[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#924694: marked as done (unblock: gnulib/20140202+stable-3.2)

Your message dated Sat, 16 Mar 2019 11:30:18 +0000
with message-id <E1h57W6-0000PN-DX@respighi.debian.org>
and subject line unblock gnulib
has caused the Debian Bug report #924694,
regarding unblock: gnulib/20140202+stable-3.2
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact owner@bugs.debian.org
immediately.)


-- 
924694: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=924694
Debian Bug Tracking System
Contact owner@bugs.debian.org with problems
--- Begin Message --- 
Package: release.debian.org
Severity: normal
User: release.debian.org@packages.debian.org
Usertags: unblock

Hi,

Moritz Muehlenhoff filled #924613 to raise CVE-2009-5155 issue in
gnulib to the BTS. The issue is already fixed in the experimental
version and the update to sid includes the cherry-picked patch as per
http://git.savannah.gnu.org/cgit/gnulib.git/commit/?id=5513b40999149090987a0341c018d05d3eea1272
from upstream.

The changelog entry reads as (note I did not choose it as QA upload as
the QA upload was done for experimental):

 gnulib (20140202+stable-3.2) unstable; urgency=medium
 .
   * Non-maintainer upload.
   * Diagnose ERE '()|\1' (CVE-2009-5155) (Closes: #924613)

unblock gnulib/20140202+stable-3.2

Regards,
Salvatore

diff -Nru gnulib-20140202+stable/debian/changelog gnulib-20140202+stable/debian/changelog
--- gnulib-20140202+stable/debian/changelog	2019-02-09 11:11:06.000000000 +0100
+++ gnulib-20140202+stable/debian/changelog	2019-03-15 21:08:27.000000000 +0100
@@ -1,3 +1,10 @@
+gnulib (20140202+stable-3.2) unstable; urgency=medium
+
+  * Non-maintainer upload.
+  * Diagnose ERE '()|\1' (CVE-2009-5155) (Closes: #924613)
+
+ -- Salvatore Bonaccorso <carnil@debian.org>  Fri, 15 Mar 2019 21:08:27 +0100
+
 gnulib (20140202+stable-3.1) unstable; urgency=medium
 
   * Non-maintainer upload.
diff -Nru gnulib-20140202+stable/debian/patches/04-Diagnose-ERE-1.patch gnulib-20140202+stable/debian/patches/04-Diagnose-ERE-1.patch
--- gnulib-20140202+stable/debian/patches/04-Diagnose-ERE-1.patch	1970-01-01 01:00:00.000000000 +0100
+++ gnulib-20140202+stable/debian/patches/04-Diagnose-ERE-1.patch	2019-03-15 21:08:27.000000000 +0100
@@ -0,0 +1,45 @@
+From: Paul Eggert <eggert@cs.ucla.edu>
+Date: Sat, 19 Sep 2015 13:53:34 -0700
+Subject: Diagnose ERE '()|\1'
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+Origin: http://git.savannah.gnu.org/cgit/gnulib.git/commit/?id=5513b40999149090987a0341c018d05d3eea1272
+Bug-Debian-Security: https://security-tracker.debian.org/tracker/CVE-2009-5155
+Bug-Debian: https://bugs.debian.org/924613
+
+Problem reported by Hanno Böck in: http://bugs.gnu.org/21513
+* lib/regcomp.c (parse_reg_exp): While parsing alternatives, keep
+track of the set of previously-completed subexpressions available
+before the first alternative, and restore this set just before
+parsing each subsequent alternative.  This lets us diagnose the
+invalid back-reference in the ERE '()|\1'.
+---
+
+--- a/lib/regcomp.c
++++ b/lib/regcomp.c
+@@ -2187,6 +2187,7 @@ parse_reg_exp (re_string_t *regexp, rege
+ {
+   re_dfa_t *dfa = preg->buffer;
+   bin_tree_t *tree, *branch = NULL;
++  bitset_word_t initial_bkref_map = dfa->completed_bkref_map;
+   tree = parse_branch (regexp, preg, token, syntax, nest, err);
+   if (BE (*err != REG_NOERROR && tree == NULL, 0))
+     return NULL;
+@@ -2197,6 +2198,8 @@ parse_reg_exp (re_string_t *regexp, rege
+       if (token->type != OP_ALT && token->type != END_OF_RE
+ 	  && (nest == 0 || token->type != OP_CLOSE_SUBEXP))
+ 	{
++	  bitset_word_t accumulated_bkref_map = dfa->completed_bkref_map;
++	  dfa->completed_bkref_map = initial_bkref_map;
+ 	  branch = parse_branch (regexp, preg, token, syntax, nest, err);
+ 	  if (BE (*err != REG_NOERROR && branch == NULL, 0))
+ 	    return NULL;
+@@ -2398,6 +2401,7 @@ parse_expression (re_string_t *regexp, r
+ 	      *err = REG_ESPACE;
+ 	      return NULL;
+ 	    }
++	  dfa->completed_bkref_map |= accumulated_bkref_map;
+ 	}
+       else
+ 	{
diff -Nru gnulib-20140202+stable/debian/patches/series gnulib-20140202+stable/debian/patches/series
--- gnulib-20140202+stable/debian/patches/series	2019-02-09 11:11:06.000000000 +0100
+++ gnulib-20140202+stable/debian/patches/series	2019-03-15 21:08:27.000000000 +0100
@@ -1,3 +1,4 @@
 01-gnulib-directory.patch
 02-shebang.patch
 03-vasnprintf-Fix-heap-memory-overrun-bug.patch
+04-Diagnose-ERE-1.patch

--- End Message ---
--- Begin Message --- 
Unblocked.

--- End Message ---
Reply to: