summaryrefslogtreecommitdiff
path: root/debian/patches/0105-CVE-2019-13224.patch
diff options
context:
space:
mode:
authorJörg Frings-Fürst <debian@jff.email>2019-07-12 10:25:50 +0200
committerJörg Frings-Fürst <debian@jff.email>2019-07-12 10:25:50 +0200
commit2c7655105475ad81ad07eedc9dded1924afb154f (patch)
treee9867d777e3ede7f5ffa0484b5f0b202034fad38 /debian/patches/0105-CVE-2019-13224.patch
parent509a5b00debac36f95c54041e143940e21fc1c40 (diff)
Fix CVE-2019-1322[4-5]
Diffstat (limited to 'debian/patches/0105-CVE-2019-13224.patch')
-rw-r--r--debian/patches/0105-CVE-2019-13224.patch38
1 files changed, 38 insertions, 0 deletions
diff --git a/debian/patches/0105-CVE-2019-13224.patch b/debian/patches/0105-CVE-2019-13224.patch
new file mode 100644
index 0000000..6ea4f95
--- /dev/null
+++ b/debian/patches/0105-CVE-2019-13224.patch
@@ -0,0 +1,38 @@
+Description: CVE-2019-13224
+ don't allow different encodings for onig_new_deluxe()
+Origin: upstream, https://github.com/kkos/oniguruma/commit/0f7f61ed1b7b697e283e37bd2d731d0bd57adb55
+Bug-Debian: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=931878
+Last-Update: 2019-07-12
+---
+This patch header follows DEP-3: http://dep.debian.net/deps/dep3/
+Index: trunk/src/regext.c
+===================================================================
+--- trunk.orig/src/regext.c
++++ trunk/src/regext.c
+@@ -29,6 +29,7 @@
+
+ #include "regint.h"
+
++#if 0
+ static void
+ conv_ext0be32(const UChar* s, const UChar* end, UChar* conv)
+ {
+@@ -158,6 +159,7 @@ conv_encoding(OnigEncoding from, OnigEnc
+
+ return ONIGERR_NOT_SUPPORTED_ENCODING_COMBINATION;
+ }
++#endif
+
+ extern int
+ onig_new_deluxe(regex_t** reg, const UChar* pattern, const UChar* pattern_end,
+@@ -169,9 +171,7 @@ onig_new_deluxe(regex_t** reg, const UCh
+ if (IS_NOT_NULL(einfo)) einfo->par = (UChar* )NULL;
+
+ if (ci->pattern_enc != ci->target_enc) {
+- r = conv_encoding(ci->pattern_enc, ci->target_enc, pattern, pattern_end,
+- &cpat, &cpat_end);
+- if (r != 0) return r;
++ return ONIGERR_NOT_SUPPORTED_ENCODING_COMBINATION;
+ }
+ else {
+ cpat = (UChar* )pattern;