commit:     487aeb624b9001b520dc3d6340ab48bf86757881
Author:     Thomas Deutschmann <whissi <AT> gentoo <DOT> org>
AuthorDate: Wed Mar 25 20:26:27 2020 +0000
Commit:     Thomas Deutschmann <whissi <AT> gentoo <DOT> org>
CommitDate: Wed Mar 25 20:26:27 2020 +0000
URL:        https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=487aeb62

dev-libs/oniguruma: security cleanup (bug #702012)

Bug: https://bugs.gentoo.org/702012
Package-Manager: Portage-2.3.94, Repoman-2.3.21
Signed-off-by: Thomas Deutschmann <whissi <AT> gentoo.org>

 dev-libs/oniguruma/Manifest                        |  1 -
 ...a-6.9.3-fix-heap-buffer-overflow-php78559.patch | 13 --------
 ...a-6.9.3-fix-heap-buffer-overflow-php78633.patch | 25 ---------------
 dev-libs/oniguruma/oniguruma-6.9.3-r2.ebuild       | 37 ----------------------
 4 files changed, 76 deletions(-)

diff --git a/dev-libs/oniguruma/Manifest b/dev-libs/oniguruma/Manifest
index ce7f6724dd5..78f1b0aef45 100644
--- a/dev-libs/oniguruma/Manifest
+++ b/dev-libs/oniguruma/Manifest
@@ -1,2 +1 @@
-DIST onig-6.9.3.tar.gz 902349 BLAKE2B 
4b20290a2d72b638b13a2e2edc89e072a8d17f89f6a273b58d0e408d01726ace948dd390bb2f4c478b87d01bed9fa344a4933060736a40981219301529957aaa
 SHA512 
6b038879cb9cbe8cc756159eb53125e1d4dc7365ca434d07b99a59f3602987e573da120506bbd88d0f51dcdde5866bfa48d45803f8869503726c4d9a47d62861
 DIST onig-6.9.4.tar.gz 908702 BLAKE2B 
e6e9939f284569408ba01b8551960bc939bbfdca425f8470499f5bb83ead7b6b09898f6f6a09d5d8c26d74d5416f6e5e9e2f00fbe7aa9eb820edb8aa4a3050cc
 SHA512 
ed8f42f6893966c0ee3c168b4fdbcb04b2286ad69ecab43a754c1dbc8fc4656e01319991d776d7144b6a3f90d050781b321432278d83c74c9565c2743851c85b

diff --git 
a/dev-libs/oniguruma/files/oniguruma-6.9.3-fix-heap-buffer-overflow-php78559.patch
 
b/dev-libs/oniguruma/files/oniguruma-6.9.3-fix-heap-buffer-overflow-php78559.patch
deleted file mode 100644
index 7d538874665..00000000000
--- 
a/dev-libs/oniguruma/files/oniguruma-6.9.3-fix-heap-buffer-overflow-php78559.patch
+++ /dev/null
@@ -1,13 +0,0 @@
-https://bugs.php.net/bug.php?id=78559
-https://github.com/kkos/oniguruma/commit/d3e402928b6eb3327f8f7d59a9edfa622fec557b
-
---- a/src/regexec.c
-+++ b/src/regexec.c
-@@ -4196,6 +4196,7 @@ str_lower_case_match(OnigEncoding enc, int 
case_fold_flag,
-     lowlen = ONIGENC_MBC_CASE_FOLD(enc, case_fold_flag, &p, end, lowbuf);
-     q = lowbuf;
-     while (lowlen > 0) {
-+      if (t >= tend)    return 0;
-       if (*t++ != *q++) return 0;
-       lowlen--;
-     }

diff --git 
a/dev-libs/oniguruma/files/oniguruma-6.9.3-fix-heap-buffer-overflow-php78633.patch
 
b/dev-libs/oniguruma/files/oniguruma-6.9.3-fix-heap-buffer-overflow-php78633.patch
deleted file mode 100644
index e946a57d648..00000000000
--- 
a/dev-libs/oniguruma/files/oniguruma-6.9.3-fix-heap-buffer-overflow-php78633.patch
+++ /dev/null
@@ -1,25 +0,0 @@
-https://bugs.php.net/bug.php?id=78633
-https://github.com/kkos/oniguruma/commit/15c4228aa2ffa02140a99912dd3177df0b1841c6
-
---- a/src/regcomp.c
-+++ b/src/regcomp.c
-@@ -734,8 +734,8 @@ add_compile_string(UChar* s, int mb_len, int str_len,
-     COP(reg)->exact_n.s = p;
-   }
-   else {
-+    xmemset(COP(reg)->exact.s, 0, sizeof(COP(reg)->exact.s));
-     xmemcpy(COP(reg)->exact.s, s, (size_t )byte_len);
--    COP(reg)->exact.s[byte_len] = '\0';
-   }
- 
-   return 0;
---- a/src/regexec.c
-+++ b/src/regexec.c
-@@ -2889,6 +2889,7 @@ match_at(regex_t* reg, const UChar* str, const UChar* 
end,
-           DATA_ENSURE(0);
-           q = lowbuf;
-           while (len-- > 0) {
-+            if (ps >= endp) goto fail;
-             if (*ps != *q) goto fail;
-             ps++; q++;
-           }

diff --git a/dev-libs/oniguruma/oniguruma-6.9.3-r2.ebuild 
b/dev-libs/oniguruma/oniguruma-6.9.3-r2.ebuild
deleted file mode 100644
index d0ff1e850c8..00000000000
--- a/dev-libs/oniguruma/oniguruma-6.9.3-r2.ebuild
+++ /dev/null
@@ -1,37 +0,0 @@
-# Copyright 2003-2020 Gentoo Authors
-# Distributed under the terms of the GNU General Public License v2
-
-EAPI="7"
-
-inherit multilib-minimal
-
-MY_P="onig-${PV}"
-
-DESCRIPTION="Regular expression library for different character encodings"
-HOMEPAGE="https://github.com/kkos/oniguruma";
-SRC_URI="https://github.com/kkos/${PN}/releases/download/v${PV}/${MY_P}.tar.gz";
-
-LICENSE="BSD-2"
-SLOT="0/5"
-KEYWORDS="~alpha amd64 arm arm64 hppa ia64 ~mips ppc ppc64 s390 ~sh sparc x86 
~amd64-linux ~x86-linux ~ppc-macos ~x64-macos ~x86-macos ~x86-solaris"
-IUSE="crnl-as-line-terminator static-libs"
-
-PATCHES=(
-       "${FILESDIR}"/${PN}-6.9.3-fix-heap-buffer-overflow-php78559.patch
-       "${FILESDIR}"/${PN}-6.9.3-fix-heap-buffer-overflow-php78633.patch
-)
-
-S="${WORKDIR}/${MY_P}"
-
-DOCS=(AUTHORS HISTORY README{,_japanese} 
doc/{API,CALLOUTS.API,CALLOUTS.BUILTIN,FAQ,RE}{,.ja} 
doc/{SYNTAX.md,UNICODE_PROPERTIES})
-
-multilib_src_configure() {
-       ECONF_SOURCE="${S}" econf \
-               $(use_enable crnl-as-line-terminator) \
-               $(use_enable static-libs static)
-}
-
-multilib_src_install_all() {
-       einstalldocs
-       find "${D}" -name "*.la" -type f -delete || die
-}

Reply via email to