diff options
| author |   Michael Weber <xmw@gentoo.org> | 2017-02-23 13:28:14 +0100 |
|---|---|---|
| committer | Michael Weber <xmw@gentoo.org> | 2017-02-23 13:28:25 +0100 |
| commit | 24605313fed0a4e2ef4bdd1205e25af2d5624c8a (patch) | |
| tree | 05e536bab2e1b75ad40db85231d9f345b0e9628f /dev-libs/libutf8proc | |
| parent | sys-apps/mlocate: Changed HOMEPAGE from fedorahosted to pagure. (diff) | |
| download | gentoo-24605313fed0a4e2ef4bdd1205e25af2d5624c8a.tar.gz gentoo-24605313fed0a4e2ef4bdd1205e25af2d5624c8a.tar.bz2 gentoo-24605313fed0a4e2ef4bdd1205e25af2d5624c8a.zip | |
dev-libs/libutf8proc: Revbump with security patch (bug 610684).
Package-Manager: Portage-2.3.3, Repoman-2.3.1
Diffstat (limited to 'dev-libs/libutf8proc')
| -rw-r--r-- | dev-libs/libutf8proc/files/libutf8proc-1.3.1_p2-overrun.patch | 33 | ||||
| -rw-r--r-- | dev-libs/libutf8proc/libutf8proc-1.3.1_p2-r1.ebuild (renamed from dev-libs/libutf8proc/libutf8proc-1.3.1_p2.ebuild) | 4 |
2 files changed, 36 insertions, 1 deletions
diff --git a/dev-libs/libutf8proc/files/libutf8proc-1.3.1_p2-overrun.patch b/dev-libs/libutf8proc/files/libutf8proc-1.3.1_p2-overrun.patch new file mode 100644 index 000000000000..8ce7f4cfbe98 --- /dev/null +++ b/dev-libs/libutf8proc/files/libutf8proc-1.3.1_p2-overrun.patch @@ -0,0 +1,33 @@ +--- libutf8proc-1.3.1-2/test/iterate.c ++++ libutf8proc-1.3.1-2/test/iterate.c +@@ -13,11 +13,17 @@ static void testbytes(unsigned char *buf, int len, utf8proc_ssize_t retval, int + utf8proc_int32_t out[16]; + utf8proc_ssize_t ret; + ++ /* Make a copy to ensure that memory is left uninitialized after "len" ++ * bytes. This way, Valgrind can detect overreads. ++ */ ++ unsigned char tmp[16]; ++ memcpy(tmp, buf, len); ++ + tests++; +- if ((ret = utf8proc_iterate(buf, len, out)) != retval) { ++ if ((ret = utf8proc_iterate(tmp, len, out)) != retval) { + fprintf(stderr, "Failed (%d):", line); + for (int i = 0; i < len ; i++) { +- fprintf(stderr, " 0x%02x", buf[i]); ++ fprintf(stderr, " 0x%02x", tmp[i]); + } + fprintf(stderr, " -> %zd\n", ret); + error++; +--- libutf8proc-1.3.1-2/src/utf8proc.c ++++ libutf8proc-1.3.1-2/src/utf8proc.c +@@ -128,7 +128,7 @@ UTF8PROC_DLLEXPORT utf8proc_ssize_t utf8proc_iterate( + if ((uc - 0xc2) > (0xf4-0xc2)) return UTF8PROC_ERROR_INVALIDUTF8; + if (uc < 0xe0) { // 2-byte sequence + // Must have valid continuation character +- if (!utf_cont(*str)) return UTF8PROC_ERROR_INVALIDUTF8; ++ if (str >= end || !utf_cont(*str)) return UTF8PROC_ERROR_INVALIDUTF8; + *dst = ((uc & 0x1f)<<6) | (*str & 0x3f); + return 2; + } diff --git a/dev-libs/libutf8proc/libutf8proc-1.3.1_p2.ebuild b/dev-libs/libutf8proc/libutf8proc-1.3.1_p2-r1.ebuild index 9e3662d0f142..f2d7bd1398cb 100644 --- a/dev-libs/libutf8proc/libutf8proc-1.3.1_p2.ebuild +++ b/dev-libs/libutf8proc/libutf8proc-1.3.1_p2-r1.ebuild @@ -1,4 +1,4 @@ -# Copyright 1999-2016 Gentoo Foundation +# Copyright 1999-2017 Gentoo Foundation # Distributed under the terms of the GNU General Public License v2 # $Id$ @@ -20,4 +20,6 @@ IUSE="" RDEPEND="" DEPEND="${RDEPEND}" +PATCHES=( "${FILESDIR}"/${PN}-1.3.1_p2-overrun.patch ) + S="${WORKDIR}/${P/_p/-}" |