patch new file mode 100644 index 0000000000..882277ae73 --- /dev/null +++ b/meta/recipes-support/libpcre/libpcre2/CVE-2022-41409.patch | |||
@@ -0,0 +1,74 @@ | |||
1 | From 94e1c001761373b7d9450768aa15d04c25547a35 Mon Sep 17 00:00:00 2001 | ||
2 | From: Philip Hazel <Philip.Hazel@gmail.com> | ||
3 | Date: Tue, 16 Aug 2022 17:00:45 +0100 | ||
4 | Subject: [PATCH] Diagnose negative repeat value in pcre2test subject line | ||
5 | |||
6 | CVE: CVE-2022-41409 | ||
7 | Upstream-Status: Backport [https://github.com/PCRE2Project/pcre2/commit/94e1c001761373b7d9450768aa15d04c25547a35] | ||
8 | |||
9 | Signed-off-by: Peter Marko <peter.marko@siemens.com> | ||
10 | |||
11 | --- | ||
12 | ChangeLog | 3 +++ | ||
13 | src/pcre2test.c | 4 ++-- | ||
14 | testdata/testinput2 | 3 +++ | ||
15 | testdata/testoutput2 | 4 ++++ | ||
16 | 4 files changed, 12 insertions(+), 2 deletions(-) | ||
17 | |||
18 | diff --git a/ChangeLog b/ChangeLog | ||
19 | index eab50eb7..276eb57a 100644 | ||
20 | --- a/ChangeLog | ||
21 | +++ b/ChangeLog | ||
22 | @@ -7,6 +7,9 @@ fully read in caseless matching. | ||
23 | 24. Fixed an issue affecting recursions in JIT caused by duplicated data | ||
24 | transfers. | ||
25 | |||
26 | +20. A negative repeat value in a pcre2test subject line was not being | ||
27 | +diagnosed, leading to infinite looping. | ||
28 | + | ||
29 | |||
30 | Version 10.34 21-November-2019 | ||
31 | ------------------------------ | ||
32 | diff --git a/src/pcre2test.c b/src/pcre2test.c | ||
33 | index 08f86096..f6f5d66c 100644 | ||
34 | --- a/src/pcre2test.c | ||
35 | +++ b/src/pcre2test.c | ||
36 | @@ -6700,9 +6700,9 @@ while ((c = *p++) != 0) | ||
37 | } | ||
38 | |||
39 | i = (int32_t)li; | ||
40 | - if (i-- == 0) | ||
41 | + if (i-- <= 0) | ||
42 | { | ||
43 | - fprintf(outfile, "** Zero repeat not allowed\n"); | ||
44 | + fprintf(outfile, "** Zero or negative repeat not allowed\n"); | ||
45 | return PR_OK; | ||
46 | } | ||
47 | |||
48 | diff --git a/testdata/testinput2 b/testdata/testinput2 | ||
49 | index 655e519..14e00ed 100644 | ||
50 | --- a/testdata/testinput2 | ||
51 | +++ b/testdata/testinput2 | ||
52 | @@ -5772,4 +5772,7 @@ a)"xI | ||
53 | /(a)?a/I | ||
54 | manm | ||
55 | |||
56 | +-- | ||
57 | + \[X]{-10} | ||
58 | + | ||
59 | # End of testinput2 | ||
60 | diff --git a/testdata/testoutput2 b/testdata/testoutput2 | ||
61 | index c733c12..958f246 100644 | ||
62 | --- a/testdata/testoutput2 | ||
63 | +++ b/testdata/testoutput2 | ||
64 | @@ -17435,6 +17435,10 @@ Subject length lower bound = 1 | ||
65 | manm | ||
66 | 0: a | ||
67 | |||
68 | +-- | ||
69 | + \[X]{-10} | ||
70 | +** Zero or negative repeat not allowed | ||
71 | + | ||
72 | # End of testinput2 | ||
73 | Error -70: PCRE2_ERROR_BADDATA (unknown error number) | ||
74 | Error -62: bad serialized data | ||
diff --git a/meta/recipes-support/libpcre/libpcre2_10.34.bb b/meta/recipes-support/libpcre/libpcre2_10.34.bb index 254badf6f6..3e1b001c32 100644 --- a/meta/recipes-support/libpcre/libpcre2_10.34.bb +++ b/meta/recipes-support/libpcre/libpcre2_10.34.bb | |||
@@ -14,6 +14,7 @@ SRC_URI = "http://downloads.yoctoproject.org/mirror/sources/pcre2-${PV}.tar.bz2 | |||
14 | file://pcre-cross.patch \ | 14 | file://pcre-cross.patch \ |
15 | file://CVE-2022-1586.patch \ | 15 | file://CVE-2022-1586.patch \ |
16 | file://CVE-2022-1587.patch \ | 16 | file://CVE-2022-1587.patch \ |
17 | file://CVE-2022-41409.patch \ | ||
17 | " | 18 | " |
18 | 19 | ||
19 | SRC_URI[md5sum] = "d280b62ded13f9ccf2fac16ee5286366" | 20 | SRC_URI[md5sum] = "d280b62ded13f9ccf2fac16ee5286366" |