diff options
Diffstat (limited to 'meta/recipes-support/libpcre')
7 files changed, 829 insertions, 44 deletions
diff --git a/meta/recipes-support/libpcre/libpcre/fix-pcre-name-collision.patch b/meta/recipes-support/libpcre/libpcre/fix-pcre-name-collision.patch deleted file mode 100644 index 89b44f6aa6..0000000000 --- a/meta/recipes-support/libpcre/libpcre/fix-pcre-name-collision.patch +++ /dev/null | |||
@@ -1,41 +0,0 @@ | |||
1 | Upstream-Status: Inappropriate [debian patch] | ||
2 | |||
3 | This patch address a namespace collision with libc. | ||
4 | |||
5 | Although there is no "#include <regex.h>" in the source file, at | ||
6 | runtime, it's unintentionally linked to the libc version, the regcomp of | ||
7 | libc is called instead the pcre one using pcre's data structure... | ||
8 | that looks like a disaster. | ||
9 | |||
10 | Can patch is from Debian (and Ubuntu 11.04alpha has it also). | ||
11 | |||
12 | [sgw: added patch comment] | ||
13 | Signed-off-by: Qing He <qing.he@intel.com> | ||
14 | Signed-off-by: Saul Wold <sgw@linux.intel.com> | ||
15 | |||
16 | --- a/pcreposix.h 2010-05-17 00:17:23.000000000 +0800 | ||
17 | +++ b/pcreposix.h 2009-01-15 04:32:17.000000000 +0800 | ||
18 | @@ -133,14 +130,19 @@ | ||
19 | |||
20 | /* The functions */ | ||
21 | |||
22 | -PCREPOSIX_EXP_DECL int regcomp(regex_t *, const char *, int); | ||
23 | -PCREPOSIX_EXP_DECL int regexec(const regex_t *, const char *, size_t, | ||
24 | +PCREPOSIX_EXP_DECL int pcreposix_regcomp(regex_t *, const char *, int); | ||
25 | +PCREPOSIX_EXP_DECL int pcreposix_regexec(const regex_t *, const char *, size_t, | ||
26 | regmatch_t *, int); | ||
27 | -PCREPOSIX_EXP_DECL size_t regerror(int, const regex_t *, char *, size_t); | ||
28 | -PCREPOSIX_EXP_DECL void regfree(regex_t *); | ||
29 | +PCREPOSIX_EXP_DECL size_t pcreposix_regerror(int, const regex_t *, char *, size_t); | ||
30 | +PCREPOSIX_EXP_DECL void pcreposix_regfree(regex_t *); | ||
31 | |||
32 | #ifdef __cplusplus | ||
33 | } /* extern "C" */ | ||
34 | #endif | ||
35 | |||
36 | +#define regcomp pcreposix_regcomp | ||
37 | +#define regexec pcreposix_regexec | ||
38 | +#define regerror pcreposix_regerror | ||
39 | +#define regfree pcreposix_regfree | ||
40 | + | ||
41 | #endif /* End of pcreposix.h */ | ||
diff --git a/meta/recipes-support/libpcre/libpcre2/CVE-2022-1586-regression.patch b/meta/recipes-support/libpcre/libpcre2/CVE-2022-1586-regression.patch new file mode 100644 index 0000000000..42ee417fe7 --- /dev/null +++ b/meta/recipes-support/libpcre/libpcre2/CVE-2022-1586-regression.patch | |||
@@ -0,0 +1,30 @@ | |||
1 | From 5d1e62b0155292b994aa1c96d4ed8ce4346ef4c2 Mon Sep 17 00:00:00 2001 | ||
2 | From: Zoltan Herczeg <hzmester@freemail.hu> | ||
3 | Date: Thu, 24 Mar 2022 05:34:42 +0000 | ||
4 | Subject: [PATCH] Fix incorrect value reading in JIT. | ||
5 | |||
6 | CVE: CVE-2022-1586 | ||
7 | Upstream-Status: Backport [https://github.com/PCRE2Project/pcre2/commit/d4fa336fbcc3] | ||
8 | |||
9 | (cherry picked from commit d4fa336fbcc388f89095b184ba6d99422cfc676c) | ||
10 | Signed-off-by: Shinu Chandran <shinucha@cisco.com> | ||
11 | --- | ||
12 | src/pcre2_jit_compile.c | 2 +- | ||
13 | 1 file changed, 1 insertion(+), 1 deletion(-) | ||
14 | |||
15 | diff --git a/src/pcre2_jit_compile.c b/src/pcre2_jit_compile.c | ||
16 | index 493c96d..fa57942 100644 | ||
17 | --- a/src/pcre2_jit_compile.c | ||
18 | +++ b/src/pcre2_jit_compile.c | ||
19 | @@ -7188,7 +7188,7 @@ while (*cc != XCL_END) | ||
20 | { | ||
21 | SLJIT_ASSERT(*cc == XCL_PROP || *cc == XCL_NOTPROP); | ||
22 | cc++; | ||
23 | - if (*cc == PT_CLIST && *cc == XCL_PROP) | ||
24 | + if (*cc == PT_CLIST && cc[-1] == XCL_PROP) | ||
25 | { | ||
26 | other_cases = PRIV(ucd_caseless_sets) + cc[1]; | ||
27 | while (*other_cases != NOTACHAR) | ||
28 | -- | ||
29 | 2.25.1 | ||
30 | |||
diff --git a/meta/recipes-support/libpcre/libpcre2/CVE-2022-1586.patch b/meta/recipes-support/libpcre/libpcre2/CVE-2022-1586.patch new file mode 100644 index 0000000000..fbbbc9ca77 --- /dev/null +++ b/meta/recipes-support/libpcre/libpcre2/CVE-2022-1586.patch | |||
@@ -0,0 +1,59 @@ | |||
1 | From 233c4248550d0c1d9bfee42198d5ee0855b7d413 Mon Sep 17 00:00:00 2001 | ||
2 | From: Hitendra Prajapati <hprajapati@mvista.com> | ||
3 | Date: Mon, 23 May 2022 13:52:39 +0530 | ||
4 | Subject: [PATCH] CVE-2022-1586 | ||
5 | |||
6 | Upstream-Status: Backport from https://github.com/PCRE2Project/pcre2/commit/50a51cb7e67268e6ad417eb07c9de9bfea5cc55a | ||
7 | |||
8 | Signed-off-by: Hitendra Prajapati <hprajapati@mvista.com> | ||
9 | --- | ||
10 | ChangeLog | 3 +++ | ||
11 | src/pcre2_jit_compile.c | 2 +- | ||
12 | src/pcre2_jit_test.c | 4 ++++ | ||
13 | 3 files changed, 8 insertions(+), 1 deletion(-) | ||
