diff options
author | Jörg Frings-Fürst <debian@jff.email> | 2019-07-12 10:25:50 +0200 |
---|---|---|
committer | Jörg Frings-Fürst <debian@jff.email> | 2019-07-12 10:25:50 +0200 |
commit | 2c7655105475ad81ad07eedc9dded1924afb154f (patch) | |
tree | e9867d777e3ede7f5ffa0484b5f0b202034fad38 /debian/patches/0105-CVE-2019-13224.patch | |
parent | 509a5b00debac36f95c54041e143940e21fc1c40 (diff) |
Fix CVE-2019-1322[4-5]
Diffstat (limited to 'debian/patches/0105-CVE-2019-13224.patch')
-rw-r--r-- | debian/patches/0105-CVE-2019-13224.patch | 38 |
1 files changed, 38 insertions, 0 deletions
diff --git a/debian/patches/0105-CVE-2019-13224.patch b/debian/patches/0105-CVE-2019-13224.patch new file mode 100644 index 0000000..6ea4f95 --- /dev/null +++ b/debian/patches/0105-CVE-2019-13224.patch @@ -0,0 +1,38 @@ +Description: CVE-2019-13224 + don't allow different encodings for onig_new_deluxe() +Origin: upstream, https://github.com/kkos/oniguruma/commit/0f7f61ed1b7b697e283e37bd2d731d0bd57adb55 +Bug-Debian: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=931878 +Last-Update: 2019-07-12 +--- +This patch header follows DEP-3: http://dep.debian.net/deps/dep3/ +Index: trunk/src/regext.c +=================================================================== +--- trunk.orig/src/regext.c ++++ trunk/src/regext.c +@@ -29,6 +29,7 @@ + + #include "regint.h" + ++#if 0 + static void + conv_ext0be32(const UChar* s, const UChar* end, UChar* conv) + { +@@ -158,6 +159,7 @@ conv_encoding(OnigEncoding from, OnigEnc + + return ONIGERR_NOT_SUPPORTED_ENCODING_COMBINATION; + } ++#endif + + extern int + onig_new_deluxe(regex_t** reg, const UChar* pattern, const UChar* pattern_end, +@@ -169,9 +171,7 @@ onig_new_deluxe(regex_t** reg, const UCh + if (IS_NOT_NULL(einfo)) einfo->par = (UChar* )NULL; + + if (ci->pattern_enc != ci->target_enc) { +- r = conv_encoding(ci->pattern_enc, ci->target_enc, pattern, pattern_end, +- &cpat, &cpat_end); +- if (r != 0) return r; ++ return ONIGERR_NOT_SUPPORTED_ENCODING_COMBINATION; + } + else { + cpat = (UChar* )pattern; |