doxygen][main] upgpkg: 1.11.0-2: fix buffer overflow in Markdown parser

@lahwaacz Thu, 23 May 2024 13:01:51 -0700


Jakub Klinkovský pushed to branch main at Arch Linux / Packaging / Packages / 
doxygen



Commits:
427c2205 by Jakub Klinkovský at 2024-05-23T22:01:23+02:00
upgpkg: 1.11.0-2: fix buffer overflow in Markdown parser

- - - - -


3 changed files:

- .SRCINFO
- + 10891-fix-buffer-overflow.patch
- PKGBUILD


Changes:

=====================================
.SRCINFO
=====================================
@@ -1,7 +1,7 @@
 pkgbase = doxygen
        pkgdesc = Documentation system for C++, C, Java, IDL and PHP
        pkgver = 1.11.0
-       pkgrel = 1
+       pkgrel = 2
        url = http://www.doxygen.nl
        arch = x86_64
        license = GPL-2.0-or-later
@@ -23,8 +23,11 @@ pkgbase = doxygen
        makedepends = texlive-latexextra
        makedepends = texlive-plaingeneric
        source = 
doxygen-1.11.0.tar.gz::https://github.com/doxygen/doxygen/archive/Release_1_11_0.tar.gz
+       source = 10891-fix-buffer-overflow.patch
        sha512sums = 
68ab2c8cf570216a7e917f686ec79361179cdc9868966fcc2722ebab49032e2bc9ac60192f101793f978ad2d7236d83c461ab4d2477f7704cf32a003b87311fb
+       sha512sums = 
58fa168b709a5371db8fcaea4fff39809b4e81088f960d719ae05124f8fa8f574f5edc268e16cf5c3e5f5393251e467a163c9e99b1a7c719ba9b0e59a1b69518
        b2sums = 
e98254aeec8ea7cedf6ec537e3d82cb898f55d435b95e58108c433f920432789fb7feba290b9a365f90ee56eec9120376b18ff26e31b1e4219b8f89f351daa8f
+       b2sums = 
c85889d6166c213b244134b668932aad8a879671e52be9e832926780a0216fbee66be331b62a84b994311c1d87bbba10c906acf1e436840fa540750e471229b5
 
 pkgname = doxygen
        depends = clang


=====================================
10891-fix-buffer-overflow.patch
=====================================
@@ -0,0 +1,42 @@
+From 53cdbc09aa3d1dcc83bccf2af0d9c349eb4d3c0b Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Jakub=20Klinkovsk=C3=BD?=
+ <1289205+lahwa...@users.noreply.github.com>
+Date: Thu, 23 May 2024 21:05:56 +0200
+Subject: [PATCH] Fix buffer overflow in Markdown parser
+
+This fixes a buffer overflow that happened when parsing a bad Markdown
+file with an unclosed emphasis nested in other elements, such as
+
+```markdown
+> __af_err af_flip(af_array *out, const af_array in, const unsigned dim)__
+```
+
+This snippet comes from the ArrayFire repository [1]. The problem was
+found after the refactoring [2] that introduced std::string_view in the
+code. The `std::string_view::operator[]` has bounds checking enabled
+when the macro `_GLIBCXX_ASSERTIONS` is defined, which is the case of
+Arch Linux build system.
+
+[1] 
https://github.com/arrayfire/arrayfire/blob/0a25d36238aa1eee3b775d3584937ca65b0a1807/docs/pages/matrix_manipulation.md
+[2] 
https://github.com/doxygen/doxygen/commit/f4e37514325abe4aa6aeecbc96e9e3e027885aef
+---
+ src/markdown.cpp | 6 ++++++
+ 1 file changed, 6 insertions(+)
+
+diff --git a/src/markdown.cpp b/src/markdown.cpp
+index 10429edd57..f25d1b4c50 100644
+--- a/src/markdown.cpp
++++ b/src/markdown.cpp
+@@ -691,6 +691,12 @@ size_t 
Markdown::Private::findEmphasisChar(std::string_view data, char c, size_t
+       }
+     }
+ 
++    // avoid overflow (unclosed emph token)
++    if (i==size)
++    {
++      return 0;
++    }
++
+     // skipping a code span
+     if (data[i]=='`')
+     {


=====================================
PKGBUILD
=====================================
@@ -5,7 +5,7 @@
 pkgbase=doxygen
 pkgname=(doxygen doxygen-docs)
 pkgver=1.11.0
-pkgrel=1
+pkgrel=2
 pkgdesc='Documentation system for C++, C, Java, IDL and PHP'
 url='http://www.doxygen.nl'
 arch=(x86_64)
@@ -29,9 +29,12 @@ makedepends=(
   texlive-latexextra
   texlive-plaingeneric
 )
-source=(${pkgbase}-${pkgver}.tar.gz::https://github.com/doxygen/doxygen/archive/Release_${pkgver//./_}.tar.gz)
-sha512sums=('68ab2c8cf570216a7e917f686ec79361179cdc9868966fcc2722ebab49032e2bc9ac60192f101793f978ad2d7236d83c461ab4d2477f7704cf32a003b87311fb')
-b2sums=('e98254aeec8ea7cedf6ec537e3d82cb898f55d435b95e58108c433f920432789fb7feba290b9a365f90ee56eec9120376b18ff26e31b1e4219b8f89f351daa8f')
+source=(${pkgbase}-${pkgver}.tar.gz::https://github.com/doxygen/doxygen/archive/Release_${pkgver//./_}.tar.gz
+        10891-fix-buffer-overflow.patch)
+sha512sums=('68ab2c8cf570216a7e917f686ec79361179cdc9868966fcc2722ebab49032e2bc9ac60192f101793f978ad2d7236d83c461ab4d2477f7704cf32a003b87311fb'
+            
'58fa168b709a5371db8fcaea4fff39809b4e81088f960d719ae05124f8fa8f574f5edc268e16cf5c3e5f5393251e467a163c9e99b1a7c719ba9b0e59a1b69518')
+b2sums=('e98254aeec8ea7cedf6ec537e3d82cb898f55d435b95e58108c433f920432789fb7feba290b9a365f90ee56eec9120376b18ff26e31b1e4219b8f89f351daa8f'
+        
'c85889d6166c213b244134b668932aad8a879671e52be9e832926780a0216fbee66be331b62a84b994311c1d87bbba10c906acf1e436840fa540750e471229b5')
 
 _pick() {
   local p="$1" f d; shift
@@ -48,6 +51,9 @@ prepare() {
   # Install the man pages in the right place
   sed -i 's:DESTINATION man/man1:DESTINATION 
"${CMAKE_INSTALL_PREFIX}/share/man/man1":g' \
     doc/CMakeLists.txt
+
+  # Fix buffer overflow in Markdown parser 
https://github.com/doxygen/doxygen/pull/10891
+  patch -Np1 -i ../10891-fix-buffer-overflow.patch
 }
 
 build() {



View it on GitLab: 
https://gitlab.archlinux.org/archlinux/packaging/packages/doxygen/-/commit/427c220510567c0c17de11acc262167530b399a0

-- 
View it on GitLab: 
https://gitlab.archlinux.org/archlinux/packaging/packages/doxygen/-/commit/427c220510567c0c17de11acc262167530b399a0
You're receiving this email because of your account on gitlab.archlinux.org.

[Git][archlinux/packaging/packages/doxygen][main] upgpkg: 1.11.0-2: fix buffer overflow in Markdown parser

Reply via email to