summaryrefslogtreecommitdiff
path: root/dev-libs/oniguruma/files/oniguruma-5.9.6-CVE-2017-9226.patch
diff options
context:
space:
mode:
Diffstat (limited to 'dev-libs/oniguruma/files/oniguruma-5.9.6-CVE-2017-9226.patch')
-rw-r--r--dev-libs/oniguruma/files/oniguruma-5.9.6-CVE-2017-9226.patch19
1 files changed, 19 insertions, 0 deletions
diff --git a/dev-libs/oniguruma/files/oniguruma-5.9.6-CVE-2017-9226.patch b/dev-libs/oniguruma/files/oniguruma-5.9.6-CVE-2017-9226.patch
index f28d5552e3a..f5e0490ecfb 100644
--- a/dev-libs/oniguruma/files/oniguruma-5.9.6-CVE-2017-9226.patch
+++ b/dev-libs/oniguruma/files/oniguruma-5.9.6-CVE-2017-9226.patch
@@ -1,10 +1,29 @@
https://github.com/kkos/oniguruma/issues/55
+https://github.com/kkos/oniguruma/commit/f015fbdd95f76438cd86366467bb2b39870dd7c6
https://github.com/kkos/oniguruma/commit/b4bf968ad52afe14e60a2dc8a95d3555c543353a
Author: K.Kosako <kosako@sofnec.co.jp>
--- a/regparse.c
+++ b/regparse.c
+@@ -3064,7 +3064,7 @@
+ PUNFETCH;
+ prev = p;
+ num = scan_unsigned_octal_number(&p, end, 3, enc);
+- if (num < 0) return ONIGERR_TOO_BIG_NUMBER;
++ if (num < 0 || num >= 256) return ONIGERR_TOO_BIG_NUMBER;
+ if (p == prev) { /* can't read nothing. */
+ num = 0; /* but, it's not error */
+ }
+@@ -3436,7 +3436,7 @@
+ if (IS_SYNTAX_OP(syn, ONIG_SYN_OP_ESC_OCTAL3)) {
+ prev = p;
+ num = scan_unsigned_octal_number(&p, end, (c == '0' ? 2:3), enc);
+- if (num < 0) return ONIGERR_TOO_BIG_NUMBER;
++ if (num < 0 || num >= 256) return ONIGERR_TOO_BIG_NUMBER;
+ if (p == prev) { /* can't read nothing. */
+ num = 0; /* but, it's not error */
+ }
@@ -4084,7 +4084,12 @@
switch (*state) {
case CCS_VALUE:
generated by cgit v1.2.1 (git 2.18.0) at 2024-07-18 21:18:14 +0000