aboutsummaryrefslogtreecommitdiffstats
path: root/main/pcre/CVE-2020-14155.patch
diff options
context:
space:
mode:
authorLeo <thinkabit.ukim@gmail.com>2020-12-10 06:54:15 -0300
committerLeo <thinkabit.ukim@gmail.com>2020-12-10 12:06:59 +0000
commit4c2c932795f62983428bac01c0242a0d289252e1 (patch)
tree883f23f07c24201553a018733b9fccf1e37de339 /main/pcre/CVE-2020-14155.patch
parent8e7cb122ddf546b0be2be682f389438557bb7398 (diff)
downloadaports-4c2c932795f62983428bac01c0242a0d289252e1.tar.gz
aports-4c2c932795f62983428bac01c0242a0d289252e1.tar.bz2
aports-4c2c932795f62983428bac01c0242a0d289252e1.tar.xz
main/pcre: fix CVE-2020-14155
See: #11854
Diffstat (limited to 'main/pcre/CVE-2020-14155.patch')
-rw-r--r--main/pcre/CVE-2020-14155.patch31
1 files changed, 31 insertions, 0 deletions
diff --git a/main/pcre/CVE-2020-14155.patch b/main/pcre/CVE-2020-14155.patch
new file mode 100644
index 0000000000..3bfa119f3b
--- /dev/null
+++ b/main/pcre/CVE-2020-14155.patch
@@ -0,0 +1,31 @@
+pcre: Fix int overflow when parsing "?C<arg>" callout args.
+
+Numerical args must be 0-255, so this shouldn't break correct usage.
+
+--- a/pcre_compile.c 2020/02/10 17:01:27 1760
++++ b/pcre_compile.c 2020/02/10 17:17:34 1761
+@@ -7130,17 +7130,19 @@
+ int n = 0;
+ ptr++;
+ while(IS_DIGIT(*ptr))
++ {
+ n = n * 10 + *ptr++ - CHAR_0;
++ if (n > 255)
++ {
++ *errorcodeptr = ERR38;
++ goto FAILED;
++ }
++ }
+ if (*ptr != CHAR_RIGHT_PARENTHESIS)
+ {
+ *errorcodeptr = ERR39;
+ goto FAILED;
+ }
+- if (n > 255)
+- {
+- *errorcodeptr = ERR38;
+- goto FAILED;
+- }
+ *code++ = n;
+ PUT(code, 0, (int)(ptr - cd->start_pattern + 1)); /* Pattern offset */
+ PUT(code, LINK_SIZE, 0); /* Default length */