Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package pleaser for openSUSE:Factory checked in at 2022-03-16 20:20:42 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/pleaser (Old) and /work/SRC/openSUSE:Factory/.pleaser.new.25692 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "pleaser" Wed Mar 16 20:20:42 2022 rev:7 rq:962065 version:0.5.1~git0.ce9627c Changes: -------- --- /work/SRC/openSUSE:Factory/pleaser/pleaser.changes 2022-03-04 00:18:56.392301660 +0100 +++ /work/SRC/openSUSE:Factory/.pleaser.new.25692/pleaser.changes 2022-03-16 20:20:49.552985731 +0100 @@ -1,0 +2,5 @@ +Mon Mar 14 02:18:07 UTC 2022 - William Brown <william.br...@suse.com> + +- Update to resolve bsc#1196972 CVE-2022-24713 - Regex DOS + +------------------------------------------------------------------- ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ please-0.5.1~git0.ce9627c.tar.xz ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/please-0.5.1~git0.ce9627c/Cargo.lock new/please-0.5.1~git0.ce9627c/Cargo.lock --- old/please-0.5.1~git0.ce9627c/Cargo.lock 1970-01-01 01:00:00.000000000 +0100 +++ new/please-0.5.1~git0.ce9627c/Cargo.lock 2021-12-05 13:51:22.000000000 +0100 @@ -0,0 +1,352 @@ +# This file is automatically @generated by Cargo. +# It is not intended for manual editing. +[[package]] +name = "aho-corasick" +version = "0.7.15" +source = "registry+https://github.com/rust-lang/crates.io-index"; +checksum = "7404febffaa47dac81aa44dba71523c9d069b1bdc50a77db41195149e17f68e5" +dependencies = [ + "memchr", +] + +[[package]] +name = "autocfg" +version = "1.0.1" +source = "registry+https://github.com/rust-lang/crates.io-index"; +checksum = "cdb031dd78e28731d87d56cc8ffef4a8f36ca26c38fe2de700543e627f8a464a" + +[[package]] +name = "bitflags" +version = "1.3.2" +source = "registry+https://github.com/rust-lang/crates.io-index"; +checksum = "bef38d45163c2f1dde094a7dfd33ccf595c92905c8f8f4fdc18d06fb1037718a" + +[[package]] +name = "cc" +version = "1.0.67" +source = "registry+https://github.com/rust-lang/crates.io-index"; +checksum = "e3c69b077ad434294d3ce9f1f6143a2a4b89a8a2d54ef813d85003a4fd1137fd" + +[[package]] +name = "cfg-if" +version = "1.0.0" +source = "registry+https://github.com/rust-lang/crates.io-index"; +checksum = "baf1de4339761588bc0619e3cbc0120ee582ebb74b53b4efbf79117bd2da40fd" + +[[package]] +name = "chrono" +version = "0.4.19" +source = "registry+https://github.com/rust-lang/crates.io-index"; +checksum = "670ad68c9088c2a963aaa298cb369688cf3f9465ce5e2d4ca10e6e0098a1ce73" +dependencies = [ + "libc", + "num-integer", + "num-traits", + "time", + "winapi", +] + +[[package]] +name = "error-chain" +version = "0.12.4" +source = "registry+https://github.com/rust-lang/crates.io-index"; +checksum = "2d2f06b9cac1506ece98fe3231e3cc9c4410ec3d5b1f24ae1c8946f0742cdefc" +dependencies = [ + "version_check", +] + +[[package]] +name = "getopts" +version = "0.2.21" +source = "registry+https://github.com/rust-lang/crates.io-index"; +checksum = "14dbbfd5c71d70241ecf9e6f13737f7b5ce823821063188d7e46c41d371eebd5" +dependencies = [ + "unicode-width", +] + +[[package]] +name = "getrandom" +version = "0.1.16" +source = "registry+https://github.com/rust-lang/crates.io-index"; +checksum = "8fc3cb4d91f53b50155bdcfd23f6a4c39ae1969c2ae85982b135750cccaf5fce" +dependencies = [ + "cfg-if", + "libc", + "wasi 0.9.0+wasi-snapshot-preview1", +] + +[[package]] +name = "libc" +version = "0.2.103" +source = "registry+https://github.com/rust-lang/crates.io-index"; +checksum = "dd8f7255a17a627354f321ef0055d63b898c6fb27eff628af4d1b66b7331edf6" + +[[package]] +name = "log" +version = "0.4.14" +source = "registry+https://github.com/rust-lang/crates.io-index"; +checksum = "51b9bbe6c47d51fc3e1a9b945965946b4c44142ab8792c50835a980d362c2710" +dependencies = [ + "cfg-if", +] + +[[package]] +name = "memchr" +version = "2.3.4" +source = "registry+https://github.com/rust-lang/crates.io-index"; +checksum = "0ee1c47aaa256ecabcaea351eae4a9b01ef39ed810004e298d2511ed284b1525" + +[[package]] +name = "memoffset" +version = "0.6.4" +source = "registry+https://github.com/rust-lang/crates.io-index"; +checksum = "59accc507f1338036a0477ef61afdae33cde60840f4dfe481319ce3ad116ddf9" +dependencies = [ + "autocfg", +] + +[[package]] +name = "nix" +version = "0.23.0" +source = "registry+https://github.com/rust-lang/crates.io-index"; +checksum = "f305c2c2e4c39a82f7bf0bf65fb557f9070ce06781d4f2454295cc34b1c43188" +dependencies = [ + "bitflags", + "cc", + "cfg-if", + "libc", + "memoffset", +] + +[[package]] +name = "num-integer" +version = "0.1.44" +source = "registry+https://github.com/rust-lang/crates.io-index"; +checksum = "d2cc698a63b549a70bc047073d2949cce27cd1c7b0a4a862d08a8031bc2801db" +dependencies = [ + "autocfg", + "num-traits", +] + +[[package]] +name = "num-traits" +version = "0.2.14" +source = "registry+https://github.com/rust-lang/crates.io-index"; +checksum = "9a64b1ec5cda2586e284722486d802acf1f7dbdc623e2bfc57e65ca1cd099290" +dependencies = [ + "autocfg", +] + +[[package]] +name = "once_cell" +version = "1.6.0" +source = "registry+https://github.com/rust-lang/crates.io-index"; +checksum = "4ad167a2f54e832b82dbe003a046280dceffe5227b5f79e08e363a29638cfddd" + +[[package]] +name = "pam" +version = "0.7.0" +source = "registry+https://github.com/rust-lang/crates.io-index"; +checksum = "fa2bdc959c201c047004a1420a92aaa1dd1a6b64d5ef333aa3a4ac764fb93097" +dependencies = [ + "libc", + "pam-sys", + "users 0.8.1", +] + +[[package]] +name = "pam-sys" +version = "0.5.6" +source = "registry+https://github.com/rust-lang/crates.io-index"; +checksum = "cd4858311a097f01a0006ef7d0cd50bca81ec430c949d7bf95cbefd202282434" +dependencies = [ + "libc", +] + +[[package]] +name = "pleaser" +version = "0.5.1" +dependencies = [ + "chrono", + "getopts", + "libc", + "nix", + "pam", + "rand", + "regex", + "rpassword", + "syslog", + "users 0.10.0", +] + +[[package]] +name = "ppv-lite86" +version = "0.2.10" +source = "registry+https://github.com/rust-lang/crates.io-index"; +checksum = "ac74c624d6b2d21f425f752262f42188365d7b8ff1aff74c82e45136510a4857" + +[[package]] +name = "rand" +version = "0.7.3" +source = "registry+https://github.com/rust-lang/crates.io-index"; +checksum = "6a6b1679d49b24bbfe0c803429aa1874472f50d9b363131f0e89fc356b544d03" +dependencies = [ + "getrandom", + "libc", + "rand_chacha", + "rand_core", + "rand_hc", +] + +[[package]] +name = "rand_chacha" +version = "0.2.2" +source = "registry+https://github.com/rust-lang/crates.io-index"; +checksum = "f4c8ed856279c9737206bf725bf36935d8666ead7aa69b52be55af369d193402" +dependencies = [ + "ppv-lite86", + "rand_core", +] + +[[package]] +name = "rand_core" +version = "0.5.1" +source = "registry+https://github.com/rust-lang/crates.io-index"; +checksum = "90bde5296fc891b0cef12a6d03ddccc162ce7b2aff54160af9338f8d40df6d19" +dependencies = [ + "getrandom", +] + +[[package]] +name = "rand_hc" +version = "0.2.0" +source = "registry+https://github.com/rust-lang/crates.io-index"; +checksum = "ca3129af7b92a17112d59ad498c6f81eaf463253766b90396d39ea7a39d6613c" +dependencies = [ + "rand_core", +] + +[[package]] +name = "regex" +version = "1.4.3" +source = "registry+https://github.com/rust-lang/crates.io-index"; +checksum = "d9251239e129e16308e70d853559389de218ac275b515068abc96829d05b948a" +dependencies = [ + "aho-corasick", + "memchr", + "regex-syntax", + "thread_local", +] + +[[package]] +name = "regex-syntax" +version = "0.6.22" +source = "registry+https://github.com/rust-lang/crates.io-index"; +checksum = "b5eb417147ba9860a96cfe72a0b93bf88fee1744b5636ec99ab20c1aa9376581" + +[[package]] +name = "rpassword" +version = "5.0.1" +source = "registry+https://github.com/rust-lang/crates.io-index"; +checksum = "ffc936cf8a7ea60c58f030fd36a612a48f440610214dc54bc36431f9ea0c3efb" +dependencies = [ + "libc", + "winapi", +] + +[[package]] +name = "syslog" +version = "5.0.0" +source = "registry+https://github.com/rust-lang/crates.io-index"; +checksum = "9a5d8ef1b679c07976f3ee336a436453760c470f54b5e7237556728b8589515d" +dependencies = [ + "error-chain", + "libc", + "log", + "time", +] + +[[package]] +name = "thread_local" +version = "1.1.3" +source = "registry+https://github.com/rust-lang/crates.io-index"; +checksum = "8018d24e04c95ac8790716a5987d0fec4f8b27249ffa0f7d33f1369bdfb88cbd" +dependencies = [ + "once_cell", +] + +[[package]] +name = "time" +version = "0.1.44" +source = "registry+https://github.com/rust-lang/crates.io-index"; +checksum = "6db9e6914ab8b1ae1c260a4ae7a49b6c5611b40328a735b21862567685e73255" +dependencies = [ + "libc", + "wasi 0.10.0+wasi-snapshot-preview1", + "winapi", +] + +[[package]] +name = "unicode-width" +version = "0.1.8" +source = "registry+https://github.com/rust-lang/crates.io-index"; +checksum = "9337591893a19b88d8d87f2cec1e73fad5cdfd10e5a6f349f498ad6ea2ffb1e3" + +[[package]] +name = "users" +version = "0.8.1" +source = "registry+https://github.com/rust-lang/crates.io-index"; +checksum = "7fed7d0912567d35f88010c23dbaf865e9da8b5227295e8dc0f2fdd109155ab7" +dependencies = [ + "libc", +] + +[[package]] +name = "users" +version = "0.10.0" +source = "registry+https://github.com/rust-lang/crates.io-index"; +checksum = "aa4227e95324a443c9fcb06e03d4d85e91aabe9a5a02aa818688b6918b6af486" +dependencies = [ + "libc", + "log", +] + +[[package]] +name = "version_check" +version = "0.9.3" +source = "registry+https://github.com/rust-lang/crates.io-index"; +checksum = "5fecdca9a5291cc2b8dcf7dc02453fee791a280f3743cb0905f8822ae463b3fe" + +[[package]] +name = "wasi" +version = "0.9.0+wasi-snapshot-preview1" +source = "registry+https://github.com/rust-lang/crates.io-index"; +checksum = "cccddf32554fecc6acb585f82a32a72e28b48f8c4c1883ddfeeeaa96f7d8e519" + +[[package]] +name = "wasi" +version = "0.10.0+wasi-snapshot-preview1" +source = "registry+https://github.com/rust-lang/crates.io-index"; +checksum = "1a143597ca7c7793eff794def352d41792a93c481eb1042423ff7ff72ba2c31f" + +[[package]] +name = "winapi" +version = "0.3.9" +source = "registry+https://github.com/rust-lang/crates.io-index"; +checksum = "5c839a674fcd7a98952e593242ea400abe93992746761e38641405d28b00f419" +dependencies = [ + "winapi-i686-pc-windows-gnu", + "winapi-x86_64-pc-windows-gnu", +] + +[[package]] +name = "winapi-i686-pc-windows-gnu" +version = "0.4.0" +source = "registry+https://github.com/rust-lang/crates.io-index"; +checksum = "ac3b87c63620426dd9b991e5ce0329eff545bccbbb34f3be09ff6fb6ab51b7b6" + +[[package]] +name = "winapi-x86_64-pc-windows-gnu" +version = "0.4.0" +source = "registry+https://github.com/rust-lang/crates.io-index"; +checksum = "712e227841d057c1ee1cd2fb22fa7e5a5461ae8e48fa2ca79ec42cfc1931183f" ++++++ vendor.tar.xz ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/Cargo.lock new/Cargo.lock --- old/Cargo.lock 2022-03-02 07:13:50.596254000 +0100 +++ new/Cargo.lock 2022-03-14 03:18:09.734030200 +0100 @@ -164,9 +164,9 @@ [[package]] name = "num_threads" -version = "0.1.3" +version = "0.1.4" source = "registry+https://github.com/rust-lang/crates.io-index"; -checksum = "97ba99ba6393e2c3734791401b66902d981cb03bf190af674ca69949b6d5fb15" +checksum = "c539a50b93a303167eded6e8dff5220cd39447409fb659f4cd24b1f72fe4f133" dependencies = [ "libc", ] @@ -256,9 +256,9 @@ [[package]] name = "regex" -version = "1.5.4" +version = "1.5.5" source = "registry+https://github.com/rust-lang/crates.io-index"; -checksum = "d07a8629359eb56f1e2fb1652bb04212c072a87ba68546a04065d525673ac461" +checksum = "1a11647b6b25ff05a515cb92c365cec08801e83423a235b51e231e1808747286" dependencies = [ "aho-corasick", "memchr", diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/vendor/num_threads/.cargo-checksum.json new/vendor/num_threads/.cargo-checksum.json --- old/vendor/num_threads/.cargo-checksum.json 2022-03-02 07:13:51.188254000 +0100 +++ new/vendor/num_threads/.cargo-checksum.json 2022-03-14 03:18:11.638028100 +0100 @@ -1 +1 @@ -{"files":{"Cargo.toml":"4bf975b7a51ab5bfc63bab5e14c7afb187e84ba0545c716d3863eb016f2aa665","LICENSE-Apache":"c69b72788ec261765e460532016b4bb78372f238e449b5e70e3268ec1e18fd15","LICENSE-MIT":"b4bf94a9fceb8846320fda938ee53fc16b506572609da5cf1d2d289a5597a8f8","src/freebsd.rs":"a52c8cd4cdf490da40b07b21f728628a5e4c508e4957ae68714abe926226e09a","src/imp.rs":"8cc9d07f05b0aa70e9997648abce7f79bd758c6fc76040d1c8f7beb7bf551e9d","src/lib.rs":"ad8ca0de51ec83df9888ed348dee973bd890024a0e4f0fab932979839241a32f","src/linux.rs":"67e02ecd105b8a421227bf72814e8388a4f77df1d8a44b8902bc8926f7e6698c","src/macos.rs":"818ff9855324d772c0e0d3de4fdd4fcfaffca3c0968f664d57931b77f111d4b3"},"package":"97ba99ba6393e2c3734791401b66902d981cb03bf190af674ca69949b6d5fb15"} \ No newline at end of file +{"files":{"Cargo.toml":"5374ea6aca20817a7ccd7fea51de7288e2d7c4cd33a5797ef017b6e08d938ebe","LICENSE-Apache":"c69b72788ec261765e460532016b4bb78372f238e449b5e70e3268ec1e18fd15","LICENSE-MIT":"b4bf94a9fceb8846320fda938ee53fc16b506572609da5cf1d2d289a5597a8f8","src/freebsd.rs":"a52c8cd4cdf490da40b07b21f728628a5e4c508e4957ae68714abe926226e09a","src/imp.rs":"8cc9d07f05b0aa70e9997648abce7f79bd758c6fc76040d1c8f7beb7bf551e9d","src/lib.rs":"f7d6459e5f9caed7beae11794c72dd4f9beb0b34b04969b94d5acaf657c3ee6d","src/linux.rs":"67e02ecd105b8a421227bf72814e8388a4f77df1d8a44b8902bc8926f7e6698c","src/macos.rs":"018e729ea67e8e17428d2e8d93f28ed0f7e7c506fcf78b56f56113235ce7dfcf"},"package":"c539a50b93a303167eded6e8dff5220cd39447409fb659f4cd24b1f72fe4f133"} \ No newline at end of file diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/vendor/num_threads/Cargo.toml new/vendor/num_threads/Cargo.toml --- old/vendor/num_threads/Cargo.toml 2022-03-02 07:13:51.184254200 +0100 +++ new/vendor/num_threads/Cargo.toml 2022-03-14 03:18:11.638028100 +0100 @@ -11,7 +11,7 @@ [package] name = "num_threads" -version = "0.1.3" +version = "0.1.4" authors = ["Jacob Pratt <open-sou...@jhpratt.dev>"] include = ["src/**/*", "LICENSE-*"] description = "A minimal library that determines the number of running threads for the current process." diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/vendor/num_threads/src/lib.rs new/vendor/num_threads/src/lib.rs --- old/vendor/num_threads/src/lib.rs 2022-03-02 07:13:51.188254000 +0100 +++ new/vendor/num_threads/src/lib.rs 2022-03-14 03:18:11.638028100 +0100 @@ -18,3 +18,47 @@ pub fn is_single_threaded() -> Option<bool> { num_threads().map(|n| n.get() == 1) } + +#[cfg(test)] +mod test { + use std::num::NonZeroUsize; + + // Run each expression in its own thread. + macro_rules! threaded { + ($first:expr;) => { + $first; + }; + ($first:expr; $($rest:expr;)*) => { + $first; + ::std::thread::spawn(|| { + threaded!($($rest;)*); + }) + .join() + .unwrap(); + }; + } + + #[test] + fn num_threads() { + threaded! { + assert_eq!(super::num_threads().map(NonZeroUsize::get), Some(1)); + assert_eq!(super::num_threads().map(NonZeroUsize::get), Some(2)); + assert_eq!(super::num_threads().map(NonZeroUsize::get), Some(3)); + assert_eq!(super::num_threads().map(NonZeroUsize::get), Some(4)); + assert_eq!(super::num_threads().map(NonZeroUsize::get), Some(5)); + assert_eq!(super::num_threads().map(NonZeroUsize::get), Some(6)); + } + } + + #[test] + fn is_single_threaded() { + threaded! { + assert_eq!(super::is_single_threaded(), Some(true)); + assert_eq!(super::is_single_threaded(), Some(false)); + assert_eq!(super::is_single_threaded(), Some(false)); + assert_eq!(super::is_single_threaded(), Some(false)); + assert_eq!(super::is_single_threaded(), Some(false)); + assert_eq!(super::is_single_threaded(), Some(false)); + } + } +} diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/vendor/num_threads/src/macos.rs new/vendor/num_threads/src/macos.rs --- old/vendor/num_threads/src/macos.rs 2022-03-02 07:13:51.188254000 +0100 +++ new/vendor/num_threads/src/macos.rs 2022-03-14 03:18:11.638028100 +0100 @@ -1,26 +1,45 @@ extern crate libc; -use std::mem; use std::num::NonZeroUsize; -const PROC_TASKINFO_SIZE: usize = mem::size_of::<libc::proc_taskinfo>(); +use self::libc::{kern_return_t, mach_msg_type_number_t, mach_port_t, thread_t}; -pub(crate) fn num_threads() -> Option<NonZeroUsize> { - let mut pti: libc::proc_taskinfo = unsafe { mem::zeroed() }; - - let result = unsafe { - libc::proc_pidinfo( - libc::getpid(), - libc::PROC_PIDTASKINFO, - 0, - &mut pti as *mut libc::proc_taskinfo as *mut libc::c_void, - PROC_TASKINFO_SIZE as libc::c_int, - ) - }; +// This constant is from +// /Applications/Xcode.app/Contents/Developer/Platforms/MacOSX.platform/Developer/SDKs/MacOSX.sdk/ +// usr/include/mach/machine/thread_state.h. +// +// It has not been updated since Apple devices started to support 64-bit ARM (iOS), so it +// should be very stable. +const THREAD_STATE_MAX: i32 = 1296; +#[allow(non_camel_case_types)] +// https://github.com/apple/darwin-xnu/blob/a1babec6b135d1f35b2590a1990af3c5c5393479/osfmk/mach/mach_types.defs#L155 +type task_inspect_t = mach_port_t; +#[allow(non_camel_case_types)] +// https://github.com/apple/darwin-xnu/blob/a1babec6b135d1f35b2590a1990af3c5c5393479/osfmk/mach/mach_types.defs#L238 +type thread_array_t = [thread_t; THREAD_STATE_MAX as usize]; + +extern "C" { + // https://developer.apple.com/documentation/kernel/1537751-task_threads/ + fn task_threads( + target_task: task_inspect_t, + act_list: *mut thread_array_t, + act_listCnt: *mut mach_msg_type_number_t, + ) -> kern_return_t; +} - if result == PROC_TASKINFO_SIZE as libc::c_int { - return NonZeroUsize::new(pti.pti_threadnum as usize); +pub(crate) fn num_threads() -> Option<NonZeroUsize> { + // http://web.mit.edu/darwin/src/modules/xnu/osfmk/man/task_threads.html + let mut thread_state = [0u32; THREAD_STATE_MAX as usize]; + let mut thread_count = 0; + + // Safety: `mach_task_self` always returns a valid value, `thread_state` is large enough, and + // both it and `thread_count` are writable. + let result = + unsafe { task_threads(libc::mach_task_self(), &mut thread_state, &mut thread_count) }; + + if result == libc::KERN_SUCCESS { + NonZeroUsize::new(thread_count as usize) + } else { + None } - - None } diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/vendor/regex/.cargo-checksum.json new/vendor/regex/.cargo-checksum.json --- old/vendor/regex/.cargo-checksum.json 2022-03-02 07:13:51.200254200 +0100 +++ new/vendor/regex/.cargo-checksum.json 2022-03-14 03:18:11.650028000 +0100 @@ -1 +1 @@ -{"files":{"CHANGELOG.md":"dc37d7389aa7f626a2a76f565b379378a63a043004674735e2b5859202b255ea","Cargo.lock":"b74b289188546209fb8b9024eb5cf7c43dc24b199cf2aaf2b11601ee24d9575d","Cargo.toml":"d5bf863bcab85700dc82190169003b7781f7985e51f7ba67a757fc2ba069ee6e","HACKING.md":"17818f7a17723608f6bdbe6388ad0a913d4f96f76a16649aaf4e274b1fa0ea97","LICENSE-APACHE":"a60eea817514531668d7e00765731449fe14d059d3249e0bc93b36de45f759f2","LICENSE-MIT":"6485b8ed310d3f0340bf1ad1f47645069ce4069dcc6bb46c7d5c6faf41de1fdb","PERFORMANCE.md":"0d5ef3866386918dfdefb1aa9a28cfe33cb3c8ceeb79f3f8ba5b88253dd95991","README.md":"c53b7bc36b660ca5fbd45a78e860107fa4deeaa35d23404e2ed37e5079a5352c","UNICODE.md":"a8a8399540eed000d19420135a527f400247a04572e44d124c786b870f518776","examples/regexdna-input.txt":"156a49710bb3e1ed4bc2bbb0af0f383b747b3d0281453cfff39c296124c598f8","examples/regexdna-output.txt":"35e85b19b70a893d752fd43e54e1e9da08bac43559191cea85b33387c24c4cc1","examples/shootout-regex-dna-bytes.rs":"fa2daedb4e0a05f64f33f4 af62fbb0176db998e3676f8637ab684b725367a7b4","examples/shootout-regex-dna-cheat.rs":"1f871a6eaaf8372299fa3c762051112fa89a14235b03f734fc50ebd51ecaee72","examples/shootout-regex-dna-replace.rs":"32ffdf13ac6c4ce3fc32116a048e9cc682aa34cdb8e5beaf565a22addbdcd9ab","examples/shootout-regex-dna-single-cheat.rs":"809f75bf1e1917a53623eb6f1a3ce3b7d2ed98a6a1dbc0bd4853bec49a0c6f94","examples/shootout-regex-dna-single.rs":"1ab14f5703cd4be2e75a2e792e0ba1d322b9e4b14535d396805a4316d577f5bb","examples/shootout-regex-dna.rs":"20ea46ab63f91e3ac6a64e997eadd436a9cbc2f1bdade28e4512052f0e25bc34","rustfmt.toml":"1ca600239a27401c4a43f363cf3f38183a212affc1f31bff3ae93234bbaec228","src/backtrack.rs":"9018950f86564184a5dafd869a6c2cb3c4538ff302adbeccac33015f6e88f904","src/compile.rs":"84251b11081db43b712a887d424b79bdcd4738865e7df4d8667250cec553bac3","src/dfa.rs":"380580f54b0cee80c1a26caee3b4b76ad06ac63afdf8a8d351368a458454517d","src/error.rs":"71c85db839514f26ee024a689061743ea94a34eb7a3291e6c2b69b45a9682d09","src/ exec.rs":"88b49098761db539e717c2965d2f56908c81aa10d91873d29a08484be7a11218","src/expand.rs":"ccba4798bd48ce40c34e91318f12258f46d8382e178a2c2b31c0d03b1ab51c5b","src/find_byte.rs":"b387247b77e3269f057c3399aefe5a815032c3af918c876f80eb4b282e4eb95e","src/freqs.rs":"255555f3d95b08a5bb3bc2f38d5a06cc100a39c0f0127fe4f50c33afa1cadc65","src/input.rs":"69595d1ea8d35351f5065ffdbf5965427d2e3fb5160a37008fa7e21d0eaa7720","src/lib.rs":"20bc28509e1853faea9581d43b21bc3ab144bb776e47fda4560082c4673854a6","src/literal/imp.rs":"5f73e0bcbee70c11041deca5ae84a8d30995963f452b29dd2fe5ab46d4978c12","src/literal/mod.rs":"533f1d68af088e9485170145e27518368e541a0337fdb44f63249ebf97310300","src/pattern.rs":"6f5909315f4542a989d9b1cee0bb3bc5b6749a665d73e32ec1c8ec4d71b78fac","src/pikevm.rs":"83423e5a94ea36e99dc6f69891ab200c1d0dadd3389ee296a816ec8d68bf556f","src/pool.rs":"942e991ae31ef349bd76efd78b2a712c01166dec965bf93742977ed0870d5a10","src/prog.rs":"78a02dcc1fc7b1d4f37a4a4eeb075eb5cc84aea1736e4de3a2cc7449a9ce5103","sr c/re_builder.rs":"943344bf6e2fc90902ee04b11b741c32418ac6814b21b7982cc0a3a817713f3e","src/re_bytes.rs":"c19bf2df00024e91f6f2b68be2d8971e847d6f16d7b949a04d2569736b1cdadb","src/re_set.rs":"a0cb76fafe7e33ea8c7b65aae53fa3432fc1651be186218b2284cb3c002ea966","src/re_trait.rs":"1c209fe30392b957f1bdcacdb900f222fc761a2e1634ab1c3f4ee97f315a0c22","src/re_unicode.rs":"1b25aa974065211a269e70b3636aef91e31f9ad7e395150c22e30317172169f8","src/sparse.rs":"0da3ddb7972109869248a764dbb10254555f4bb51c375e89fb3fab9cafa47320","src/testdata/LICENSE":"58cf078acc03da3e280a938c2bd9943f554fc9b6ced89ad93ba35ca436872899","src/testdata/README":"45f869e37f798905c773bfbe0ef19a5fb7e585cbf0b7c21b5b5a784e8cec3c14","src/testdata/basic.dat":"b5b33aa89d48a61cd67cb1fbfd8f70e62c83e30b86256f9f915a5190dd38ff06","src/testdata/nullsubexpr.dat":"496ac0278eec3b6d9170faace14554569032dd3d909618364d9326156de39ecf","src/testdata/repetition.dat":"1f7959063015b284b18a4a2c1c8b416d438a2d6c4b1a362da43406b865f50e69","src/utf8.rs":"708615a48 59110cc9766b342a9c1da6c5c4a8a04ad239046b2725385db977efe","test":"0d62fdca7da12fc19ea5306b5de1d83e68d9365a029c043d524334da138b0304","tests/api.rs":"7b2a0ef75e99b9776094967bd66e9cdeaa8e11359f5f0a12bd08ef0e8d0c11fc","tests/api_str.rs":"2ae38c04e7e8fac008b609a820d0b1561ba75f39b0edc0987d6d3d06132da77f","tests/bytes.rs":"edc50f526c5fee43df89d639ef18b237e4eb91e9d533bfc43f3cbab7417d38ba","tests/consistent.rs":"d69435154c09478076497216e43081a835ac65147181a4fbddad7bff469605b2","tests/crates_regex.rs":"91a59d470e0700b4bcb3ff735d06799f3107b8ef4875a2e9904607b164be0326","tests/crazy.rs":"c0d56380dff19bdd5d7a3eb731d0e2dc564e169a1b73c81e1879b1e87f5f5f77","tests/flags.rs":"05caace2c81a99d2168037f3a38035d4dffe9f85ef3ebd7ef18b1bc6612f1ea8","tests/fowler.rs":"d78cf914de40b1e125cc92b65ccb444d462586bd07b5e05de4e4a1b5de16aa76","tests/macros.rs":"6db70c16fc90df13e6b30d2b606f8b6dd4dc976697967f6ee001b15aab6d0b19","tests/macros_bytes.rs":"a049f528a93173a1bb176cd46932dce1880679f4a1752e099be920f0e4546fd0","test s/macros_str.rs":"e585b1461374c45a2eca44ca045bc3c1fe984b2b4212e432b0c695b420e708b7","tests/misc.rs":"395f52793fa022e4cdda78675b6a6fba1a3106b4b99c834c39f7801574054bd1","tests/multiline.rs":"1b1a3326ed976437c1357f01d81833ece7ea244f38826246eab55cacd5d0862a","tests/noparse.rs":"12b6be0eff3d80779d33c6459396c74c0f6ebf4ddc9f1d33c3e747ea9e3bf268","tests/regression.rs":"4d4aecf57ce5accf73fe8818267e8d45c9a15896d40093a5b5e1a09007a121a1","tests/regression_fuzz.rs":"a504ec563e0d23bd2039493b7b1767fe1f831d7d668f6f4b2ecd124fc7899bcd","tests/replace.rs":"0efa042c0d531911e8ac41ce98a6b60236cbf40954102c59f9f6dea78d9d74dd","tests/searcher.rs":"ce35e47b0a276a7e8c9060c6a0b225ffba163aebc61fbc15555a6897fa0e552c","tests/set.rs":"f1e2af6baeeaed3cc99ed347ff516fe7b2eb0027ef64b891502e1486598eaf8a","tests/shortest_match.rs":"a2c94390c0d61bc24796b4c1288c924e90c8c9c6156fdebb858175177a194a42","tests/suffix_reverse.rs":"b95f89397404871227d9efe6df23b9ded147f183db81597e608f693955c668b5","tests/test_backtrack.rs":"b70c5 e5f1241efd76dd9f9dd4a4df8a7b38113bd407d1f5f56867f1176177a59","tests/test_backtrack_bytes.rs":"b8a111d4b4109c8bba7e2afb650572c495a14d357fb1f743c1076fb001f704b5","tests/test_backtrack_utf8bytes.rs":"c0c279785d18beac2b4e178e7bf6c14ed235d65f00ca467cfd9c333d79487649","tests/test_crates_regex.rs":"fd9525c2eef0e2f8cb7f787bc2b721bcd0b5d84f3bca49adfe48d657a99c721a","tests/test_default.rs":"9dadd426a991683e601d3e52b1f6a551d531a23408ea791e5446eae83a3e8b6c","tests/test_default_bytes.rs":"831d3e6bfb882feb15f700e30304bd34328f888fb4c15c7169371e25024ce9a7","tests/test_nfa.rs":"f119fc43a018249c39c813d57096b0654ff69f337345f2bbd9b0e61cc9137285","tests/test_nfa_bytes.rs":"89eae3bef6a1d0bcea6b5de5be35ad72f613f2ceb8b58fe82a6c6ef2ccdc07d0","tests/test_nfa_utf8bytes.rs":"7d830b4aa401887d7cf098b62fed4cd8017ef8b61f625c7c9a2159a6b4cfeb71","tests/unicode.rs":"4bf85f5c3d547fa8b5623194a09b6413067499dfbe7c1d29d8b50bf1cddacf6b","tests/word_boundary.rs":"7081317ddcec1e82dd4a2090a571c6abf2ff4bbfa8cd10395e1eb3f386157 fae","tests/word_boundary_ascii.rs":"cd0be5b5b485de0ba7994b42e2864585556c3d2d8bf5eab05b58931d9aaf4b87","tests/word_boundary_unicode.rs":"75dbcc35d3abc0f9795c2ea99e216dc227b0a5b58e9ca5eef767815ff0513921"},"package":"d07a8629359eb56f1e2fb1652bb04212c072a87ba68546a04065d525673ac461"} \ No newline at end of file +{"files":{"CHANGELOG.md":"dc37d7389aa7f626a2a76f565b379378a63a043004674735e2b5859202b255ea","Cargo.lock":"68805a2737aad9b6520868b2f85dbe638c4efb9f4aef759226a129edb5940434","Cargo.toml":"5678757a6bafcac57c7a3b51655ef978901112eb0629976a402560db5f948f56","HACKING.md":"17818f7a17723608f6bdbe6388ad0a913d4f96f76a16649aaf4e274b1fa0ea97","LICENSE-APACHE":"a60eea817514531668d7e00765731449fe14d059d3249e0bc93b36de45f759f2","LICENSE-MIT":"6485b8ed310d3f0340bf1ad1f47645069ce4069dcc6bb46c7d5c6faf41de1fdb","PERFORMANCE.md":"0d5ef3866386918dfdefb1aa9a28cfe33cb3c8ceeb79f3f8ba5b88253dd95991","README.md":"6125b1c70b9b560412529c54dc6aacdfd39cc82f69b5ad7776fa86e4cb720347","UNICODE.md":"a8a8399540eed000d19420135a527f400247a04572e44d124c786b870f518776","examples/regexdna-input.txt":"156a49710bb3e1ed4bc2bbb0af0f383b747b3d0281453cfff39c296124c598f8","examples/regexdna-output.txt":"35e85b19b70a893d752fd43e54e1e9da08bac43559191cea85b33387c24c4cc1","examples/shootout-regex-dna-bytes.rs":"fa2daedb4e0a05f64f33f4 af62fbb0176db998e3676f8637ab684b725367a7b4","examples/shootout-regex-dna-cheat.rs":"1f871a6eaaf8372299fa3c762051112fa89a14235b03f734fc50ebd51ecaee72","examples/shootout-regex-dna-replace.rs":"32ffdf13ac6c4ce3fc32116a048e9cc682aa34cdb8e5beaf565a22addbdcd9ab","examples/shootout-regex-dna-single-cheat.rs":"809f75bf1e1917a53623eb6f1a3ce3b7d2ed98a6a1dbc0bd4853bec49a0c6f94","examples/shootout-regex-dna-single.rs":"1ab14f5703cd4be2e75a2e792e0ba1d322b9e4b14535d396805a4316d577f5bb","examples/shootout-regex-dna.rs":"20ea46ab63f91e3ac6a64e997eadd436a9cbc2f1bdade28e4512052f0e25bc34","rustfmt.toml":"1ca600239a27401c4a43f363cf3f38183a212affc1f31bff3ae93234bbaec228","src/backtrack.rs":"9018950f86564184a5dafd869a6c2cb3c4538ff302adbeccac33015f6e88f904","src/compile.rs":"5c834c2125abc10d0de3c377e34b1f2e2c10b837809631b1c688d3b536368cfd","src/dfa.rs":"2dfed56e1bd3506d328a3d2031aaa15dd87a7561f92f1a9fc1946a14cfbb64ae","src/error.rs":"71c85db839514f26ee024a689061743ea94a34eb7a3291e6c2b69b45a9682d09","src/ exec.rs":"88b49098761db539e717c2965d2f56908c81aa10d91873d29a08484be7a11218","src/expand.rs":"ccba4798bd48ce40c34e91318f12258f46d8382e178a2c2b31c0d03b1ab51c5b","src/find_byte.rs":"b387247b77e3269f057c3399aefe5a815032c3af918c876f80eb4b282e4eb95e","src/freqs.rs":"255555f3d95b08a5bb3bc2f38d5a06cc100a39c0f0127fe4f50c33afa1cadc65","src/input.rs":"69595d1ea8d35351f5065ffdbf5965427d2e3fb5160a37008fa7e21d0eaa7720","src/lib.rs":"20bc28509e1853faea9581d43b21bc3ab144bb776e47fda4560082c4673854a6","src/literal/imp.rs":"5f73e0bcbee70c11041deca5ae84a8d30995963f452b29dd2fe5ab46d4978c12","src/literal/mod.rs":"533f1d68af088e9485170145e27518368e541a0337fdb44f63249ebf97310300","src/pattern.rs":"6f5909315f4542a989d9b1cee0bb3bc5b6749a665d73e32ec1c8ec4d71b78fac","src/pikevm.rs":"83423e5a94ea36e99dc6f69891ab200c1d0dadd3389ee296a816ec8d68bf556f","src/pool.rs":"942e991ae31ef349bd76efd78b2a712c01166dec965bf93742977ed0870d5a10","src/prog.rs":"78a02dcc1fc7b1d4f37a4a4eeb075eb5cc84aea1736e4de3a2cc7449a9ce5103","sr c/re_builder.rs":"943344bf6e2fc90902ee04b11b741c32418ac6814b21b7982cc0a3a817713f3e","src/re_bytes.rs":"c19bf2df00024e91f6f2b68be2d8971e847d6f16d7b949a04d2569736b1cdadb","src/re_set.rs":"a0cb76fafe7e33ea8c7b65aae53fa3432fc1651be186218b2284cb3c002ea966","src/re_trait.rs":"1c209fe30392b957f1bdcacdb900f222fc761a2e1634ab1c3f4ee97f315a0c22","src/re_unicode.rs":"122df2eecd8727a4169fe7efb0925a1767fdfa2e290d9b90ca0beaa137b5abfa","src/sparse.rs":"0da3ddb7972109869248a764dbb10254555f4bb51c375e89fb3fab9cafa47320","src/testdata/LICENSE":"58cf078acc03da3e280a938c2bd9943f554fc9b6ced89ad93ba35ca436872899","src/testdata/README":"45f869e37f798905c773bfbe0ef19a5fb7e585cbf0b7c21b5b5a784e8cec3c14","src/testdata/basic.dat":"b5b33aa89d48a61cd67cb1fbfd8f70e62c83e30b86256f9f915a5190dd38ff06","src/testdata/nullsubexpr.dat":"496ac0278eec3b6d9170faace14554569032dd3d909618364d9326156de39ecf","src/testdata/repetition.dat":"1f7959063015b284b18a4a2c1c8b416d438a2d6c4b1a362da43406b865f50e69","src/utf8.rs":"708615a48 59110cc9766b342a9c1da6c5c4a8a04ad239046b2725385db977efe","test":"0d62fdca7da12fc19ea5306b5de1d83e68d9365a029c043d524334da138b0304","tests/api.rs":"7b2a0ef75e99b9776094967bd66e9cdeaa8e11359f5f0a12bd08ef0e8d0c11fc","tests/api_str.rs":"2ae38c04e7e8fac008b609a820d0b1561ba75f39b0edc0987d6d3d06132da77f","tests/bytes.rs":"edc50f526c5fee43df89d639ef18b237e4eb91e9d533bfc43f3cbab7417d38ba","tests/consistent.rs":"d69435154c09478076497216e43081a835ac65147181a4fbddad7bff469605b2","tests/crates_regex.rs":"91a59d470e0700b4bcb3ff735d06799f3107b8ef4875a2e9904607b164be0326","tests/crazy.rs":"c0d56380dff19bdd5d7a3eb731d0e2dc564e169a1b73c81e1879b1e87f5f5f77","tests/flags.rs":"05caace2c81a99d2168037f3a38035d4dffe9f85ef3ebd7ef18b1bc6612f1ea8","tests/fowler.rs":"d78cf914de40b1e125cc92b65ccb444d462586bd07b5e05de4e4a1b5de16aa76","tests/macros.rs":"6db70c16fc90df13e6b30d2b606f8b6dd4dc976697967f6ee001b15aab6d0b19","tests/macros_bytes.rs":"a049f528a93173a1bb176cd46932dce1880679f4a1752e099be920f0e4546fd0","test s/macros_str.rs":"e585b1461374c45a2eca44ca045bc3c1fe984b2b4212e432b0c695b420e708b7","tests/misc.rs":"395f52793fa022e4cdda78675b6a6fba1a3106b4b99c834c39f7801574054bd1","tests/multiline.rs":"1b1a3326ed976437c1357f01d81833ece7ea244f38826246eab55cacd5d0862a","tests/noparse.rs":"12b6be0eff3d80779d33c6459396c74c0f6ebf4ddc9f1d33c3e747ea9e3bf268","tests/regression.rs":"4d4aecf57ce5accf73fe8818267e8d45c9a15896d40093a5b5e1a09007a121a1","tests/regression_fuzz.rs":"a504ec563e0d23bd2039493b7b1767fe1f831d7d668f6f4b2ecd124fc7899bcd","tests/replace.rs":"0efa042c0d531911e8ac41ce98a6b60236cbf40954102c59f9f6dea78d9d74dd","tests/searcher.rs":"ce35e47b0a276a7e8c9060c6a0b225ffba163aebc61fbc15555a6897fa0e552c","tests/set.rs":"f1e2af6baeeaed3cc99ed347ff516fe7b2eb0027ef64b891502e1486598eaf8a","tests/shortest_match.rs":"a2c94390c0d61bc24796b4c1288c924e90c8c9c6156fdebb858175177a194a42","tests/suffix_reverse.rs":"b95f89397404871227d9efe6df23b9ded147f183db81597e608f693955c668b5","tests/test_backtrack.rs":"b70c5 e5f1241efd76dd9f9dd4a4df8a7b38113bd407d1f5f56867f1176177a59","tests/test_backtrack_bytes.rs":"b8a111d4b4109c8bba7e2afb650572c495a14d357fb1f743c1076fb001f704b5","tests/test_backtrack_utf8bytes.rs":"c0c279785d18beac2b4e178e7bf6c14ed235d65f00ca467cfd9c333d79487649","tests/test_crates_regex.rs":"fd9525c2eef0e2f8cb7f787bc2b721bcd0b5d84f3bca49adfe48d657a99c721a","tests/test_default.rs":"c2dfa0298896f86f1be2abf6b0c347a7ca12f95aeac92bf614dc3b86bdfff269","tests/test_default_bytes.rs":"831d3e6bfb882feb15f700e30304bd34328f888fb4c15c7169371e25024ce9a7","tests/test_nfa.rs":"f119fc43a018249c39c813d57096b0654ff69f337345f2bbd9b0e61cc9137285","tests/test_nfa_bytes.rs":"89eae3bef6a1d0bcea6b5de5be35ad72f613f2ceb8b58fe82a6c6ef2ccdc07d0","tests/test_nfa_utf8bytes.rs":"7d830b4aa401887d7cf098b62fed4cd8017ef8b61f625c7c9a2159a6b4cfeb71","tests/unicode.rs":"4bf85f5c3d547fa8b5623194a09b6413067499dfbe7c1d29d8b50bf1cddacf6b","tests/word_boundary.rs":"7081317ddcec1e82dd4a2090a571c6abf2ff4bbfa8cd10395e1eb3f386157 fae","tests/word_boundary_ascii.rs":"cd0be5b5b485de0ba7994b42e2864585556c3d2d8bf5eab05b58931d9aaf4b87","tests/word_boundary_unicode.rs":"75dbcc35d3abc0f9795c2ea99e216dc227b0a5b58e9ca5eef767815ff0513921"},"package":"1a11647b6b25ff05a515cb92c365cec08801e83423a235b51e231e1808747286"} \ No newline at end of file diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/vendor/regex/Cargo.lock new/vendor/regex/Cargo.lock --- old/vendor/regex/Cargo.lock 2022-03-02 07:13:51.196254300 +0100 +++ new/vendor/regex/Cargo.lock 2022-03-14 03:18:11.642028000 +0100 @@ -36,9 +36,9 @@ [[package]] name = "libc" -version = "0.2.80" +version = "0.2.94" source = "registry+https://github.com/rust-lang/crates.io-index"; -checksum = "4d58d1b70b004888f764dfbf6a26a3b0342a1632d33968e4a179d8011c760614" +checksum = "18794a8ad5b29321f790b55d93dfba91e125cb1a9edbd4f8e3150acc771c1a5e" [[package]] name = "memchr" @@ -75,7 +75,7 @@ [[package]] name = "regex" -version = "1.5.4" +version = "1.5.5" dependencies = [ "aho-corasick", "lazy_static", diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/vendor/regex/Cargo.toml new/vendor/regex/Cargo.toml --- old/vendor/regex/Cargo.toml 2022-03-02 07:13:51.196254300 +0100 +++ new/vendor/regex/Cargo.toml 2022-03-14 03:18:11.642028000 +0100 @@ -3,27 +3,33 @@ # When uploading crates to the registry Cargo will automatically # "normalize" Cargo.toml files for maximal compatibility # with all versions of Cargo and also rewrite `path` dependencies -# to registry (e.g., crates.io) dependencies +# to registry (e.g., crates.io) dependencies. # -# If you believe there's an error in this file please file an -# issue against the rust-lang/cargo repository. If you're -# editing this file be aware that the upstream Cargo.toml -# will likely look very different (and much more reasonable) +# If you are reading this file be aware that the original Cargo.toml +# will likely look very different (and much more reasonable). +# See Cargo.toml.orig for the original contents. [package] edition = "2018" name = "regex" -version = "1.5.4" +version = "1.5.5" authors = ["The Rust Project Developers"] -exclude = ["/scripts/*", "/.github/*"] +exclude = [ + "/scripts/*", + "/.github/*", +] autotests = false -description = "An implementation of regular expressions for Rust. This implementation uses\nfinite automata and guarantees linear time matching on all inputs.\n" +description = """ +An implementation of regular expressions for Rust. This implementation uses +finite automata and guarantees linear time matching on all inputs. +""" homepage = "https://github.com/rust-lang/regex"; documentation = "https://docs.rs/regex"; readme = "README.md" categories = ["text-processing"] license = "MIT OR Apache-2.0" repository = "https://github.com/rust-lang/regex"; + [profile.bench] debug = true @@ -72,6 +78,7 @@ [[test]] name = "crates-regex" path = "tests/test_crates_regex.rs" + [dependencies.aho-corasick] version = "0.7.18" optional = true @@ -83,6 +90,7 @@ [dependencies.regex-syntax] version = "0.6.25" default-features = false + [dev-dependencies.lazy_static] version = "1" @@ -92,19 +100,44 @@ [dev-dependencies.rand] version = "0.8.3" -features = ["getrandom", "small_rng"] +features = [ + "getrandom", + "small_rng", +] default-features = false [features] -default = ["std", "perf", "unicode", "regex-syntax/default"] +default = [ + "std", + "perf", + "unicode", + "regex-syntax/default", +] pattern = [] -perf = ["perf-cache", "perf-dfa", "perf-inline", "perf-literal"] +perf = [ + "perf-cache", + "perf-dfa", + "perf-inline", + "perf-literal", +] perf-cache = [] perf-dfa = [] perf-inline = [] -perf-literal = ["aho-corasick", "memchr"] +perf-literal = [ + "aho-corasick", + "memchr", +] std = [] -unicode = ["unicode-age", "unicode-bool", "unicode-case", "unicode-gencat", "unicode-perl", "unicode-script", "unicode-segment", "regex-syntax/unicode"] +unicode = [ + "unicode-age", + "unicode-bool", + "unicode-case", + "unicode-gencat", + "unicode-perl", + "unicode-script", + "unicode-segment", + "regex-syntax/unicode", +] unicode-age = ["regex-syntax/unicode-age"] unicode-bool = ["regex-syntax/unicode-bool"] unicode-case = ["regex-syntax/unicode-case"] diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/vendor/regex/README.md new/vendor/regex/README.md --- old/vendor/regex/README.md 2022-03-02 07:13:51.196254300 +0100 +++ new/vendor/regex/README.md 2022-03-14 03:18:11.642028000 +0100 @@ -8,7 +8,7 @@ by [RE2](https://github.com/google/re2). [](https://github.com/rust-lang/regex/actions) -[](https://crates.io/crates/regex) +[](https://crates.io/crates/regex) [](https://github.com/rust-lang/regex) ### Documentation diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/vendor/regex/src/compile.rs new/vendor/regex/src/compile.rs --- old/vendor/regex/src/compile.rs 2022-03-02 07:13:51.196254300 +0100 +++ new/vendor/regex/src/compile.rs 2022-03-14 03:18:11.646028000 +0100 @@ -38,6 +38,16 @@ suffix_cache: SuffixCache, utf8_seqs: Option<Utf8Sequences>, byte_classes: ByteClassSet, + // This keeps track of extra bytes allocated while compiling the regex + // program. Currently, this corresponds to two things. First is the heap + // memory allocated by Unicode character classes ('InstRanges'). Second is + // a "fake" amount of memory used by empty sub-expressions, so that enough + // empty sub-expressions will ultimately trigger the compiler to bail + // because of a size limit restriction. (That empty sub-expressions don't + // add to heap memory usage is more-or-less an implementation detail.) In + // the second case, if we don't bail, then an excessively large repetition + // on an empty sub-expression can result in the compiler using a very large + // amount of CPU time. extra_inst_bytes: usize, } @@ -260,7 +270,7 @@ self.check_size()?; match *expr.kind() { - Empty => Ok(None), + Empty => self.c_empty(), Literal(hir::Literal::Unicode(c)) => self.c_char(c), Literal(hir::Literal::Byte(b)) => { assert!