14 | |||
15 | diff --git a/ChangeLog b/ChangeLog | ||
16 | index 0926c29..b5d72dc 100644 | ||
17 | --- a/ChangeLog | ||
18 | +++ b/ChangeLog | ||
19 | @@ -1,6 +1,9 @@ | ||
20 | Change Log for PCRE2 | ||
21 | -------------------- | ||
22 | |||
23 | +23. Fixed a unicode properrty matching issue in JIT. The character was not | ||
24 | +fully read in caseless matching. | ||
25 | + | ||
26 | |||
27 | Version 10.34 21-November-2019 | ||
28 | ------------------------------ | ||
29 | diff --git a/src/pcre2_jit_compile.c b/src/pcre2_jit_compile.c | ||
30 | index f564127..5d43865 100644 | ||
31 | --- a/src/pcre2_jit_compile.c | ||
32 | +++ b/src/pcre2_jit_compile.c | ||
33 | @@ -7119,7 +7119,7 @@ while (*cc != XCL_END) | ||
34 | { | ||
35 | SLJIT_ASSERT(*cc == XCL_PROP || *cc == XCL_NOTPROP); | ||
36 | cc++; | ||
37 | - if (*cc == PT_CLIST) | ||
38 | + if (*cc == PT_CLIST && *cc == XCL_PROP) | ||
39 | { | ||
40 | other_cases = PRIV(ucd_caseless_sets) + cc[1]; | ||
41 | while (*other_cases != NOTACHAR) | ||
42 | diff --git a/src/pcre2_jit_test.c b/src/pcre2_jit_test.c | ||
43 | index a9b3880..9df87fd 100644 | ||
44 | --- a/src/pcre2_jit_test.c | ||
45 | +++ b/src/pcre2_jit_test.c | ||
46 | @@ -408,6 +408,10 @@ static struct regression_test_case regression_test_cases[] = { | ||
47 | { MUP, A, 0, 0 | F_PROPERTY, "[\xc3\xa2-\xc3\xa6\xc3\x81-\xc3\x84\xe2\x80\xa8-\xe2\x80\xa9\xe6\x92\xad\\p{Zs}]{2,}", "\xe2\x80\xa7\xe2\x80\xa9\xe6\x92\xad \xe6\x92\xae" }, | ||
48 | { MUP, A, 0, 0 | F_PROPERTY, "[\\P{L&}]{2}[^\xc2\x85-\xc2\x89\\p{Ll}\\p{Lu}]{2}", "\xc3\xa9\xe6\x92\xad.a\xe6\x92\xad|\xc2\x8a#" }, | ||
49 | { PCRE2_UCP, 0, 0, 0 | F_PROPERTY, "[a-b\\s]{2,5}[^a]", "AB baaa" }, | ||
50 | + { MUP, 0, 0, 0 | F_NOMATCH, "[^\\p{Hangul}\\p{Z}]", " " }, | ||
51 | + { MUP, 0, 0, 0, "[\\p{Lu}\\P{Latin}]+", "c\xEA\xA4\xAE,A,b" }, | ||
52 | + { MUP, 0, 0, 0, "[\\x{a92e}\\p{Lu}\\P{Latin}]+", "c\xEA\xA4\xAE,A,b" }, | ||
53 | + { CMUP, 0, 0, 0, "[^S]\\B", "\xe2\x80\x8a" }, | ||
54 | |||
55 | /* Possible empty brackets. */ | ||
56 | { MU, A, 0, 0, "(?:|ab||bc|a)+d", "abcxabcabd" }, | ||
57 | -- | ||
58 | 2.25.1 | ||
59 | |||
diff --git a/meta/recipes-support/libpcre/libpcre2/CVE-2022-1587.patch b/meta/recipes-support/libpcre/libpcre2/CVE-2022-1587.patch new file mode 100644 index 0000000000..70f9f9f079 --- /dev/null +++ b/meta/recipes-support/libpcre/libpcre2/CVE-2022-1587.patch | |||
@@ -0,0 +1,660 @@ | |||
1 | From aa5aac0d209e3debf80fc2db924d9401fc50454b Mon Sep 17 00:00:00 2001 | ||
2 | From: Hitendra Prajapati <hprajapati@mvista.com> | ||
3 | Date: Mon, 23 May 2022 14:11:11 +0530 | ||
4 | Subject: [PATCH] CVE-2022-1587 | ||
5 | |||
6 | Upstream-Status: Backport [https://github.com/PCRE2Project/pcre2/commit/03654e751e7f0700693526b67dfcadda6b42c9d0] | ||
7 | CVE: CVE-2022-1587 | ||
8 | Signed-off-by: Hitendra Prajapati <hprajapati@mvista.com> | ||
9 | |||
10 | --- | ||
11 | ChangeLog | 3 + | ||
12 | src/pcre2_jit_compile.c | 290 ++++++++++++++++++++++++++-------------- | ||
13 | src/pcre2_jit_test.c | 1 + | ||
14 | 3 files changed, 194 insertions(+), 100 deletions(-) | ||
15 | |||
16 | diff --git a/ChangeLog b/ChangeLog | ||
17 | index b5d72dc..de82de9 100644 | ||
18 | --- a/ChangeLog | ||
19 | +++ b/ChangeLog | ||
20 | @@ -4,6 +4,9 @@ Change Log for PCRE2 | ||
21 | 23. Fixed a unicode properrty matching issue in JIT. The character was not | ||
22 | fully read in caseless matching. | ||
23 | |||
24 | +24. Fixed an issue affecting recursions in JIT caused by duplicated data | ||
25 | +transfers. | ||
26 | + | ||
27 | |||
28 | Version 10.34 21-November-2019 | ||
29 | ------------------------------ | ||
30 | diff --git a/src/pcre2_jit_compile.c b/src/pcre2_jit_compile.c | ||
31 | index 5d43865..493c96d 100644 | ||
32 | --- a/src/pcre2_jit_compile.c | ||
33 | +++ b/src/pcre2_jit_compile.c | ||
34 | @@ -407,6 +407,9 @@ typedef struct compiler_common { | ||
35 | /* Locals used by fast fail optimization. */ | ||
36 | sljit_s32 fast_fail_start_ptr; | ||
37 | sljit_s32 fast_fail_end_ptr; | ||
38 | + /* Variables used by recursive call generator. */ | ||
39 | + sljit_s32 recurse_bitset_size; | ||
40 | + uint8_t *recurse_bitset; | ||
41 | |||
42 | /* Flipped and lower case tables. */ | ||
43 | const sljit_u8 *fcc; | ||
44 | @@ -2109,19 +2112,39 @@ for (i = 0; i < RECURSE_TMP_REG_COUNT; i++) | ||
45 | |||
46 | #undef RECURSE_TMP_REG_COUNT | ||
47 | |||
48 | +static BOOL recurse_check_bit(compiler_common *common, sljit_sw bit_index) | ||
49 | +{ | ||
50 | +uint8_t *byte; | ||
51 | +uint8_t mask; | ||
52 | + | ||
53 | +SLJIT_ASSERT((bit_index & (sizeof(sljit_sw) - 1)) == 0); | ||
54 | + | ||
55 | +bit_index >>= SLJIT_WORD_SHIFT; | ||
56 | + | ||
57 | +mask = 1 << (bit_index & 0x7); | ||
58 | +byte = common->recurse_bitset + (bit_index >> 3); | ||
59 | + | ||
60 | +if (*byte & mask) | ||
61 | + return FALSE; | ||
62 | + | ||
63 | +*byte |= mask; | ||
64 | +return TRUE; | ||
65 | +} | ||
66 | + | ||
67 | static int get_recurse_data_length(compiler_common *common, PCRE2_SPTR cc, PCRE2_SPTR ccend, | ||
68 | BOOL *needs_control_head, BOOL *has_quit, BOOL *has_accept) | ||
69 | { | ||
70 | int length = 1; | ||
71 | -int size; | ||
72 | +int size, offset; | ||
73 | PCRE2_SPTR alternative; | ||
74 | BOOL quit_found = FALSE; | ||
75 | BOOL accept_found = FALSE; | ||
76 | BOOL setsom_found = FALSE; | ||
77 | BOOL setmark_found = FALSE; | ||
78 | -BOOL capture_last_found = FALSE; | ||
79 | BOOL control_head_found = FALSE; | ||
80 | |||
81 | +memset(common->recurse_bitset, 0, common->recurse_bitset_size); | ||
82 | + | ||
83 | #if defined DEBUG_FORCE_CONTROL_HEAD && DEBUG_FORCE_CONTROL_HEAD | ||
84 | SLJIT_ASSERT(common->control_head_ptr != 0); | ||
85 | control_head_found = TRUE; | ||
86 | @@ -2144,15 +2167,17 @@ while (cc < ccend) | ||
87 | setsom_found = TRUE; | ||
88 | if (common->mark_ptr != 0) | ||
89 | setmark_found = TRUE; | ||
90 | - if (common->capture_last_ptr != 0) | ||
91 | - capture_last_found = TRUE; | ||
92 | + if (common->capture_last_ptr != 0 && recurse_check_bit(common, common->capture_last_ptr)) | ||
93 | + length++; | ||
94 | cc += 1 + LINK_SIZE; | ||
95 | break; | ||
96 | |||
97 | case OP_KET: | ||
98 | - if (PRIVATE_DATA(cc) != 0) | ||
99 | + offset = PRIVATE_DATA(cc); | ||
100 | + if (offset != 0) | ||
101 | { | ||
102 | - length++; | ||
103 | + if (recurse_check_bit(common, offset)) | ||
104 | + length++; | ||
105 | SLJIT_ASSERT(PRIVATE_DATA(cc + 1) != 0); | ||
106 | cc += PRIVATE_DATA(cc + 1); | ||
107 | } | ||
108 | @@ -2169,39 +2194,55 @@ while (cc < ccend) | ||
109 | case OP_SBRA: | ||
110 | case OP_SBRAPOS: | ||
111 | case OP_SCOND: | ||
112 | - length++; | ||
113 | SLJIT_ASSERT(PRIVATE_DATA(cc) != 0); | ||
114 | + if (recurse_check_bit(common, PRIVATE_DATA(cc))) | ||
115 | + length++; | ||
116 | cc += 1 + LINK_SIZE; | ||
117 | break; | ||
118 | |||
119 | case OP_CBRA: | ||
120 | case OP_SCBRA: | ||
121 | - length += 2; | ||
122 | - if (common->capture_last_ptr != 0) | ||
123 | - capture_last_found = TRUE; | ||
124 | - if (common->optimized_cbracket[GET2(cc, 1 + LINK_SIZE)] == 0) | ||
125 | + offset = GET2(cc, 1 + LINK_SIZE); | ||
126 | + if (recurse_check_bit(common, OVECTOR(offset << 1))) | ||
127 | + { | ||
128 | + SLJIT_ASSERT(recurse_check_bit(common, OVECTOR((offset << 1) + 1))); | ||
129 | + length += 2; | ||
130 | + } | ||
131 | + if (common->optimized_cbracket[offset] == 0 && recurse_check_bit(common, OVECTOR_PRIV(offset))) | ||
132 | + length++; | ||
133 | + if (common->capture_last_ptr != 0 && recurse_check_bit(common, common->capture_last_ptr)) | ||
134 | length++; | ||
135 | cc += 1 + LINK_SIZE + IMM2_SIZE; | ||
136 | break; | ||
137 | |||
138 | case OP_CBRAPOS: | ||
139 | case OP_SCBRAPOS: | ||
140 | - length += 2 + 2; | ||
141 | - if (common->capture_last_ptr != 0) | ||
142 | - capture_last_found = TRUE; | ||
143 | + offset = GET2(cc, 1 + LINK_SIZE); | ||
144 | + if (recurse_check_bit(common, OVECTOR(offset << 1))) | ||
145 | + { | ||
146 | + SLJIT_ASSERT(recurse_check_bit(common, OVECTOR((offset << 1) + 1))); | ||
147 | + length += 2; | ||
148 | + } | ||
149 | + if (recurse_check_bit(common, OVECTOR_PRIV(offset))) | ||
150 | + length++; | ||
151 | + if (recurse_check_bit(common, PRIVATE_DATA(cc))) | ||
152 | + length++; | ||
153 | + if (common->capture_last_ptr != 0 && recurse_check_bit(common, common->capture_last_ptr)) | ||
154 | + length++; | ||
155 | cc += 1 + LINK_SIZE + IMM2_SIZE; | ||
156 | break; | ||
157 | |||
158 | case OP_COND: | ||
159 | /* Might be a hidden SCOND. */ | ||
160 | alternative = cc + GET(cc, 1); | ||
161 | - if (*alternative == OP_KETRMAX || *alternative == OP_KETRMIN) | ||
162 | + if ((*alternative == OP_KETRMAX || *alternative == OP_KETRMIN) && recurse_check_bit(common, PRIVATE_DATA(cc))) | ||
163 | length++; | ||
164 | cc += 1 + LINK_SIZE; | ||
165 | break; | ||
166 | |||
167 | CASE_ITERATOR_PRIVATE_DATA_1 | ||
168 | - if (PRIVATE_DATA(cc) != 0) | ||
169 | + offset = PRIVATE_DATA(cc); | ||
170 | + if (offset != 0 && recurse_check_bit(common, offset)) | ||
171 | length++; | ||
172 | cc += 2; | ||
173 | #ifdef SUPPORT_UNICODE | ||
174 | @@ -2210,8 +2251,12 @@ while (cc < ccend) | ||
175 | break; | ||
176 | |||
177 | CASE_ITERATOR_PRIVATE_DATA_2A | ||
178 | - if (PRIVATE_DATA(cc) != 0) | ||
179 | + offset = PRIVATE_DATA(cc); | ||
180 | + if (offset != 0 && recurse_check_bit(common, offset)) | ||
181 | + { | ||
182 | + SLJIT_ASSERT(recurse_check_bit(common, offset + sizeof(sljit_sw))); | ||
183 | length += 2; | ||
184 | + } | ||
185 | cc += 2; | ||
186 | #ifdef SUPPORT_UNICODE | ||
187 | if (common->utf && HAS_EXTRALEN(cc[-1])) cc += GET_EXTRALEN(cc[-1]); | ||
188 | @@ -2219,8 +2264,12 @@ while (cc < ccend) | ||
189 | break; | ||
190 | |||
191 | CASE_ITERATOR_PRIVATE_DATA_2B | ||
192 | - if (PRIVATE_DATA(cc) != 0) | ||
193 | + offset = PRIVATE_DATA(cc); | ||
194 | + if (offset != 0 && recurse_check_bit(common, offset)) | ||
195 | + { | ||
196 | + SLJIT_ASSERT(recurse_check_bit(common, offset + sizeof(sljit_sw))); | ||
197 | length += 2; | ||
198 | + } | ||
199 | cc += 2 + IMM2_SIZE; | ||
200 | #ifdef SUPPORT_UNICODE | ||
201 | if (common->utf && HAS_EXTRALEN(cc[-1])) cc += GET_EXTRALEN(cc[-1]); | ||
202 | @@ -2228,20 +2277,29 @@ while (cc < ccend) | ||
203 | break; | ||
204 | |||
205 | CASE_ITERATOR_TYPE_PRIVATE_DATA_1 | ||
206 | - if (PRIVATE_DATA(cc) != 0) | ||
207 | + offset = PRIVATE_DATA(cc); | ||
208 | + if (offset != 0 && recurse_check_bit(common, offset)) | ||
209 | length++; | ||
210 | cc += 1; | ||
211 | break; | ||
212 | |||
213 | CASE_ITERATOR_TYPE_PRIVATE_DATA_2A | ||
214 | - if (PRIVATE_DATA(cc) != 0) | ||
215 | + offset = PRIVATE_DATA(cc); | ||
216 | + if (offset != 0 && recurse_check_bit(common, offset)) | ||
217 | + { | ||
218 | + SLJIT_ASSERT(recurse_check_bit(common, offset + sizeof(sljit_sw))); | ||
219 | length += 2; | ||
220 | + } | ||
221 | cc += 1; | ||
222 | break; | ||
223 | |||
224 | CASE_ITERATOR_TYPE_PRIVATE_DATA_2B | ||
225 | - if (PRIVATE_DATA(cc) != 0) | ||
226 | + offset = PRIVATE_DATA(cc); | ||
227 | + if (offset != 0 && recurse_check_bit(common, offset)) | ||
228 | + { | ||
229 | + SLJIT_ASSERT(recurse_check_bit(common, offset + sizeof(sljit_sw))); | ||
230 | length += 2; | ||
231 | + } | ||
232 | cc += 1 + IMM2_SIZE; | ||
233 | break; | ||
234 | |||
235 | @@ -2253,7 +2311,9 @@ while (cc < ccend) | ||
236 | #else | ||
237 | size = 1 + 32 / (int)sizeof(PCRE2_UCHAR); | ||
238 | #endif | ||
239 | - if (PRIVATE_DATA(cc) != 0) | ||
240 | + | ||
241 | + offset = PRIVATE_DATA(cc); | ||
242 | + if (offset != 0 && recurse_check_bit(common, offset)) | ||
243 | length += get_class_iterator_size(cc + size); | ||
244 | cc += size; | ||
245 | break; | ||
246 | @@ -2288,8 +2348,7 @@ while (cc < ccend) | ||
247 | case OP_THEN: | ||
248 | SLJIT_ASSERT(common->control_head_ptr != 0); | ||
249 | quit_found = TRUE; | ||
250 | - if (!control_head_found) | ||
251 | - control_head_found = TRUE; | ||
252 | + control_head_found = TRUE; | ||
253 | cc++; | ||
254 | break; | ||
255 | |||
256 | @@ -2309,8 +2368,6 @@ SLJIT_ASSERT(cc == ccend); | ||
257 | |||
258 | if (control_head_found) | ||
259 | length++; | ||
260 | -if (capture_last_found) | ||
261 | - length++; | ||
262 | if (quit_found) | ||
263 | { | ||
264 | if (setsom_found) | ||
265 | @@ -2343,14 +2400,12 @@ sljit_sw shared_srcw[3]; | ||
266 | sljit_sw kept_shared_srcw[2]; | ||
267 | int private_count, shared_count, kept_shared_count; | ||
268 | int from_sp, base_reg, offset, i; | ||
269 | -BOOL setsom_found = FALSE; | ||
270 | -BOOL setmark_found = FALSE; | ||
271 | -BOOL capture_last_found = FALSE; | ||
272 | -BOOL control_head_found = FALSE; | ||
273 | + | ||
274 | +memset(common->recurse_bitset, 0, common->recurse_bitset_size); | ||
275 | |||
276 | #if defined DEBUG_FORCE_CONTROL_HEAD && DEBUG_FORCE_CONTROL_HEAD | ||
277 | SLJIT_ASSERT(common->control_head_ptr != 0); | ||
278 | -control_head_found = TRUE; | ||
279 | +recurse_check_bit(common, common->control_head_ptr); | ||
280 | #endif | ||
281 | |||
282 | switch (type) | ||
283 | @@ -2438,11 +2493,10 @@ while (cc < ccend) | ||
284 | { | ||
285 | case OP_SET_SOM: | ||
286 | SLJIT_ASSERT(common->has_set_som); | ||
287 | - if (has_quit && !setsom_found) | ||
288 | + if (has_quit && recurse_check_bit(common, OVECTOR(0))) | ||
289 | { | ||
290 | kept_shared_srcw[0] = OVECTOR(0); | ||
291 | kept_shared_count = 1; | ||
292 | - setsom_found = TRUE; | ||
293 | } | ||
294 | cc += 1; | ||
295 | break; | ||
296 | @@ -2450,33 +2504,31 @@ while (cc < ccend) | ||
297 | case OP_RECURSE: | ||
298 | if (has_quit) | ||
299 | { | ||
300 | - if (common->has_set_som && !setsom_found) | ||
301 | + if (common->has_set_som && recurse_check_bit(common, OVECTOR(0))) | ||
302 | { | ||
303 | kept_shared_srcw[0] = OVECTOR(0); | ||
304 | kept_shared_count = 1; | ||
305 | - setsom_found = TRUE; | ||
306 | } | ||
307 | - if (common->mark_ptr != 0 && !setmark_found) | ||
308 | + if (common->mark_ptr != 0 && recurse_check_bit(common, common->mark_ptr)) | ||
309 | { | ||
310 | kept_shared_srcw[kept_shared_count] = common->mark_ptr; | ||
311 | kept_shared_count++; | ||
312 | - setmark_found = TRUE; | ||
313 | } | ||
314 | } | ||
315 | - if (common->capture_last_ptr != 0 && !capture_last_found) | ||
316 | + if (common->capture_last_ptr != 0 && recurse_check_bit(common, common->capture_last_ptr)) | ||
317 | { | ||
318 | shared_srcw[0] = common->capture_last_ptr; | ||
319 | shared_count = 1; | ||
320 | - capture_last_found = TRUE; | ||
321 | } | ||
322 | cc += 1 + LINK_SIZE; | ||
323 | break; | ||
324 | |||
325 | case OP_KET: | ||
326 | - if (PRIVATE_DATA(cc) != 0) | ||
327 | + private_srcw[0] = PRIVATE_DATA(cc); | ||
328 | + if (private_srcw[0] != 0) | ||
329 | { | ||
330 | - private_count = 1; | ||
331 | - private_srcw[0] = PRIVATE_DATA(cc); | ||
332 | + if (recurse_check_bit(common, private_srcw[0])) | ||
333 | + private_count = 1; | ||
334 | SLJIT_ASSERT(PRIVATE_DATA(cc + 1) != 0); | ||
335 | cc += PRIVATE_DATA(cc + 1); | ||
336 | } | ||
337 | @@ -2493,50 +2545,66 @@ while (cc < ccend) | ||
338 | case OP_SBRA: | ||
339 | case OP_SBRAPOS: | ||
340 | case OP_SCOND: | ||
341 | - private_count = 1; | ||
342 | private_srcw[0] = PRIVATE_DATA(cc); | ||
343 | + if (recurse_check_bit(common, private_srcw[0])) | ||
344 | + private_count = 1; | ||
345 | cc += 1 + LINK_SIZE; | ||
346 | break; | ||
347 | |||
348 | case OP_CBRA: | ||
349 | case OP_SCBRA: | ||
350 | - offset = (GET2(cc, 1 + LINK_SIZE)) << 1; | ||
351 | - shared_srcw[0] = OVECTOR(offset); | ||
352 | - shared_srcw[1] = OVECTOR(offset + 1); | ||
353 | - shared_count = 2; | ||
354 | + offset = GET2(cc, 1 + LINK_SIZE); | ||
355 | + shared_srcw[0] = OVECTOR(offset << 1); | ||
356 | + if (recurse_check_bit(common, shared_srcw[0])) | ||
357 | + { | ||
358 | + shared_srcw[1] = shared_srcw[0] + sizeof(sljit_sw); | ||
359 | + SLJIT_ASSERT(recurse_check_bit(common, shared_srcw[1])); | ||
360 | + shared_count = 2; | ||
361 | + } | ||
362 | |||
363 | - if (common->capture_last_ptr != 0 && !capture_last_found) | ||
364 | + if (common->capture_last_ptr != 0 && recurse_check_bit(common, common->capture_last_ptr)) | ||
365 | { | ||
366 | - shared_srcw[2] = common->capture_last_ptr; | ||
367 | - shared_count = 3; | ||
368 | - capture_last_found = TRUE; | ||
369 | + shared_srcw[shared_count] = common->capture_last_ptr; | ||
370 | + shared_count++; | ||
371 | } | ||
372 | |||
373 | - if (common->optimized_cbracket[GET2(cc, 1 + LINK_SIZE)] == 0) | ||
374 | + if (common->optimized_cbracket[offset] == 0) | ||
375 | { | ||
376 | - private_count = 1; | ||
377 | - private_srcw[0] = OVECTOR_PRIV(GET2(cc, 1 + LINK_SIZE)); | ||
378 | + private_srcw[0] = OVECTOR_PRIV(offset); | ||
379 | + if (recurse_check_bit(common, private_srcw[0])) | ||
380 | + private_count = 1; | ||
381 | } | ||
382 | + | ||
383 | cc += 1 + LINK_SIZE + IMM2_SIZE; | ||
384 | break; | ||
385 | |||
386 | case OP_CBRAPOS: | ||
387 | case OP_SCBRAPOS: | ||
388 | - offset = (GET2(cc, 1 + LINK_SIZE)) << 1; | ||
389 | - shared_srcw[0] = OVECTOR(offset); | ||
390 | - shared_srcw[1] = OVECTOR(offset + 1); | ||
391 | - shared_count = 2; | ||
392 | + offset = GET2(cc, 1 + LINK_SIZE); | ||
393 | + shared_srcw[0] = OVECTOR(offset << 1); | ||
394 | + if (recurse_check_bit(common, shared_srcw[0])) | ||
395 | + { | ||
396 | + shared_srcw[1] = shared_srcw[0] + sizeof(sljit_sw); | ||
397 | + SLJIT_ASSERT(recurse_check_bit(common, shared_srcw[1])); | ||
398 | + shared_count = 2; | ||
399 | + } | ||
400 | |||
401 | - if (common->capture_last_ptr != 0 && !capture_last_found) | ||
402 | + if (common->capture_last_ptr != 0 && recurse_check_bit(common, common->capture_last_ptr)) | ||
403 | { | ||
404 | - shared_srcw[2] = common->capture_last_ptr; | ||
405 | - shared_count = 3; | ||
406 | - capture_last_found = TRUE; | ||
407 | + shared_srcw[shared_count] = common->capture_last_ptr; | ||
408 | + shared_count++; | ||
409 | } | ||
410 | |||
411 | - private_count = 2; | ||
412 | private_srcw[0] = PRIVATE_DATA(cc); | ||
413 | - private_srcw[1] = OVECTOR_PRIV(GET2(cc, 1 + LINK_SIZE)); | ||
414 | + if (recurse_check_bit(common, private_srcw[0])) | ||
415 | + private_count = 1; | ||
416 | + | ||
417 | + offset = OVECTOR_PRIV(offset); | ||
418 | + if (recurse_check_bit(common, offset)) | ||
419 | + { | ||
420 | + private_srcw[private_count] = offset; | ||
421 | + private_count++; | ||
422 | + } | ||
423 | cc += 1 + LINK_SIZE + IMM2_SIZE; | ||
424 | break; | ||
425 | |||
426 | @@ -2545,18 +2613,17 @@ while (cc < ccend) | ||
427 | alternative = cc + GET(cc, 1); | ||
428 | if (*alternative == OP_KETRMAX || *alternative == OP_KETRMIN) | ||
429 | { | ||
430 | - private_count = 1; | ||
431 | private_srcw[0] = PRIVATE_DATA(cc); | ||
432 | + if (recurse_check_bit(common, private_srcw[0])) | ||
433 | + private_count = 1; | ||
434 | } | ||
435 | cc += 1 + LINK_SIZE; | ||
436 | break; | ||
437 | |||
438 | CASE_ITERATOR_PRIVATE_DATA_1 | ||
439 | - if (PRIVATE_DATA(cc)) | ||
440 | - { | ||
441 | + private_srcw[0] = PRIVATE_DATA(cc); | ||
442 | + if (private_srcw[0] != 0 && recurse_check_bit(common, private_srcw[0])) | ||
443 | private_count = 1; | ||
444 | - private_srcw[0] = PRIVATE_DATA(cc); | ||
445 | - } | ||
446 | cc += 2; | ||
447 | #ifdef SUPPORT_UNICODE | ||
448 | if (common->utf && HAS_EXTRALEN(cc[-1])) cc += GET_EXTRALEN(cc[-1]); | ||
449 | @@ -2564,11 +2631,12 @@ while (cc < ccend) | ||
450 | break; | ||
451 | |||
452 | CASE_ITERATOR_PRIVATE_DATA_2A | ||
453 | - if (PRIVATE_DATA(cc)) | ||
454 | + private_srcw[0] = PRIVATE_DATA(cc); | ||
455 | + if (private_srcw[0] != 0 && recurse_check_bit(common, private_srcw[0])) | ||
456 | { | ||
457 | private_count = 2; | ||
458 | - private_srcw[0] = PRIVATE_DATA(cc); | ||
459 | - private_srcw[1] = PRIVATE_DATA(cc) + sizeof(sljit_sw); | ||
460 | + private_srcw[1] = private_srcw[0] + sizeof(sljit_sw); | ||
461 | + SLJIT_ASSERT(recurse_check_bit(common, private_srcw[1])); | ||
462 | } | ||
463 | cc += 2; | ||
464 | #ifdef SUPPORT_UNICODE | ||
465 | @@ -2577,11 +2645,12 @@ while (cc < ccend) | ||
466 | break; | ||
467 | |||
468 | CASE_ITERATOR_PRIVATE_DATA_2B | ||
469 | - if (PRIVATE_DATA(cc)) | ||
470 | + private_srcw[0] = PRIVATE_DATA(cc); | ||
471 | + if (private_srcw[0] != 0 && recurse_check_bit(common, private_srcw[0])) | ||
472 | { | ||
473 | private_count = 2; | ||
474 | - private_srcw[0] = PRIVATE_DATA(cc); | ||
475 | - private_srcw[1] = PRIVATE_DATA(cc) + sizeof(sljit_sw); | ||
476 | + private_srcw[1] = private_srcw[0] + sizeof(sljit_sw); | ||
477 | + SLJIT_ASSERT(recurse_check_bit(common, private_srcw[1])); | ||
478 | } | ||
479 | cc += 2 + IMM2_SIZE; | ||
480 | #ifdef SUPPORT_UNICODE | ||
481 | @@ -2590,30 +2659,30 @@ while (cc < ccend) | ||
482 | break; | ||
483 | |||
484 | CASE_ITERATOR_TYPE_PRIVATE_DATA_1 | ||
485 | - if (PRIVATE_DATA(cc)) | ||
486 | - { | ||
487 | + private_srcw[0] = PRIVATE_DATA(cc); | ||
488 | + if (private_srcw[0] != 0 && recurse_check_bit(common, private_srcw[0])) | ||
489 | private_count = 1; | ||
490 | - private_srcw[0] = PRIVATE_DATA(cc); | ||
491 | - } | ||
492 | cc += 1; | ||
493 | break; | ||
494 | |||
495 | CASE_ITERATOR_TYPE_PRIVATE_DATA_2A | ||
496 | - if (PRIVATE_DATA(cc)) | ||
497 | + private_srcw[0] = PRIVATE_DATA(cc); | ||
498 | + if (private_srcw[0] != 0 && recurse_check_bit(common, private_srcw[0])) | ||
499 | { | ||
500 | private_count = 2; | ||
501 | - private_srcw[0] = PRIVATE_DATA(cc); | ||
502 | private_srcw[1] = private_srcw[0] + sizeof(sljit_sw); | ||
503 | + SLJIT_ASSERT(recurse_check_bit(common, private_srcw[1])); | ||
504 | } | ||
505 | cc += 1; | ||
506 | break; | ||
507 | |||
508 | CASE_ITERATOR_TYPE_PRIVATE_DATA_2B | ||
509 | - if (PRIVATE_DATA(cc)) | ||
510 | + private_srcw[0] = PRIVATE_DATA(cc); | ||
511 | + if (private_srcw[0] != 0 && recurse_check_bit(common, private_srcw[0])) | ||
512 | { | ||
513 | private_count = 2; | ||
514 | - private_srcw[0] = PRIVATE_DATA(cc); | ||
515 | private_srcw[1] = private_srcw[0] + sizeof(sljit_sw); | ||
516 | + SLJIT_ASSERT(recurse_check_bit(common, private_srcw[1])); | ||
517 | } | ||
518 | cc += 1 + IMM2_SIZE; | ||
519 | break; | ||
520 | @@ -2630,14 +2699,17 @@ while (cc < ccend) | ||
521 | switch(get_class_iterator_size(cc + i)) | ||
522 | { | ||
523 | case 1: | ||
524 | - private_count = 1; | ||
525 | private_srcw[0] = PRIVATE_DATA(cc); | ||
526 | break; | ||
527 | |||
528 | case 2: | ||
529 | - private_count = 2; | ||
530 | private_srcw[0] = PRIVATE_DATA(cc); | ||
531 | - private_srcw[1] = private_srcw[0] + sizeof(sljit_sw); | ||
532 | + if (recurse_check_bit(common, private_srcw[0])) | ||
533 | + { | ||
534 | + private_count = 2; | ||
535 | + private_srcw[1] = private_srcw[0] + sizeof(sljit_sw); | ||
536 | + SLJIT_ASSERT(recurse_check_bit(common, private_srcw[1])); | ||
537 | + } | ||
538 | break; | ||
539 | |||
540 | default: | ||
541 | @@ -2652,28 +2724,25 @@ while (cc < ccend) | ||
542 | case OP_PRUNE_ARG: | ||
543 | case OP_THEN_ARG: | ||
544 | SLJIT_ASSERT(common->mark_ptr != 0); | ||
545 | - if (has_quit && !setmark_found) | ||
546 | + if (has_quit && recurse_check_bit(common, common->mark_ptr)) | ||
547 | { | ||
548 | kept_shared_srcw[0] = common->mark_ptr; | ||
549 | kept_shared_count = 1; | ||
550 | - setmark_found = TRUE; | ||
551 | } | ||
552 | - if (common->control_head_ptr != 0 && !control_head_found) | ||
553 | + if (common->control_head_ptr != 0 && recurse_check_bit(common, common->control_head_ptr)) | ||
554 | { | ||
555 | shared_srcw[0] = common->control_head_ptr; | ||
556 | shared_count = 1; | ||
557 | - control_head_found = TRUE; | ||
558 | } | ||
559 | cc += 1 + 2 + cc[1]; | ||
560 | break; | ||
561 | |||
562 | case OP_THEN: | ||
563 | SLJIT_ASSERT(common->control_head_ptr != 0); | ||
564 | - if (!control_head_found) | ||
565 | + if (recurse_check_bit(common, common->control_head_ptr)) | ||
566 | { | ||
567 | shared_srcw[0] = common->control_head_ptr; | ||
568 | shared_count = 1; | ||
569 | - control_head_found = TRUE; | ||
570 | } | ||
571 | cc++; | ||
572 | break; | ||
573 | @@ -2681,7 +2750,7 @@ while (cc < ccend) | ||
574 | default: | ||
575 | cc = next_opcode(common, cc); | ||
576 | SLJIT_ASSERT(cc != NULL); | ||
577 | - break; | ||
578 | + continue; | ||
579 | } | ||
580 | |||
581 | if (type != recurse_copy_shared_to_global && type != recurse_copy_kept_shared_to_global) | ||
582 | @@ -13262,7 +13331,7 @@ SLJIT_ASSERT(!(common->req_char_ptr != 0 && common->start_used_ptr != 0)); | ||
583 | common->cbra_ptr = OVECTOR_START + (re->top_bracket + 1) * 2 * sizeof(sljit_sw); | ||
584 | |||
585 | total_length = ccend - common->start; | ||
586 | -common->private_data_ptrs = (sljit_s32 *)SLJIT_MALLOC(total_length * (sizeof(sljit_s32) + (common->has_then ? 1 : 0)), allocator_data); | ||
587 | +common->private_data_ptrs = (sljit_s32*)SLJIT_MALLOC(total_length * (sizeof(sljit_s32) + (common->has_then ? 1 : 0)), allocator_data); | ||
588 | if (!common->private_data_ptrs) | ||
589 | { | ||
590 | SLJIT_FREE(common->optimized_cbracket, allocator_data); | ||
591 | @@ -13304,6 +13373,7 @@ if (!compiler) | ||
592 | common->compiler = compiler; | ||
593 | |||
594 | /* Main pcre_jit_exec entry. */ | ||
595 | +LJIT_ASSERT((private_data_size & (sizeof(sljit_sw) - 1)) == 0); | ||
596 | sljit_emit_enter(compiler, 0, SLJIT_ARG1(SW), 5, 5, 0, 0, private_data_size); | ||
597 | |||
598 | /* Register init. */ | ||
599 | @@ -13524,20 +13594,40 @@ common->fast_fail_end_ptr = 0; | ||
600 | common->currententry = common->entries; | ||
601 | common->local_quit_available = TRUE; | ||
602 | quit_label = common->quit_label; | ||
603 | -while (common->currententry != NULL) | ||
604 | +if (common->currententry != NULL) | ||
605 | { | ||
606 | - /* Might add new entries. */ | ||
607 | - compile_recurse(common); | ||
608 | - if (SLJIT_UNLIKELY(sljit_get_compiler_error(compiler))) | ||
609 | + /* A free bit for each private data. */ | ||
610 | + common->recurse_bitset_size = ((private_data_size / (int)sizeof(sljit_sw)) + 7) >> 3; | ||
611 | + SLJIT_ASSERT(common->recurse_bitset_size > 0); | ||
612 | + common->recurse_bitset = (sljit_u8*)SLJIT_MALLOC(common->recurse_bitset_size, allocator_data);; | ||
613 | + | ||
614 | + if (common->recurse_bitset != NULL) | ||
615 | + { | ||
616 | + do | ||
617 | + { | ||
618 | + /* Might add new entries. */ | ||
619 | + compile_recurse(common); | ||
620 | + if (SLJIT_UNLIKELY(sljit_get_compiler_error(compiler))) | ||
621 | + break; | ||
622 | + flush_stubs(common); | ||
623 | + common->currententry = common->currententry->next; | ||
624 | + } | ||
625 | + while (common->currententry != NULL); | ||
626 | + | ||
627 | + SLJIT_FREE(common->recurse_bitset, allocator_data); | ||
628 | + } | ||
629 | + | ||
630 | + if (common->currententry != NULL) | ||
631 | { | ||
632 | + /* The common->recurse_bitset has been freed. */ | ||
633 | + SLJIT_ASSERT(sljit_get_compiler_error(compiler) || common->recurse_bitset == NULL); | ||
634 | + | ||
635 | sljit_free_compiler(compiler); | ||
636 | SLJIT_FREE(common->optimized_cbracket, allocator_data); | ||
637 | SLJIT_FREE(common->private_data_ptrs, allocator_data); | ||
638 | PRIV(jit_free_rodata)(common->read_only_data_head, allocator_data); | ||
639 | return PCRE2_ERROR_NOMEMORY; | ||
640 | } | ||
641 | - flush_stubs(common); | ||
642 | - common->currententry = common->currententry->next; | ||
643 | } | ||
644 | common->local_quit_available = FALSE; | ||
645 | common->quit_label = quit_label; | ||
646 | diff --git a/src/pcre2_jit_test.c b/src/pcre2_jit_test.c | ||
647 | index 9df87fd..2f84834 100644 | ||
648 | --- a/src/pcre2_jit_test.c | ||
649 | +++ b/src/pcre2_jit_test.c | ||
650 | @@ -746,6 +746,7 @@ static struct regression_test_case regression_test_cases[] = { | ||
651 | { MU, A, 0, 0, "((?(R)a|(?1)){1,3}?)M", "aaaM" }, | ||
652 | { MU, A, 0, 0, "((.)(?:.|\\2(?1))){0}#(?1)#", "#aabbccdde# #aabbccddee#" }, | ||
653 | { MU, A, 0, 0, "((.)(?:\\2|\\2{4}b)){0}#(?:(?1))+#", "#aaaab# #aaaaab#" }, | ||
654 | + { MU, A, 0, 0 | F_NOMATCH, "(?1)$((.|\\2xx){1,2})", "abc" }, | ||
655 | |||
656 | /* 16 bit specific tests. */ | ||
657 | { CM, A, 0, 0 | F_FORCECONV, "\xc3\xa1", "\xc3\x81\xc3\xa1" }, | ||
658 | -- | ||
659 | 2.25.1 | ||
660 | |||
diff --git a/meta/recipes-support/libpcre/libpcre2/CVE-2022-41409.patch b/meta/recipes-support/libpcre/libpcre2/CVE-2022-41409.patch new file mode 100644 index 0000000000..882277ae73 --- /dev/null +++ b/meta/recipes-support/libpcre/libpcre2/CVE-2022-41409.patch | |||
@@ -0,0 +1,74 @@ | |||
1 | From 94e1c001761373b7d9450768aa15d04c25547a35 Mon Sep 17 00:00:00 2001 | ||
2 | From: Philip Hazel <Philip.Hazel@gmail.com> | ||
3 | Date: Tue, 16 Aug 2022 17:00:45 +0100 | ||
4 | Subject: [PATCH] Diagnose negative repeat value in pcre2test subject line | ||
5 | |||
6 | CVE: CVE-2022-41409 | ||
7 | Upstream-Status: Backport [https://github.com/PCRE2Project/pcre2/commit/94e1c001761373b7d9450768aa15d04c25547a35] | ||
8 | |||
9 | Signed-off-by: Peter Marko <peter.marko@siemens.com> | ||
10 | |||
11 | --- | ||
12 | ChangeLog | 3 +++ | ||
13 | src/pcre2test.c | 4 ++-- | ||
14 | testdata/testinput2 | 3 +++ | ||
15 | testdata/testoutput2 | 4 ++++ | ||
16 | 4 files changed, 12 insertions(+), 2 deletions(-) | ||
17 | |||
18 | diff --git a/ChangeLog b/ChangeLog | ||
19 | index eab50eb7..276eb57a 100644 | ||
20 | --- a/ChangeLog | ||
21 | +++ b/ChangeLog | ||
22 | @@ -7,6 +7,9 @@ fully read in caseless matching. | ||
23 | 24. Fixed an issue affecting recursions in JIT caused by duplicated data | ||
24 | transfers. | ||
25 | |||
26 | +20. A negative repeat value in a pcre2test subject line was not being | ||
27 | +diagnosed, leading to infinite looping. | ||
28 | + | ||
29 | |||
30 | Version 10.34 21-November-2019 | ||
31 | ------------------------------ | ||
32 | diff --git a/src/pcre2test.c b/src/pcre2test.c | ||
33 | index 08f86096..f6f5d66c 100644 | ||
34 | --- a/src/pcre2test.c | ||
35 | +++ b/src/pcre2test.c | ||
36 | @@ -6700,9 +6700,9 @@ while ((c = *p++) != 0) | ||
37 | } | ||
38 | |||
39 | i = (int32_t)li; | ||
40 | - if (i-- == 0) | ||
41 | + if (i-- <= 0) | ||
42 | { | ||
43 | - fprintf(outfile, "** Zero repeat not allowed\n"); | ||
44 | + fprintf(outfile, "** Zero or negative repeat not allowed\n"); | ||
45 | return PR_OK; | ||
46 | } | ||
47 | |||
48 | diff --git a/testdata/testinput2 b/testdata/testinput2 | ||
49 | index 655e519..14e00ed 100644 | ||
50 | --- a/testdata/testinput2 | ||
51 | +++ b/testdata/testinput2 | ||
52 | @@ -5772,4 +5772,7 @@ a)"xI | ||
53 | /(a)?a/I | ||
54 | manm | ||
55 | |||
56 | +-- | ||
57 | + \[X]{-10} | ||
58 | + | ||
59 | # End of testinput2 | ||
60 | diff --git a/testdata/testoutput2 b/testdata/testoutput2 | ||
61 | index c733c12..958f246 100644 | ||
62 | --- a/testdata/testoutput2 | ||
63 | +++ b/testdata/testoutput2 | ||
64 | @@ -17435,6 +17435,10 @@ Subject length lower bound = 1 | ||
65 | manm | ||
66 | 0: a | ||
67 | |||
68 | +-- | ||
69 | + \[X]{-10} | ||
70 | +** Zero or negative repeat not allowed | ||
71 | + | ||
72 | # End of testinput2 | ||
73 | Error -70: PCRE2_ERROR_BADDATA (unknown error number) | ||
74 | Error -62: bad serialized data | ||
diff --git a/meta/recipes-support/libpcre/libpcre2_10.34.bb b/meta/recipes-support/libpcre/libpcre2_10.34.bb index fa8655e027..53277270d2 100644 --- a/meta/recipes-support/libpcre/libpcre2_10.34.bb +++ b/meta/recipes-support/libpcre/libpcre2_10.34.bb | |||
@@ -10,8 +10,12 @@ SECTION = "devel" | |||
10 | LICENSE = "BSD-3-Clause" | 10 | LICENSE = "BSD-3-Clause" |
11 | LIC_FILES_CHKSUM = "file://LICENCE;md5=b1588d3bb4cb0e1f5a597d908f8c5b37" | 11 | LIC_FILES_CHKSUM = "file://LICENCE;md5=b1588d3bb4cb0e1f5a597d908f8c5b37" |
12 | 12 | ||
13 | SRC_URI = "https://ftp.pcre.org/pub/pcre/pcre2-${PV}.tar.bz2 \ | 13 | SRC_URI = "http://downloads.yoctoproject.org/mirror/sources/pcre2-${PV}.tar.bz2 \ |
14 | file://pcre-cross.patch \ | 14 | file://pcre-cross.patch \ |
15 | file://CVE-2022-1586.patch \ | ||
16 | file://CVE-2022-1586-regression.patch \ | ||
17 | file://CVE-2022-1587.patch \ | ||
18 | file://CVE-2022-41409.patch \ | ||
15 | " | 19 | " |
16 | 20 | ||
17 | SRC_URI[md5sum] = "d280b62ded13f9ccf2fac16ee5286366" | 21 | SRC_URI[md5sum] = "d280b62ded13f9ccf2fac16ee5286366" |
diff --git a/meta/recipes-support/libpcre/libpcre_8.44.bb b/meta/recipes-support/libpcre/libpcre_8.44.bb index e5471e81da..3267c5ad72 100644 --- a/meta/recipes-support/libpcre/libpcre_8.44.bb +++ b/meta/recipes-support/libpcre/libpcre_8.44.bb | |||
@@ -7,8 +7,7 @@ HOMEPAGE = "http://www.pcre.org" | |||
7 | SECTION = "devel" | 7 | SECTION = "devel" |
8 | LICENSE = "BSD-3-Clause" | 8 | LICENSE = "BSD-3-Clause" |
9 | LIC_FILES_CHKSUM = "file://LICENCE;md5=3bb381a66a5385b246d4877922e7511e" | 9 | LIC_FILES_CHKSUM = "file://LICENCE;md5=3bb381a66a5385b246d4877922e7511e" |
10 | SRC_URI = "https://ftp.pcre.org/pub/pcre/pcre-${PV}.tar.bz2 \ | 10 | SRC_URI = "${SOURCEFORGE_MIRROR}/pcre/pcre-${PV}.tar.bz2 \ |
11 | file://fix-pcre-name-collision.patch \ | ||
12 | file://run-ptest \ | 11 | file://run-ptest \ |
13 | file://Makefile \ | 12 | file://Makefile \ |
14 | " | 13 | " |