diff options
| author |   Christian Hoffmann <hoffie@gentoo.org> | 2008-02-02 21:54:59 +0000 |
|---|---|---|
| committer | Christian Hoffmann <hoffie@gentoo.org> | 2008-02-02 21:54:59 +0000 |
| commit | 7719ff0a4042f953acafa5813a5190c4741aa214 (patch) | |
| tree | d8962e30a3eba5adcd9acd34a0d252b0f685b4af /dev-libs | |
| parent | disable gtk (bug #168172) (diff) | |
| download | historical-7719ff0a4042f953acafa5813a5190c4741aa214.tar.gz historical-7719ff0a4042f953acafa5813a5190c4741aa214.tar.bz2 historical-7719ff0a4042f953acafa5813a5190c4741aa214.zip | |
adding patch for CVE-2007-{4770,4771} per bug #208001, thanks to jakub
Package-Manager: portage-2.1.4.1
Diffstat (limited to 'dev-libs')
| -rw-r--r-- | dev-libs/icu/ChangeLog | 8 | ||||
| -rw-r--r-- | dev-libs/icu/Manifest | 14 | ||||
| -rw-r--r-- | dev-libs/icu/files/icu-3.8-regexp-CVE-2007-4770+4771.diff | 305 | ||||
| -rw-r--r-- | dev-libs/icu/icu-3.8.1-r1.ebuild | 83 |
4 files changed, 408 insertions, 2 deletions
diff --git a/dev-libs/icu/ChangeLog b/dev-libs/icu/ChangeLog index eb5cdd410fd0..44ffbfde1f22 100644 --- a/dev-libs/icu/ChangeLog +++ b/dev-libs/icu/ChangeLog @@ -1,6 +1,12 @@ # ChangeLog for dev-libs/icu # Copyright 2002-2008 Gentoo Foundation; Distributed under the GPL v2 -# $Header: /var/cvsroot/gentoo-x86/dev-libs/icu/ChangeLog,v 1.67 2008/01/04 13:34:10 jokey Exp $ +# $Header: /var/cvsroot/gentoo-x86/dev-libs/icu/ChangeLog,v 1.68 2008/02/02 21:54:58 hoffie Exp $ + +*icu-3.8.1-r1 (02 Feb 2008) + + 02 Feb 2008; Christian Hoffmann <hoffie@gentoo.org> + +files/icu-3.8-regexp-CVE-2007-4770+4771.diff, +icu-3.8.1-r1.ebuild: + adding patch for CVE-2007-{4770,4771} per bug #208001, thanks to jakub *icu-3.8.1 (04 Jan 2008) diff --git a/dev-libs/icu/Manifest b/dev-libs/icu/Manifest index 9c28116c98ce..73e03624d33e 100644 --- a/dev-libs/icu/Manifest +++ b/dev-libs/icu/Manifest @@ -1,3 +1,7 @@ +-----BEGIN PGP SIGNED MESSAGE----- +Hash: SHA1 + +AUX icu-3.8-regexp-CVE-2007-4770+4771.diff 10839 RMD160 efeef3970293df08a430e5c797d0b9c3a8198dfd SHA1 aceeabc01355360866cb17811f4ad7e709498b80 SHA256 ec22413f8544c399241b9a7ca6d9c92c5414701ec1d7f536fdb8e6fe35717916 AUX icu-3.8-setBreakType-public.diff 900 RMD160 ba2d421389829d25b04ae6debc8ad16f2f183ddf SHA1 692f373ea8e52189b7dfa60dd34805411488ef2b SHA256 b3f2b1651ae47ef9c0ba72712dc88d377ac92e6d3f1f621316aead217f4ee325 DIST icu-3_8-userguide.zip 2611858 RMD160 8fa028c73aedb9ef5fe2ff895469088ee0a4b5af SHA1 de16e72a8f53da466223ea34fb7385fe52b06736 SHA256 c61a3c2c923e08b5e0ee544b5e417058e4566878f8144a745924c5693ca160bb DIST icu4c-3_6-src.tgz 10183358 RMD160 b227ac9ff6019362bc4d01c18433869b0e0ff1c2 SHA1 b580c2802e74eb6af7e5e19b05c7d7c5d8c623f9 SHA256 5135e8d69d6206d320515df7aeee7027711ab1aef9d8dbf29571a97a9746b041 @@ -5,6 +9,14 @@ DIST icu4c-3_8-docs.zip 4001018 RMD160 927f4466758722e958b90a2bae873b11da222e88 DIST icu4c-3_8_1-src.tgz 10998841 RMD160 d297330ff0eb91bff5ac91e59188f1751f899032 SHA1 c2b933aee6741c28956f1b87dc514dee49b949aa SHA256 16dda09dff3f770e629313a4c50a82fee88baf87d89a3bb2a28806be07766cee EBUILD icu-3.6-r1.ebuild 827 RMD160 4dda53f3f3560cd667143462de4f034ad9d71a0c SHA1 0ea8df090aa3549d4eb9080e212979a27cc3e06c SHA256 66cce0a23df2455195996e26c6926149d4047acdc62b5802f6fae1e990ff3fc6 EBUILD icu-3.6.ebuild 785 RMD160 eb6909d0df984843c91f207457a6ff278feb4ca3 SHA1 64f830d48b4dfb5c483092fef9e461dd6921f07d SHA256 b7d25aa35769dcbd7efe3fa0c56aca95563ba357aaa9930ed353f5811a843790 +EBUILD icu-3.8.1-r1.ebuild 2209 RMD160 9aeff39e75b69c1213fed0c05abe29ea581b7527 SHA1 71baf67bf00c6f3484269d31cb94000067fb0d38 SHA256 0fa8911fe480a44f6afdce0c130ac21e25c5cd311ad706e70794f4b390036a2d EBUILD icu-3.8.1.ebuild 2127 RMD160 36529afc1e92db143f9242644673ea427899b5f4 SHA1 35f5dc7a078af711c4aa34cea1dd4f3e2465a887 SHA256 047b24905b0dd4bccf88b7948c702aeee4dd868558fb40149baaed817befe1b1 -MISC ChangeLog 7632 RMD160 9d3d4d95649d0c86f789b06bc0f9c4b9c665cbd4 SHA1 d2e304408326af1ecc4723446682fdbb3a83c48c SHA256 e97f47c98bed461ded652b66c68825e1337a380b8872fd097eaf6f71a8b18853 +MISC ChangeLog 7861 RMD160 dad9e7165bcb10fefb51b1cc76c528b1d73c7770 SHA1 b1aebef03a4143b663ef8000fba00878d13c758b SHA256 834ce2b914754916c5a02882f5af06c6ee58bff4ba375d26137d1d17fe9a2128 MISC metadata.xml 157 RMD160 a98db3a086fae3c09a903dadbc05f60443ec4b1a SHA1 ddaa23cc35eb917bf8962b652442bebb1ce0f440 SHA256 54f8878ca0228e380abbaa4b529806b5533a6b9b51b3b16c0909e906586a91a1 +-----BEGIN PGP SIGNATURE----- +Version: GnuPG v2.0.7 (GNU/Linux) + +iD8DBQFHpOa7J9KLJlGHWYIRAkF7AJ9dUxT9eql8LPdDsFRoj65dJp72swCgsujR +rllKA8FynEE+Odh5sVwRMR0= +=X6QE +-----END PGP SIGNATURE----- diff --git a/dev-libs/icu/files/icu-3.8-regexp-CVE-2007-4770+4771.diff b/dev-libs/icu/files/icu-3.8-regexp-CVE-2007-4770+4771.diff new file mode 100644 index 000000000000..545540a4cfc7 --- /dev/null +++ b/dev-libs/icu/files/icu-3.8-regexp-CVE-2007-4770+4771.diff @@ -0,0 +1,305 @@ +Index: /icu/branches/maint/maint-3-8/source/i18n/regexcmp.cpp +=================================================================== +--- i18n/regexcmp.cpp (revision 21805) ++++ i18n/regexcmp.cpp (revision 23292) +@@ -3,5 +3,5 @@ + // file: regexcmp.cpp + // +-// Copyright (C) 2002-2007 International Business Machines Corporation and others. ++// Copyright (C) 2002-2008 International Business Machines Corporation and others. + // All Rights Reserved. + // +@@ -1187,12 +1187,15 @@ + // we fill the operand with the capture group number. At the end + // of compilation, it will be changed to the variable's location. +- U_ASSERT(groupNum > 0); +- int32_t op; +- if (fModeFlags & UREGEX_CASE_INSENSITIVE) { +- op = URX_BUILD(URX_BACKREF_I, groupNum); ++ if (groupNum < 1) { ++ error(U_REGEX_INVALID_BACK_REF); + } else { +- op = URX_BUILD(URX_BACKREF, groupNum); +- } +- fRXPat->fCompiledPat->addElement(op, *fStatus); ++ int32_t op; ++ if (fModeFlags & UREGEX_CASE_INSENSITIVE) { ++ op = URX_BUILD(URX_BACKREF_I, groupNum); ++ } else { ++ op = URX_BUILD(URX_BACKREF, groupNum); ++ } ++ fRXPat->fCompiledPat->addElement(op, *fStatus); ++ } + } + break; +Index: /icu/branches/maint/maint-3-8/source/i18n/rematch.cpp +=================================================================== +--- i18n/rematch.cpp (revision 21973) ++++ i18n/rematch.cpp (revision 23292) +@@ -1,5 +1,5 @@ + /* + ************************************************************************** +-* Copyright (C) 2002-2007 International Business Machines Corporation * ++* Copyright (C) 2002-2008 International Business Machines Corporation * + * and others. All rights reserved. * + ************************************************************************** +@@ -30,4 +30,13 @@ + + U_NAMESPACE_BEGIN ++ ++// Limit the size of the back track stack, to avoid system failures caused ++// by heap exhaustion. Units are in 32 bit words, not bytes. ++// This value puts ICU's limits higher than most other regexp implementations, ++// which use recursion rather than the heap, and take more storage per ++// backtrack point. ++// This constant is _temporary_. Proper API to control the value will added. ++// ++static const int32_t BACKTRACK_STACK_CAPACITY = 8000000; + + //----------------------------------------------------------------------------- +@@ -54,6 +63,7 @@ + if (fStack == NULL || fData == NULL) { + fDeferredStatus = U_MEMORY_ALLOCATION_ERROR; +- } +- ++ } else { ++ fStack->setMaxCapacity(BACKTRACK_STACK_CAPACITY); ++ } + reset(RegexStaticSets::gStaticSets->fEmptyString); + } +@@ -79,4 +89,6 @@ + if (fStack == NULL || fData == NULL) { + status = U_MEMORY_ALLOCATION_ERROR; ++ } else { ++ fStack->setMaxCapacity(BACKTRACK_STACK_CAPACITY); + } + reset(input); +@@ -103,4 +115,6 @@ + if (fStack == NULL || fData == NULL) { + status = U_MEMORY_ALLOCATION_ERROR; ++ } else { ++ fStack->setMaxCapacity(BACKTRACK_STACK_CAPACITY); + } + reset(RegexStaticSets::gStaticSets->fEmptyString); +@@ -1015,4 +1029,12 @@ + // push storage for a new frame. + int32_t *newFP = fStack->reserveBlock(frameSize, status); ++ if (newFP == NULL) { ++ // Heap allocation error on attempted stack expansion. ++ // We need to return a writable stack frame, so just return the ++ // previous frame. The match operation will stop quickly ++ // becuase of the error status, after which the frame will never ++ // be looked at again. ++ return fp; ++ } + fp = (REStackFrame *)(newFP - frameSize); // in case of realloc of stack. + +@@ -1030,6 +1052,6 @@ + return (REStackFrame *)newFP; + } +- +- ++ ++ + //-------------------------------------------------------------------------------- + // +@@ -2262,4 +2284,5 @@ + + if (U_FAILURE(status)) { ++ isMatch = FALSE; + break; + } +Index: /icu/branches/maint/maint-3-8/source/test/intltest/regextst.h +=================================================================== +--- test/intltest/regextst.h (revision 22001) ++++ test/intltest/regextst.h (revision 23292) +@@ -1,5 +1,5 @@ + /******************************************************************** + * COPYRIGHT: +- * Copyright (c) 2002-2007, International Business Machines Corporation and ++ * Copyright (c) 2002-2008, International Business Machines Corporation and + * others. All Rights Reserved. + ********************************************************************/ +@@ -31,4 +31,5 @@ + virtual void Errors(); + virtual void PerlTests(); ++ virtual void Bug6149(); + + // The following functions are internal to the regexp tests. +Index: /icu/branches/maint/maint-3-8/source/test/intltest/regextst.cpp +=================================================================== +--- test/intltest/regextst.cpp (revision 22057) ++++ test/intltest/regextst.cpp (revision 23292) +@@ -1,5 +1,5 @@ + /******************************************************************** + * COPYRIGHT: +- * Copyright (c) 2002-2007, International Business Machines Corporation and ++ * Copyright (c) 2002-2008, International Business Machines Corporation and + * others. All Rights Reserved. + ********************************************************************/ +@@ -67,4 +67,8 @@ + if (exec) PerlTests(); + break; ++ case 7: name = "Bug 6149"; ++ if (exec) Bug6149(); ++ break; ++ + + +@@ -1640,4 +1644,10 @@ + // Ticket 5389 + REGEX_ERR("*c", 1, 1, U_REGEX_RULE_SYNTAX); ++ ++ // Invalid Back Reference \0 ++ // For ICU 3.8 and earlier ++ // For ICU versions newer than 3.8, \0 introduces an