Bug#934952: stretch-pu: package icu/57.1-6+deb9u3
Package: release.debian.org
Severity: normal
Tags: stretch
User: release.debian.org@packages.debian.org
Usertags: pu
Hi SRMs,
There's a crash in Stretch with ICU, there's a missing NULL check in
the LocalArray class. It crashes ICU with certain options / use
case[1]. Upstream fixed it[2] and now I would like to make it to
Stretch.
Proposed update is attached.
Thanks for consideration,
Laszlo/GCS
[1] https://bugs.debian.org/893009
[2] https://github.com/unicode-org/icu/commit/0fd799f7eead9e29fa1dd81f8a119b5fbc88ec36#diff-c3890545a241c9db99ff727b5c4b7705
diff -Nru icu-57.1/debian/changelog icu-57.1/debian/changelog
--- icu-57.1/debian/changelog 2018-03-14 18:28:38.000000000 +0000
+++ icu-57.1/debian/changelog 2019-08-07 16:30:43.000000000 +0000
@@ -1,3 +1,9 @@
+icu (57.1-6+deb9u3) stretch; urgency=medium
+
+ * Fix pkgdata command segfault (closes: #893009).
+
+ -- Laszlo Boszormenyi (GCS) <gcs@debian.org> Wed, 07 Aug 2019 16:30:43 +0000
+
icu (57.1-6+deb9u2) stretch-security; urgency=high
* Backport upstream security fix for CVE-2017-15422: Persian calendar
diff -Nru icu-57.1/debian/patches/pkgdata-crash.patch icu-57.1/debian/patches/pkgdata-crash.patch
--- icu-57.1/debian/patches/pkgdata-crash.patch 1970-01-01 00:00:00.000000000 +0000
+++ icu-57.1/debian/patches/pkgdata-crash.patch 2019-08-07 16:30:43.000000000 +0000
@@ -0,0 +1,66 @@
+From 0fd799f7eead9e29fa1dd81f8a119b5fbc88ec36 Mon Sep 17 00:00:00 2001
+From: Michael Ow <mow@svn.icu-project.org>
+Date: Fri, 20 May 2016 20:00:53 +0000
+Subject: [PATCH] ICU-12531 Add null check for closeFunction
+
+X-SVN-Rev: 38757
+---
+ icu4c/source/common/unicode/localpointer.h | 13 +++++--------
+ 1 file changed, 5 insertions(+), 8 deletions(-)
+
+diff --git a/icu4c/source/common/unicode/localpointer.h b/icu4c/source/common/unicode/localpointer.h
+index 35e37765c23..c86429359da 100644
+--- icu4c/source/common/unicode/localpointer.h
++++ icu4c/source/common/unicode/localpointer.h
+@@ -485,9 +485,6 @@ class LocalArray : public LocalPointerBase<T> {
+ * like LocalPointer<Type> except that this subclass will use the closeFunction
+ * rather than the C++ delete operator.
+ *
+- * Requirement: The closeFunction must tolerate a NULL pointer.
+- * (We could add a NULL check here but it is normally redundant.)
+- *
+ * Usage example:
+ * \code
+ * LocalUCaseMapPointer csm(ucasemap_open(localeID, options, &errorCode));
+@@ -512,12 +509,12 @@ class LocalArray : public LocalPointerBase<T> {
+ : LocalPointerBase<Type>(src.ptr) { \
+ src.ptr=NULL; \
+ } \
+- ~LocalPointerClassName() { closeFunction(ptr); } \
++ ~LocalPointerClassName() { if (ptr != NULL) { closeFunction(ptr); } } \
+ LocalPointerClassName &operator=(LocalPointerClassName &&src) U_NOEXCEPT { \
+ return moveFrom(src); \
+ } \
+ LocalPointerClassName &moveFrom(LocalPointerClassName &src) U_NOEXCEPT { \
+- closeFunction(ptr); \
++ if (ptr != NULL) { closeFunction(ptr); } \
+ LocalPointerBase<Type>::ptr=src.ptr; \
+ src.ptr=NULL; \
+ return *this; \
+@@ -531,7 +528,7 @@ class LocalArray : public LocalPointerBase<T> {
+ p1.swap(p2); \
+ } \
+ void adoptInstead(Type *p) { \
+- closeFunction(ptr); \
++ if (ptr != NULL) { closeFunction(ptr); } \
+ ptr=p; \
+ } \
+ }
+@@ -544,7 +541,7 @@ class LocalArray : public LocalPointerBase<T> {
+ explicit LocalPointerClassName(Type *p=NULL) : LocalPointerBase<Type>(p) {} \
+ ~LocalPointerClassName() { closeFunction(ptr); } \
+ LocalPointerClassName &moveFrom(LocalPointerClassName &src) U_NOEXCEPT { \
+- closeFunction(ptr); \
++ if (ptr != NULL) { closeFunction(ptr); } \
+ LocalPointerBase<Type>::ptr=src.ptr; \
+ src.ptr=NULL; \
+ return *this; \
+@@ -558,7 +555,7 @@ class LocalArray : public LocalPointerBase<T> {
+ p1.swap(p2); \
+ } \
+ void adoptInstead(Type *p) { \
+- closeFunction(ptr); \
++ if (ptr != NULL) { closeFunction(ptr); } \
+ ptr=p; \
+ } \
+ }
diff -Nru icu-57.1/debian/patches/series icu-57.1/debian/patches/series
--- icu-57.1/debian/patches/series 2018-03-14 18:28:38.000000000 +0000
+++ icu-57.1/debian/patches/series 2019-08-07 16:30:43.000000000 +0000
@@ -12,3 +12,4 @@
CVE-2017-7867_CVE-2017-7868.patch
CVE-2017-14952.patch
CVE-2017-15422.patch
+pkgdata-crash.patch
Reply to: