diff options
author | Remi Collet <remi@remirepo.net> | 2019-07-15 15:47:22 +0200 |
---|---|---|
committer | Remi Collet <remi@remirepo.net> | 2019-07-15 15:47:22 +0200 |
commit | 558251d3ce37b751b4d3e263577e4252b441a92b (patch) | |
tree | dd3ff28d074ba25c8b52e5155476a4167c160631 /0011-Fix-CVE-2019-13224-don-t-allow-different-encodings-f.patch | |
parent | 7af69d0e975f27cd4141ebf2f365032ac17c5150 (diff) |
add security fixes from Fedora
Diffstat (limited to '0011-Fix-CVE-2019-13224-don-t-allow-different-encodings-f.patch')
-rw-r--r-- | 0011-Fix-CVE-2019-13224-don-t-allow-different-encodings-f.patch | 44 |
1 files changed, 44 insertions, 0 deletions
diff --git a/0011-Fix-CVE-2019-13224-don-t-allow-different-encodings-f.patch b/0011-Fix-CVE-2019-13224-don-t-allow-different-encodings-f.patch new file mode 100644 index 0000000..4a2b994 --- /dev/null +++ b/0011-Fix-CVE-2019-13224-don-t-allow-different-encodings-f.patch @@ -0,0 +1,44 @@ +From 0f7f61ed1b7b697e283e37bd2d731d0bd57adb55 Mon Sep 17 00:00:00 2001 +From: "K.Kosako" <kosako@sofnec.co.jp> +Date: Thu, 27 Jun 2019 17:25:26 +0900 +Subject: [PATCH 11/32] Fix CVE-2019-13224: don't allow different encodings for + onig_new_deluxe() + +--- + src/regext.c | 6 +++--- + 1 file changed, 3 insertions(+), 3 deletions(-) + +diff --git a/src/regext.c b/src/regext.c +index fa4b360..965c793 100644 +--- a/src/regext.c ++++ b/src/regext.c +@@ -29,6 +29,7 @@ + + #include "regint.h" + ++#if 0 + static void + conv_ext0be32(const UChar* s, const UChar* end, UChar* conv) + { +@@ -158,6 +159,7 @@ conv_encoding(OnigEncoding from, OnigEncoding to, const UChar* s, const UChar* e + + return ONIGERR_NOT_SUPPORTED_ENCODING_COMBINATION; + } ++#endif + + extern int + onig_new_deluxe(regex_t** reg, const UChar* pattern, const UChar* pattern_end, +@@ -169,9 +171,7 @@ onig_new_deluxe(regex_t** reg, const UChar* pattern, const UChar* pattern_end, + if (IS_NOT_NULL(einfo)) einfo->par = (UChar* )NULL; + + if (ci->pattern_enc != ci->target_enc) { +- r = conv_encoding(ci->pattern_enc, ci->target_enc, pattern, pattern_end, +- &cpat, &cpat_end); +- if (r != 0) return r; ++ return ONIGERR_NOT_SUPPORTED_ENCODING_COMBINATION; + } + else { + cpat = (UChar* )pattern; +-- +2.21.0 + |