Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
CVE-2017-7186 refs NixOS/security#57 #24319 (cherry picked from commit 6b9c81a)
- Loading branch information
Showing
2 changed files
with
56 additions
and
2 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,52 @@ | ||
--- a/pcre_internal.h 2016/05/21 13:34:44 1649 | ||
+++ b/pcre_internal.h 2017/02/24 17:30:30 1688 | ||
@@ -2772,6 +2772,9 @@ | ||
extern const pcre_uint16 PRIV(ucd_stage2)[]; | ||
extern const pcre_uint32 PRIV(ucp_gentype)[]; | ||
extern const pcre_uint32 PRIV(ucp_gbtable)[]; | ||
+#ifdef COMPILE_PCRE32 | ||
+extern const ucd_record PRIV(dummy_ucd_record)[]; | ||
+#endif | ||
#ifdef SUPPORT_JIT | ||
extern const int PRIV(ucp_typerange)[]; | ||
#endif | ||
@@ -2780,9 +2783,15 @@ | ||
/* UCD access macros */ | ||
|
||
#define UCD_BLOCK_SIZE 128 | ||
-#define GET_UCD(ch) (PRIV(ucd_records) + \ | ||
+#define REAL_GET_UCD(ch) (PRIV(ucd_records) + \ | ||
PRIV(ucd_stage2)[PRIV(ucd_stage1)[(int)(ch) / UCD_BLOCK_SIZE] * \ | ||
UCD_BLOCK_SIZE + (int)(ch) % UCD_BLOCK_SIZE]) | ||
+ | ||
+#ifdef COMPILE_PCRE32 | ||
+#define GET_UCD(ch) ((ch > 0x10ffff)? PRIV(dummy_ucd_record) : REAL_GET_UCD(ch)) | ||
+#else | ||
+#define GET_UCD(ch) REAL_GET_UCD(ch) | ||
+#endif | ||
|
||
#define UCD_CHARTYPE(ch) GET_UCD(ch)->chartype | ||
#define UCD_SCRIPT(ch) GET_UCD(ch)->script | ||
--- a/pcre_ucd.c 2014/06/19 07:51:39 1490 | ||
+++ b/pcre_ucd.c 2017/02/24 17:30:30 1688 | ||
@@ -38,6 +38,20 @@ | ||
const pcre_uint32 PRIV(ucd_caseless_sets)[] = {0}; | ||
#else | ||
|
||
+/* If the 32-bit library is run in non-32-bit mode, character values | ||
+greater than 0x10ffff may be encountered. For these we set up a | ||
+special record. */ | ||
+ | ||
+#ifdef COMPILE_PCRE32 | ||
+const ucd_record PRIV(dummy_ucd_record)[] = {{ | ||
+ ucp_Common, /* script */ | ||
+ ucp_Cn, /* type unassigned */ | ||
+ ucp_gbOther, /* grapheme break property */ | ||
+ 0, /* case set */ | ||
+ 0, /* other case */ | ||
+ }}; | ||
+#endif | ||
+ | ||
/* When recompiling tables with a new Unicode version, please check the | ||
types in this structure definition from pcre_internal.h (the actual | ||
field names will be different): |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
7f42728
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This broke about 5000 packages
http://hydra.nixos.org/eval/1344772?full=1#tabs-inputs
7f42728
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I'm pretty sure that mostly only ghc timed out but the log isn't available anymore so I can't check but I'll build that in a sec and then restart the builds.
7f42728
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Should we force restart those jobs then?
Edit:
okay
7f42728
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I'll test first
7f42728
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Seems to work here, restarting.