Package: release.debian.org Severity: normal Tags: stretch User: [email protected] Usertags: pu
Hi SRMs, There's a crash in Stretch with ICU, there's a missing NULL check in the LocalArray class. It crashes ICU with certain options / use case[1]. Upstream fixed it[2] and now I would like to make it to Stretch. Proposed update is attached. Thanks for consideration, Laszlo/GCS [1] https://bugs.debian.org/893009 [2] https://github.com/unicode-org/icu/commit/0fd799f7eead9e29fa1dd81f8a119b5fbc88ec36#diff-c3890545a241c9db99ff727b5c4b7705
diff -Nru icu-57.1/debian/changelog icu-57.1/debian/changelog --- icu-57.1/debian/changelog 2018-03-14 18:28:38.000000000 +0000 +++ icu-57.1/debian/changelog 2019-08-07 16:30:43.000000000 +0000 @@ -1,3 +1,9 @@ +icu (57.1-6+deb9u3) stretch; urgency=medium + + * Fix pkgdata command segfault (closes: #893009). + + -- Laszlo Boszormenyi (GCS) <[email protected]> Wed, 07 Aug 2019 16:30:43 +0000 + icu (57.1-6+deb9u2) stretch-security; urgency=high * Backport upstream security fix for CVE-2017-15422: Persian calendar diff -Nru icu-57.1/debian/patches/pkgdata-crash.patch icu-57.1/debian/patches/pkgdata-crash.patch --- icu-57.1/debian/patches/pkgdata-crash.patch 1970-01-01 00:00:00.000000000 +0000 +++ icu-57.1/debian/patches/pkgdata-crash.patch 2019-08-07 16:30:43.000000000 +0000 @@ -0,0 +1,66 @@ +From 0fd799f7eead9e29fa1dd81f8a119b5fbc88ec36 Mon Sep 17 00:00:00 2001 +From: Michael Ow <[email protected]> +Date: Fri, 20 May 2016 20:00:53 +0000 +Subject: [PATCH] ICU-12531 Add null check for closeFunction + +X-SVN-Rev: 38757 +--- + icu4c/source/common/unicode/localpointer.h | 13 +++++-------- + 1 file changed, 5 insertions(+), 8 deletions(-) + +diff --git a/icu4c/source/common/unicode/localpointer.h b/icu4c/source/common/unicode/localpointer.h +index 35e37765c23..c86429359da 100644 +--- icu4c/source/common/unicode/localpointer.h ++++ icu4c/source/common/unicode/localpointer.h +@@ -485,9 +485,6 @@ class LocalArray : public LocalPointerBase<T> { + * like LocalPointer<Type> except that this subclass will use the closeFunction + * rather than the C++ delete operator. + * +- * Requirement: The closeFunction must tolerate a NULL pointer. +- * (We could add a NULL check here but it is normally redundant.) +- * + * Usage example: + * \code + * LocalUCaseMapPointer csm(ucasemap_open(localeID, options, &errorCode)); +@@ -512,12 +509,12 @@ class LocalArray : public LocalPointerBase<T> { + : LocalPointerBase<Type>(src.ptr) { \ + src.ptr=NULL; \ + } \ +- ~LocalPointerClassName() { closeFunction(ptr); } \ ++ ~LocalPointerClassName() { if (ptr != NULL) { closeFunction(ptr); } } \ + LocalPointerClassName &operator=(LocalPointerClassName &&src) U_NOEXCEPT { \ + return moveFrom(src); \ + } \ + LocalPointerClassName &moveFrom(LocalPointerClassName &src) U_NOEXCEPT { \ +- closeFunction(ptr); \ ++ if (ptr != NULL) { closeFunction(ptr); } \ + LocalPointerBase<Type>::ptr=src.ptr; \ + src.ptr=NULL; \ + return *this; \ +@@ -531,7 +528,7 @@ class LocalArray : public LocalPointerBase<T> { + p1.swap(p2); \ + } \ + void adoptInstead(Type *p) { \ +- closeFunction(ptr); \ ++ if (ptr != NULL) { closeFunction(ptr); } \ + ptr=p; \ + } \ + } +@@ -544,7 +541,7 @@ class LocalArray : public LocalPointerBase<T> { + explicit LocalPointerClassName(Type *p=NULL) : LocalPointerBase<Type>(p) {} \ + ~LocalPointerClassName() { closeFunction(ptr); } \ + LocalPointerClassName &moveFrom(LocalPointerClassName &src) U_NOEXCEPT { \ +- closeFunction(ptr); \ ++ if (ptr != NULL) { closeFunction(ptr); } \ + LocalPointerBase<Type>::ptr=src.ptr; \ + src.ptr=NULL; \ + return *this; \ +@@ -558,7 +555,7 @@ class LocalArray : public LocalPointerBase<T> { + p1.swap(p2); \ + } \ + void adoptInstead(Type *p) { \ +- closeFunction(ptr); \ ++ if (ptr != NULL) { closeFunction(ptr); } \ + ptr=p; \ + } \ + } diff -Nru icu-57.1/debian/patches/series icu-57.1/debian/patches/series --- icu-57.1/debian/patches/series 2018-03-14 18:28:38.000000000 +0000 +++ icu-57.1/debian/patches/series 2019-08-07 16:30:43.000000000 +0000 @@ -12,3 +12,4 @@ CVE-2017-7867_CVE-2017-7868.patch CVE-2017-14952.patch CVE-2017-15422.patch +pkgdata-crash.patch