octal escape. ++ // ++ REGEX_ERR("(ab)\\0", 1, 6, U_REGEX_INVALID_BACK_REF); + + } +@@ -2123,4 +2133,24 @@ + + ++//-------------------------------------------------------------- ++// ++// Bug6149 Verify limits to heap expansion for backtrack stack. ++// Use this pattern, ++// "(a?){1,}" ++// The zero-length match will repeat forever. ++// (That this goes into a loop is another bug) ++// ++//--------------------------------------------------------------- ++void RegexTest::Bug6149() { ++ UnicodeString pattern("(a?){1,}"); ++ UnicodeString s("xyz"); ++ uint32_t flags = 0; ++ UErrorCode status = U_ZERO_ERROR; ++ ++ RegexMatcher matcher(pattern, s, flags, status); ++ UBool result = false; ++ REGEX_ASSERT_FAIL(result=matcher.matches(status), U_BUFFER_OVERFLOW_ERROR); ++ REGEX_ASSERT(result == FALSE); ++ } + + #endif /* !UCONFIG_NO_REGULAR_EXPRESSIONS */ +Index: /icu/branches/maint/maint-3-8/source/common/uvectr32.cpp +=================================================================== +--- common/uvectr32.cpp (revision 12958) ++++ common/uvectr32.cpp (revision 23292) +@@ -1,5 +1,5 @@ + /* + ****************************************************************************** +-* Copyright (C) 1999-2003, International Business Machines Corporation and * ++* Copyright (C) 1999-2008, International Business Machines Corporation and * + * others. All Rights Reserved. * + ****************************************************************************** +@@ -27,4 +27,5 @@ + count(0), + capacity(0), ++ maxCapacity(0), + elements(NULL) + { +@@ -35,4 +36,5 @@ + count(0), + capacity(0), ++ maxCapacity(0), + elements(0) + { +@@ -46,4 +48,7 @@ + if (initialCapacity < 1) { + initialCapacity = DEFUALT_CAPACITY; ++ } ++ if (maxCapacity>0 && maxCapacity<initialCapacity) { ++ initialCapacity = maxCapacity; + } + elements = (int32_t *)uprv_malloc(sizeof(int32_t)*initialCapacity); +@@ -190,19 +195,33 @@ + if (capacity >= minimumCapacity) { + return TRUE; +- } else { +- int32_t newCap = capacity * 2; +- if (newCap < minimumCapacity) { +- newCap = minimumCapacity; +- } +- int32_t* newElems = (int32_t *)uprv_malloc(sizeof(int32_t)*newCap); +- if (newElems == 0) { +- status = U_MEMORY_ALLOCATION_ERROR; +- return FALSE; +- } +- uprv_memcpy(newElems, elements, sizeof(elements[0]) * count); +- uprv_free(elements); +- elements = newElems; +- capacity = newCap; +- return TRUE; ++ } ++ if (maxCapacity>0 && minimumCapacity>maxCapacity) { ++ status = U_BUFFER_OVERFLOW_ERROR; ++ return FALSE; ++ } ++ int32_t newCap = capacity * 2; ++ if (newCap < minimumCapacity) { ++ newCap = minimumCapacity; ++ } ++ if (maxCapacity > 0 && newCap > maxCapacity) { ++ newCap = maxCapacity; ++ } ++ int32_t* newElems = (int32_t *)uprv_malloc(sizeof(int32_t)*newCap); ++ if (newElems == 0) { ++ status = U_MEMORY_ALLOCATION_ERROR; ++ return FALSE; ++ } ++ uprv_memcpy(newElems, elements, sizeof(elements[0]) * count); ++ uprv_free(elements); ++ elements = newElems; ++ capacity = newCap; ++ return TRUE; ++} ++ ++void UVector32::setMaxCapacity(int32_t limit) { ++ U_ASSERT(limit >= 0); ++ maxCapacity = limit; ++ if (maxCapacity < 0) { ++ maxCapacity = 0; + } + } +Index: /icu/branches/maint/maint-3-8/source/common/uvectr32.h +=================================================================== +--- common/uvectr32.h (revision 19000) ++++ common/uvectr32.h (revision 23292) +@@ -1,5 +1,5 @@ + /* + ********************************************************************** +-* Copyright (C) 1999-2006, International Business Machines ++* Copyright (C) 1999-2008, International Business Machines + * Corporation and others. All Rights Reserved. + ********************************************************************** +@@ -62,4 +62,6 @@ + + int32_t capacity; ++ ++ int32_t maxCapacity; // Limit beyond which capacity is not permitted to grow. + + int32_t* elements; +@@ -161,4 +163,12 @@ + */ + int32_t *getBuffer() const; ++ ++ /** ++ * Set the maximum allowed buffer capacity for this vector/stack. ++ * Default with no limit set is unlimited, go until malloc() fails. ++ * A Limit of zero means unlimited capacity. ++ * Units are vector elements (32 bits each), not bytes. ++ */ ++ void setMaxCapacity(int32_t limit); + + /** +@@ -222,5 +232,7 @@ + + inline int32_t *UVector32::reserveBlock(int32_t size, UErrorCode &status) { +- ensureCapacity(count+size, status); ++ if (ensureCapacity(count+size, status) == FALSE) { ++ return NULL; ++ } + int32_t *rp = elements+count; + count += size; + diff --git a/dev-libs/icu/icu-3.8.1-r1.ebuild b/dev-libs/icu/icu-3.8.1-r1.ebuild new file mode 100644 index 000000000000..66c98c129734 --- /dev/null +++ b/dev-libs/icu/icu-3.8.1-r1.ebuild @@ -0,0 +1,83 @@ +# Copyright 1999-2008 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/dev-libs/icu/icu-3.8.1-r1.ebuild,v 1.1 2008/02/02 21:54:58 hoffie Exp $ + +inherit eutils versionator + +DESCRIPTION="International Components for Unicode" +HOMEPAGE="http://www.icu-project.org/ http://ibm.com/software/globalization/icu/" + +BASEURI="http://download.icu-project.org/files/${PN}4c/${PV}" +DOCS_PV="$(get_version_component_range 1-2)" +DOCS_BASEURI="http://download.icu-project.org/files/${PN}4c/${DOCS_PV}" +DOCS_PV="${DOCS_PV/./_}" +SRCPKG="${PN}4c-${PV//./_}-src.tgz" +USERGUIDE="${PN}-${DOCS_PV}-userguide.zip" +APIDOCS="${PN}4c-${DOCS_PV}-docs.zip" + +SRC_URI="${BASEURI}/${SRCPKG} + doc? ( ${DOCS_BASEURI}/${USERGUIDE} + ${DOCS_BASEURI}/${APIDOCS} )" + +LICENSE="BSD" +SLOT="0" +KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86 ~x86-fbsd" +IUSE="debug doc examples" + +DEPEND="doc? ( app-arch/unzip )" +RDEPEND="" + +S=${WORKDIR}/${PN}/source + +src_unpack() { + unpack ${SRCPKG} + if use doc ; then + mkdir userguide + pushd ./userguide > /dev/null + unpack ${USERGUIDE} + popd + + mkdir apidocs + pushd ./apidocs > /dev/null + unpack ${APIDOCS} + popd + fi + + # See http://qa.openoffice.org/issues/show_bug.cgi?id=83146 + # and http://bugs.icu-project.org/trac/ticket/5498 for details + cd "${S}" + epatch "${FILESDIR}"/${PN}-3.8-setBreakType-public.diff + + # Bug 208001 + epatch "${FILESDIR}"/${PN}-3.8-regexp-CVE-2007-4770+4771.diff + + # do not hardcode used CFLAGS, LDFLAGS etc. into icu-config + # Bug 202059 + # http://bugs.icu-project.org/trac/ticket/6102 + for x in CFLAGS CXXFLAGS CPPFLAGS LDFLAGS ; do + sed -i -e "/^${x} =.*/s:@${x}@::" config/Makefile.inc.in || die "sed failed" + done +} + +src_compile() { + econf \ + --enable-static \ + $(use_enable debug) \ + $(use_enable examples samples) + + emake -j1 || die "emake failed" +} + +src_install() { + emake DESTDIR="${D}" install || die "emake install failed" + + dohtml ../readme.html + dodoc ../unicode-license.txt + if use doc ; then + insinto /usr/share/doc/${PF}/html/userguide + doins -r "${WORKDIR}"/userguide/* + + insinto /usr/share/doc/${PF}/html/apidocs + doins -r "${WORKDIR}"/apidocs/* + fi +} |