(self.compiled.uses_bytes()); @@ -378,6 +388,19 @@ } } + fn c_empty(&mut self) -> ResultOrEmpty { + // See: https://github.com/rust-lang/regex/security/advisories/GHSA-m5pq-gvj9-9vr8 + // See: CVE-2022-24713 + // + // Since 'empty' sub-expressions don't increase the size of + // the actual compiled object, we "fake" an increase in its + // size so that our 'check_size_limit' routine will eventually + // stop compilation if there are too many empty sub-expressions + // (e.g., via a large repetition). + self.extra_inst_bytes += std::mem::size_of::<Inst>(); + Ok(None) + } + fn c_capture(&mut self, first_slot: usize, expr: &Hir) -> ResultOrEmpty { if self.num_exprs > 1 || self.compiled.is_dfa { // Don't ever compile Save instructions for regex sets because @@ -496,7 +519,7 @@ let mut exprs = exprs.into_iter(); let Patch { mut hole, entry } = loop { match exprs.next() { - None => return Ok(None), + None => return self.c_empty(), Some(e) => { if let Some(p) = self.c(e)? { break p; diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/vendor/regex/src/dfa.rs new/vendor/regex/src/dfa.rs --- old/vendor/regex/src/dfa.rs 2022-03-02 07:13:51.196254300 +0100 +++ new/vendor/regex/src/dfa.rs 2022-03-14 03:18:11.646028000 +0100 @@ -1353,7 +1353,6 @@ match self.cache.trans.next(si, self.byte_class(b)) { STATE_UNKNOWN => self.exec_byte(qcur, qnext, si, b), STATE_QUIT => None, - STATE_DEAD => Some(STATE_DEAD), nsi => Some(nsi), } } @@ -1387,7 +1386,6 @@ }; match self.cache.start_states[flagi] { STATE_UNKNOWN => {} - STATE_DEAD => return Some(STATE_DEAD), si => return Some(si), } q.clear(); diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/vendor/regex/src/re_unicode.rs new/vendor/regex/src/re_unicode.rs --- old/vendor/regex/src/re_unicode.rs 2022-03-02 07:13:51.200254200 +0100 +++ new/vendor/regex/src/re_unicode.rs 2022-03-14 03:18:11.646028000 +0100 @@ -538,7 +538,7 @@ mut rep: R, ) -> Cow<'t, str> { // If we know that the replacement doesn't have any capture expansions, - // then we can fast path. The fast path can make a tremendous + // then we can use the fast path. The fast path can make a tremendous // difference: // // 1) We use `find_iter` instead of `captures_iter`. Not asking for diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/vendor/regex/tests/test_default.rs new/vendor/regex/tests/test_default.rs --- old/vendor/regex/tests/test_default.rs 2022-03-02 07:13:51.200254200 +0100 +++ new/vendor/regex/tests/test_default.rs 2022-03-14 03:18:11.646028000 +0100 @@ -150,3 +150,73 @@ assert_eq!(16, size_of::<bytes::Regex>()); assert_eq!(16, size_of::<bytes::RegexSet>()); } + +// See: https://github.com/rust-lang/regex/security/advisories/GHSA-m5pq-gvj9-9vr8 +// See: CVE-2022-24713 +// +// We test that our regex compiler will correctly return a "too big" error when +// we try to use a very large repetition on an *empty* sub-expression. +// +// At the time this test was written, the regex compiler does not represent +// empty sub-expressions with any bytecode instructions. In effect, it's an +// "optimization" to leave them out, since they would otherwise correspond +// to an unconditional JUMP in the regex bytecode (i.e., an unconditional +// epsilon transition in the NFA graph). Therefore, an empty sub-expression +// represents an interesting case for the compiler's size limits. Since it +// doesn't actually contribute any additional memory to the compiled regex +// instructions, the size limit machinery never detects it. Instead, it just +// dumbly tries to compile the empty sub-expression N times, where N is the +// repetition size. +// +// When N is very large, this will cause the compiler to essentially spin and +// do nothing for a decently large amount of time. It causes the regex to take +// quite a bit of time to compile, despite the concrete syntax of the regex +// being quite small. +// +// The degree to which this is actually a problem is somewhat of a judgment +// call. Some regexes simply take a long time to compile. But in general, you +// should be able to reasonably control this by setting lower or higher size +// limits on the compiled object size. But this mitigation doesn't work at all +// for this case. +// +// This particular test is somewhat narrow. It merely checks that regex +// compilation will, at some point, return a "too big" error. Before the +// fix landed, this test would eventually fail because the regex would be +// successfully compiled (after enough time elapsed). So while this test +// doesn't check that we exit in a reasonable amount of time, it does at least +// check that we are properly returning an error at some point. +#[test] +fn big_empty_regex_fails() { + use regex::Regex; + + let result = Regex::new("(?:){4294967295}"); + assert!(result.is_err()); +} + +// Below is a "billion laughs" variant of the previous test case. +#[test] +fn big_empty_reps_chain_regex_fails() { + use regex::Regex; + + let result = Regex::new("(?:){64}{64}{64}{64}{64}{64}"); + assert!(result.is_err()); +} + +// Below is another situation where a zero-length sub-expression can be +// introduced. +#[test] +fn big_zero_reps_regex_fails() { + use regex::Regex; + + let result = Regex::new(r"x{0}{4294967295}"); + assert!(result.is_err()); +} + +// Testing another case for completeness. +#[test] +fn empty_alt_regex_fails() { + use regex::Regex; + + let result = Regex::new(r"(?:|){4294967295}"); + assert!(result.is_err()); +}
