[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

r6323 - in glibc-package/trunk/debian: . patches patches/any



Author: aurel32
Date: 2014-11-06 19:17:27 +0000 (Thu, 06 Nov 2014)
New Revision: 6323

Added:
   glibc-package/trunk/debian/patches/any/cvs-regex-alloca.diff
Modified:
   glibc-package/trunk/debian/changelog
   glibc-package/trunk/debian/patches/series
Log:
patches/any/cvs-regex-alloca.diff: new patch from upstream to fix a 
segmentationf fault in regex in case of heap allocation failure. Closes:
#767225.

Modified: glibc-package/trunk/debian/changelog
===================================================================
--- glibc-package/trunk/debian/changelog	2014-11-05 14:33:48 UTC (rev 6322)
+++ glibc-package/trunk/debian/changelog	2014-11-06 19:17:27 UTC (rev 6323)
@@ -7,6 +7,9 @@
     __SIGRTMIN to match other architectures. Closes: #766605.
   * patches/amd64/cvs-slow-sse42.diff: backport patch from upstream to fix
     a performance issue with strcmp and friends functions on some machines.
+  * patches/any/cvs-regex-alloca.diff: new patch from upstream to fix a 
+    segmentationf fault in regex in case of heap allocation failure. Closes:
+    #767225.
 
   [ Samuel Thibault ]
   * hurd-i386/cvs-libpthread.diff: Update to Sun Nov 2.

Added: glibc-package/trunk/debian/patches/any/cvs-regex-alloca.diff
===================================================================
--- glibc-package/trunk/debian/patches/any/cvs-regex-alloca.diff	                        (rev 0)
+++ glibc-package/trunk/debian/patches/any/cvs-regex-alloca.diff	2014-11-06 19:17:27 UTC (rev 6323)
@@ -0,0 +1,21 @@
+2014-07-13  Jim Meyering  <meyering@fb.com>
+
+	[BZ 17150]
+	regex: don't deref NULL upon heap allocation failure
+	* posix/regcomp.c: (parse_dup_op): Handle duplicate_tree
+	failure in one more place.
+	To trigger the segfault, configure grep -with-included-regex,
+	build it, and run these commands:
+	( ulimit -v 300000; echo a|src/grep -E a+++++++++++++++++++++ )
+
+--- a/posix/regcomp.c
++++ b/posix/regcomp.c
+@@ -2582,6 +2582,8 @@ parse_dup_op (bin_tree_t *elem, re_string_t *regexp, re_dfa_t *dfa,
+ 
+       /* Duplicate ELEM before it is marked optional.  */
+       elem = duplicate_tree (elem, dfa);
++      if (BE (elem == NULL, 0))
++        goto parse_dup_op_espace;
+       old_tree = tree;
+     }
+   else

Modified: glibc-package/trunk/debian/patches/series
===================================================================
--- glibc-package/trunk/debian/patches/series	2014-11-05 14:33:48 UTC (rev 6322)
+++ glibc-package/trunk/debian/patches/series	2014-11-06 19:17:27 UTC (rev 6323)
@@ -268,3 +268,4 @@
 any/cvs-CVE-2014-6040.diff
 any/cvs-check_pf-infinite-loop.diff
 any/local-static-dlopen-search-path.diff
+any/cvs-regex-alloca.diff


Reply to: