[Pkg-erlang-commits] r1910 - erlang/trunk/debian/patches
sgolovan at alioth.debian.org
sgolovan at alioth.debian.org
Wed Mar 22 13:55:06 UTC 2017
Author: sgolovan
Date: 2017-03-22 13:55:06 +0000 (Wed, 22 Mar 2017)
New Revision: 1910
Modified:
erlang/trunk/debian/patches/cve-2016-10253.patch
Log:
[erlang]
Augmented the patch for CVE-2016-10253.
Modified: erlang/trunk/debian/patches/cve-2016-10253.patch
===================================================================
--- erlang/trunk/debian/patches/cve-2016-10253.patch 2017-03-22 12:55:42 UTC (rev 1909)
+++ erlang/trunk/debian/patches/cve-2016-10253.patch 2017-03-22 13:55:06 UTC (rev 1910)
@@ -4,6 +4,8 @@
"(?<=((?2))((?1)))".
The patch was found at https://github.com/erlang/otp/pull/1108 and
the original version from https://vcs.pcre.org/pcre?view=revision&revision=1542
+ and https://vcs.pcre.org/pcre?view=revision&revision=1560 and
+ https://vcs.pcre.org/pcre?view=revision&revision=1571
has been adapted.
Last-Modified: Wed, 22 Mar 2017 15:35:07 +0300
Bug-Debian: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=858313
@@ -76,6 +78,15 @@
if (d < 0) return d;
branchlength += d;
cc += 1 + LINK_SIZE;
+@@ -1818,7 +1838,7 @@
+ case OP_ASSERTBACK:
+ case OP_ASSERTBACK_NOT:
+ do cc += GET(cc, 1); while (*cc == OP_ALT);
+- cc += PRIV(OP_lengths)[*cc];
++ cc += 1 + LINK_SIZE;
+ break;
+
+ /* Skip over things that don't match chars */
@@ -7255,7 +7275,7 @@
int fixed_length;
*code = OP_END;
@@ -85,6 +96,15 @@
DPRINTF(("fixed length = %d\n", fixed_length));
if (fixed_length == -3)
{
+@@ -8249,7 +8269,7 @@
+ exceptional ones forgo this. We scan the pattern to check that they are fixed
+ length, and set their lengths. */
+
+-if (cd->check_lookbehind)
++if (errorcode == 0 && cd->check_lookbehind)
+ {
+ pcre_uchar *cc = (pcre_uchar *)codestart;
+
@@ -8269,7 +8289,7 @@
int end_op = *be;
*be = OP_END;
More information about the Pkg-erlang-commits
mailing list