1 files changed, 38 insertions, 0 deletions

diff --git a/debian/patches/0105-CVE-2019-13224.patch b/debian/patches/0105-CVE-2019-13224.patch
new file mode 100644
index 0000000..6ea4f95
--- /dev/null
+++ b/debian/patches/0105-CVE-2019-13224.patch
@@ -0,0 +1,38 @@
+Description: CVE-2019-13224
+ don't allow different encodings for onig_new_deluxe()
+Origin: upstream, https://github.com/kkos/oniguruma/commit/0f7f61ed1b7b697e283e37bd2d731d0bd57adb55
+Bug-Debian: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=931878
+Last-Update: 2019-07-12
+---
+This patch header follows DEP-3: http://dep.debian.net/deps/dep3/
+Index: trunk/src/regext.c
+===================================================================
+--- trunk.orig/src/regext.c
++++ trunk/src/regext.c
+@@ -29,6 +29,7 @@
+ 
+ #include "regint.h"
+ 
++#if 0
+ static void
+ conv_ext0be32(const UChar* s, const UChar* end, UChar* conv)
+ {
+@@ -158,6 +159,7 @@ conv_encoding(OnigEncoding from, OnigEnc
+ 
+   return ONIGERR_NOT_SUPPORTED_ENCODING_COMBINATION;
+ }
++#endif
+ 
+ extern int
+ onig_new_deluxe(regex_t** reg, const UChar* pattern, const UChar* pattern_end,
+@@ -169,9 +171,7 @@ onig_new_deluxe(regex_t** reg, const UCh
+   if (IS_NOT_NULL(einfo)) einfo->par = (UChar* )NULL;
+ 
+   if (ci->pattern_enc != ci->target_enc) {
+-    r = conv_encoding(ci->pattern_enc, ci->target_enc, pattern, pattern_end,
+-                      &cpat, &cpat_end);
+-    if (r != 0) return r;
++    return ONIGERR_NOT_SUPPORTED_ENCODING_COMBINATION;
+   }
+   else {
+     cpat     = (UChar* )pattern;