On Sun, 20 Jul 2014 at 16:07:06 +0100, Simon McVittie wrote:
> This was already reported as http://bugs.exim.org/show_bug.cgi?id=1463
> and fixed upstream as part of r1472. However, the upstream fix did not
> update the expected output, so the tests still fail.
The upstream fix did in fact update the expected output, I just wasn't
paying enough attention to the other contents of the svn commit.
I plan to do a delayed NMU soon with the attached changes, if the maintainer
doesn't upload first. However, I haven't done so yet, because the updated
pcre3 seems to trigger a test failure in the pcre consumer I'm mainly
interested in (GLib), and I want to be sure that these changes aren't
what's to blame for that.
Thanks,
S
diffstat for pcre3-8.35 pcre3-8.35
changelog | 11 ++
patches/Fix-silly-quantifier-size-check.patch | 100 ++++++++++++++++++++++++++
patches/series | 1
rules | 2
4 files changed, 113 insertions(+), 1 deletion(-)
diff -Nru pcre3-8.35/debian/changelog pcre3-8.35/debian/changelog
--- pcre3-8.35/debian/changelog 2014-07-12 23:04:03.000000000 +0100
+++ pcre3-8.35/debian/changelog 2014-07-20 18:40:26.000000000 +0100
@@ -1,3 +1,14 @@
+pcre3 (1:8.35-2.1) unstable; urgency=medium
+
+ * Non-maintainer upload.
+ * Run tests with VERBOSE=1 so we can see the logs for failing tests
+ (Closes: #755052)
+ * Apply part of upstream r1472 to fix undefined behaviour when parsing
+ {n} or {m,n} quantifiers, which causes mis-parsing and test failures
+ under gcc 4.9 (Closes: #751828)
+
+ -- Simon McVittie <[email protected]> Sun, 20 Jul 2014 18:37:05 +0100
+
pcre3 (1:8.35-2) unstable; urgency=medium
* Build-depends on auto-reconf (Closes: 754540)
diff -Nru pcre3-8.35/debian/patches/Fix-silly-quantifier-size-check.patch pcre3-8.35/debian/patches/Fix-silly-quantifier-size-check.patch
--- pcre3-8.35/debian/patches/Fix-silly-quantifier-size-check.patch 1970-01-01 01:00:00.000000000 +0100
+++ pcre3-8.35/debian/patches/Fix-silly-quantifier-size-check.patch 2014-07-20 18:40:26.000000000 +0100
@@ -0,0 +1,100 @@
+From: Philip Hazel <ph10>
+Date: Mon, 21 Apr 2014 16:11:50 +0000
+Subject: Fix silly quantifier size check
+
+The tests for quantifiers being too big (greater than 65535) were being
+applied after reading the number, and stupidly assuming that integer
+overflow would give a negative number. The tests are now applied as the
+numbers are read.
+
+Bug: http://bugs.exim.org/show_bug.cgi?id=1463
+Bug-Debian: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=751828
+Origin: upstream, part of http://vcs.pcre.org/viewvc?view=revision&sortby=date&revision=1472
+Applied-upstream: 8.36
+---
+ pcre_compile.c | 35 ++++++++++++++++-------------------
+ testdata/testoutput2 | 6 +++---
+ 2 files changed, 19 insertions(+), 22 deletions(-)
+
+diff --git a/pcre_compile.c b/pcre_compile.c
+index 8a5b723..ae0027b 100644
+--- a/pcre_compile.c
++++ b/pcre_compile.c
+@@ -1583,30 +1583,30 @@ read_repeat_counts(const pcre_uchar *p, int *minp, int *maxp, int *errorcodeptr)
+ int min = 0;
+ int max = -1;
+
+-/* Read the minimum value and do a paranoid check: a negative value indicates
+-an integer overflow. */
+-
+-while (IS_DIGIT(*p)) min = min * 10 + (int)(*p++ - CHAR_0);
+-if (min < 0 || min > 65535)
++while (IS_DIGIT(*p))
+ {
+- *errorcodeptr = ERR5;
+- return p;
+- }
+-
+-/* Read the maximum value if there is one, and again do a paranoid on its size.
+-Also, max must not be less than min. */
++ min = min * 10 + (int)(*p++ - CHAR_0);
++ if (min > 65535)
++ {
++ *errorcodeptr = ERR5;
++ return p;
++ }
++ }
+
+ if (*p == CHAR_RIGHT_CURLY_BRACKET) max = min; else
+ {
+ if (*(++p) != CHAR_RIGHT_CURLY_BRACKET)
+ {
+ max = 0;
+- while(IS_DIGIT(*p)) max = max * 10 + (int)(*p++ - CHAR_0);
+- if (max < 0 || max > 65535)
++ while(IS_DIGIT(*p))
+ {
+- *errorcodeptr = ERR5;
+- return p;
+- }
++ max = max * 10 + (int)(*p++ - CHAR_0);
++ if (max > 65535)
++ {
++ *errorcodeptr = ERR5;
++ return p;
++ }
++ }
+ if (max < min)
+ {
+ *errorcodeptr = ERR4;
+@@ -1615,9 +1615,6 @@ if (*p == CHAR_RIGHT_CURLY_BRACKET) max = min; else
+ }
+ }
+
+-/* Fill in the required variables, and pass back the pointer to the terminating
+-'}'. */
+-
+ *minp = min;
+ *maxp = max;
+ return p;
+diff --git a/testdata/testoutput2 b/testdata/testoutput2
+index b6da7df..cfb446e 100644
+--- a/testdata/testoutput2
++++ b/testdata/testoutput2
+@@ -5821,13 +5821,13 @@ No match
+ No match
+
+ /a{11111111111111111111}/I
+-Failed: number too big in {} quantifier at offset 22
++Failed: number too big in {} quantifier at offset 8
+
+ /(){64294967295}/I
+-Failed: number too big in {} quantifier at offset 14
++Failed: number too big in {} quantifier at offset 9
+
+ /(){2,4294967295}/I
+-Failed: number too big in {} quantifier at offset 15
++Failed: number too big in {} quantifier at offset 11
+
+ "(?i:a)(?i:b)(?i:c)(?i:d)(?i:e)(?i:f)(?i:g)(?i:h)(?i:i)(?i:j)(k)(?i:l)A\1B"I
+ Capturing subpattern count = 1
diff -Nru pcre3-8.35/debian/patches/series pcre3-8.35/debian/patches/series
--- pcre3-8.35/debian/patches/series 2014-07-11 19:15:20.000000000 +0100
+++ pcre3-8.35/debian/patches/series 2014-07-20 18:40:26.000000000 +0100
@@ -4,3 +4,4 @@
pcregrep.1-patch
soname.patch
no_jit_ppc64el.patch
+Fix-silly-quantifier-size-check.patch
diff -Nru pcre3-8.35/debian/rules pcre3-8.35/debian/rules
--- pcre3-8.35/debian/rules 2014-07-11 19:59:04.000000000 +0100
+++ pcre3-8.35/debian/rules 2014-07-20 18:40:26.000000000 +0100
@@ -50,7 +50,7 @@
# Add here commands to compile the package.
$(MAKE)
ifeq ($(DEB_BUILD_GNU_TYPE),$(DEB_HOST_GNU_TYPE))
- $(MAKE) check
+ $(MAKE) check VERBOSE=1
endif
touch build-stamp
