summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--debian/changelog3
-rw-r--r--debian/patches/0105-CVE-2019-13224.patch38
-rw-r--r--debian/patches/0110-CVE-2019-13225.patch66
-rw-r--r--debian/patches/series2
-rwxr-xr-xdebian/rules12
5 files changed, 6 insertions, 115 deletions
diff --git a/debian/changelog b/debian/changelog
index 2f2eec7..4054c3d 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -5,6 +5,9 @@ libonig (6.9.5-1) UNRELEASED; urgency=medium
* Declare compliance with Debian Policy 4.5.0 (No changes needed).
* debian/copyright:
- Add year 2020.
+ * Remove unused patches:
+ - debian/patches/0105-CVE-2019-13224.patch,
+ - debian/patches/0110-CVE-2019-13225.patch.
-- Jörg Frings-Fürst <debian@jff.email> Mon, 20 Apr 2020 20:34:52 +0200
diff --git a/debian/patches/0105-CVE-2019-13224.patch b/debian/patches/0105-CVE-2019-13224.patch
deleted file mode 100644
index 6ea4f95..0000000
--- a/debian/patches/0105-CVE-2019-13224.patch
+++ /dev/null
@@ -1,38 +0,0 @@
-Description: CVE-2019-13224
- don't allow different encodings for onig_new_deluxe()
-Origin: upstream, https://github.com/kkos/oniguruma/commit/0f7f61ed1b7b697e283e37bd2d731d0bd57adb55
-Bug-Debian: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=931878
-Last-Update: 2019-07-12
----
-This patch header follows DEP-3: http://dep.debian.net/deps/dep3/
-Index: trunk/src/regext.c
-===================================================================
---- trunk.orig/src/regext.c
-+++ trunk/src/regext.c
-@@ -29,6 +29,7 @@
-
- #include "regint.h"
-
-+#if 0
- static void
- conv_ext0be32(const UChar* s, const UChar* end, UChar* conv)
- {
-@@ -158,6 +159,7 @@ conv_encoding(OnigEncoding from, OnigEnc
-
- return ONIGERR_NOT_SUPPORTED_ENCODING_COMBINATION;
- }
-+#endif
-
- extern int
- onig_new_deluxe(regex_t** reg, const UChar* pattern, const UChar* pattern_end,
-@@ -169,9 +171,7 @@ onig_new_deluxe(regex_t** reg, const UCh
- if (IS_NOT_NULL(einfo)) einfo->par = (UChar* )NULL;
-
- if (ci->pattern_enc != ci->target_enc) {
-- r = conv_encoding(ci->pattern_enc, ci->target_enc, pattern, pattern_end,
-- &cpat, &cpat_end);
-- if (r != 0) return r;
-+ return ONIGERR_NOT_SUPPORTED_ENCODING_COMBINATION;
- }
- else {
- cpat = (UChar* )pattern;
diff --git a/debian/patches/0110-CVE-2019-13225.patch b/debian/patches/0110-CVE-2019-13225.patch
deleted file mode 100644
index be9e152..0000000
--- a/debian/patches/0110-CVE-2019-13225.patch
+++ /dev/null
@@ -1,66 +0,0 @@
-Description: CVE-2019-13225
- problem in converting if-then-else pattern to bytecode.
-Origin: upstream, https://github.com/kkos/oniguruma/commit/c509265c5f6ae7264f7b8a8aae1cfa5fc59d108c
-Bug-Debian: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=931878
-Last-Update: 2019-07-12
----
-This patch header follows DEP-3: http://dep.debian.net/deps/dep3/
-Index: trunk/src/regcomp.c
-===================================================================
---- trunk.orig/src/regcomp.c
-+++ trunk/src/regcomp.c
-@@ -1307,8 +1307,9 @@ compile_length_bag_node(BagNode* node, r
- len += tlen;
- }
-
-+ len += SIZE_OP_JUMP + SIZE_OP_ATOMIC_END;
-+
- if (IS_NOT_NULL(Else)) {
-- len += SIZE_OP_JUMP;
- tlen = compile_length_tree(Else, reg);
- if (tlen < 0) return tlen;
- len += tlen;
-@@ -1455,7 +1456,7 @@ compile_bag_node(BagNode* node, regex_t*
-
- case BAG_IF_ELSE:
- {
-- int cond_len, then_len, jump_len;
-+ int cond_len, then_len, else_len, jump_len;
- Node* cond = NODE_BAG_BODY(node);
- Node* Then = node->te.Then;
- Node* Else = node->te.Else;
-@@ -1472,8 +1473,7 @@ compile_bag_node(BagNode* node, regex_t*
- else
- then_len = 0;
-
-- jump_len = cond_len + then_len + SIZE_OP_ATOMIC_END;
-- if (IS_NOT_NULL(Else)) jump_len += SIZE_OP_JUMP;
-+ jump_len = cond_len + then_len + SIZE_OP_ATOMIC_END + SIZE_OP_JUMP;
-
- r = add_op(reg, OP_PUSH);
- if (r != 0) return r;
-@@ -1490,11 +1490,20 @@ compile_bag_node(BagNode* node, regex_t*
- }
-
- if (IS_NOT_NULL(Else)) {
-- int else_len = compile_length_tree(Else, reg);
-- r = add_op(reg, OP_JUMP);
-- if (r != 0) return r;
-- COP(reg)->jump.addr = else_len + SIZE_INC_OP;
-+ else_len = compile_length_tree(Else, reg);
-+ if (else_len < 0) return else_len;
-+ }
-+ else
-+ else_len = 0;
-
-+ r = add_op(reg, OP_JUMP);
-+ if (r != 0) return r;
-+ COP(reg)->jump.addr = SIZE_OP_ATOMIC_END + else_len + SIZE_INC_OP;
-+
-+ r = add_op(reg, OP_ATOMIC_END);
-+ if (r != 0) return r;
-+
-+ if (IS_NOT_NULL(Else)) {
- r = compile_tree(Else, reg, env);
- }
- }
diff --git a/debian/patches/series b/debian/patches/series
index 1c34712..ea79fff 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -1,3 +1 @@
0100-source_typos.patch
-#0105-CVE-2019-13224.patch
-#0110-CVE-2019-13225.patch
diff --git a/debian/rules b/debian/rules
index ee95689..833094f 100755
--- a/debian/rules
+++ b/debian/rules
@@ -1,19 +1,13 @@
#!/usr/bin/make -f
-# -*- makefile -*-
-# Sample debian/rules that uses debhelper.
-# This file was originally written by Joey Hess and Craig Small.
-# As a special exception, when this file is copied by dh-make into a
-# dh-make output file, you may use that output file without restriction.
-# This special exception was added by Craig Small in version 0.37 of dh-make.
# Uncomment this to turn on verbose mode.
#export DH_VERBOSE=1
#
-# Test for gcc-6 support
+# Test for gcc-10 support
#
-#export CC=gcc-6
-#export CXX=g++-6
+#export CC=gcc-10
+#export CXX=g++-10
export DEB_BUILD_MAINT_OPTIONS = hardening=+all