Bug#1050183: httest: depends on obsolete pcre3 library

2023-12-09 Thread Yavor Doganov 
Control: tags -1 + patch

Please find attached a patch.
Description: Port to PCRE2.
Debian-Bug: https://bugs.debian.org/1050183
Author: Yavor Doganov 
Forwarded: no
Last-Update: 2023-12-09
---

--- httest-2.4.23.orig/configure.ac
+++ httest-2.4.23/configure.ac
@@ -54,9 +54,9 @@
 fi],
[APR_ICONV_INCLUDES="";
 APR_ICONV_LIBS=""])
-AC_ARG_WITH(pcre,AS_HELP_STRING(--with-pcre=PATH,path to pcre-config script),
-   [if test ! -x $withval/pcre-config; then 
AC_MSG_ERROR($withval/pcre-config do not exist or is not executable); else 
PCRE_CONFIG="$withval/pcre-config"; fi],
-   [PCRE_CONFIG="pcre-config"])
+AC_ARG_WITH(pcre,AS_HELP_STRING(--with-pcre=PATH,path to pcre2-config script),
+   [if test ! -x $withval/pcre2-config; then 
AC_MSG_ERROR($withval/pcre2-config do not exist or is not executable); else 
PCRE_CONFIG="$withval/pcre2-config"; fi],
+   [PCRE_CONFIG="pcre2-config"])
 AC_ARG_WITH(lua,AS_HELP_STRING(--with-lua=PATH,path to lua source dir),
[if test ! -d $withval; then AC_MSG_ERROR($withval is not a directory); 
else LUA_LIB_PATH="-L${withval}"; LUA_INCLUDES="-I${withval}"; LUA_LIB="-llua"; 
fi],
 [LUA_LIB_PATH=""; if test -d /usr/include/lua5.1; then 
LUA_INCLUDES="-I/usr/include/lua5.1"; else LUA_INCLUDES=""; fi; 
LUA_LIB="-llua5.1"])
@@ -93,7 +93,7 @@
 INCLUDES="`$APR_CONFIG --includes` `$APU_CONFIG --includes` $OPENSSL_INCLUDES 
$APR_ICONV_CONFIG"
 CFLAGS="`$APR_CONFIG --cflags` `$PCRE_CONFIG --cflags` $CFLAGS $INCLUDES"
 CPPFLAGS="`$APR_CONFIG --cppflags` $CPPFLAGS"
-LIBS="$OPENSSL_LIB_PATH -lssl -lcrypto `$APR_CONFIG --link-ld`  `$APU_CONFIG 
--link-ld` `$APR_CONFIG --libs` `$APU_CONFIG --libs` `$PCRE_CONFIG --libs` -lz 
-lm"
+LIBS="$OPENSSL_LIB_PATH -lssl -lcrypto `$APR_CONFIG --link-ld`  `$APU_CONFIG 
--link-ld` `$APR_CONFIG --libs` `$APU_CONFIG --libs` `$PCRE_CONFIG --libs8` -lz 
-lm"
 
 if test "$enable_ssl_legacy_reneg" = "yes"; then
   CFLAGS="$CFLAGS -DSSL_ALLOW_UNSAFE_LEGACY_RENEGOTIATION"
--- httest-2.4.23.orig/src/regex.c
+++ httest-2.4.23/src/regex.c
@@ -29,7 +29,8 @@
 #include 
 #endif
 
-#include 
+#define PCRE2_CODE_UNIT_WIDTH 8
+#include 
 
 #include 
 #include 
@@ -71,26 +72,27 @@
  *
  * @param p IN pool
  * @param pattern IN pattern to compile
- * @param error IN error string
+ * @param error IN error code
  * @param erroff IN offset into pattern wherer compilation fails
  *
  * @return regular express on success else NULL
  */
 htt_regex_t *htt_regexcomp(apr_pool_t * p, const char *pattern,
-  const char **error, int *erroff) {
+  int *error, size_t *erroff) {
   htt_regex_t *preg = apr_palloc(p, sizeof *preg);
 
   preg->match = 0;
   preg->pattern = apr_pstrdup(p, pattern);
 
-  preg->re_pcre = pcre_compile(pattern, 0, error, erroff, NULL);
+  preg->re_pcre = pcre2_compile((PCRE2_SPTR) pattern, PCRE2_ZERO_TERMINATED,
+0, error, erroff, NULL);
   preg->re_erroffset = *erroff;
 
   if (preg->re_pcre == NULL) {
 return NULL;
   }
 
-  pcre_fullinfo((const pcre *)preg->re_pcre, NULL, PCRE_INFO_CAPTURECOUNT, 
&(preg->re_nsub));
+  pcre2_pattern_info(preg->re_pcre, PCRE2_INFO_CAPTURECOUNT, &(preg->re_nsub));
 
   apr_pool_cleanup_register(p, (void *) preg, htt_regex_cleanup,
 apr_pool_cleanup_null);
@@ -114,24 +116,24 @@
 apr_size_t nmatch, regmatch_t pmatch[], int eflags) {
   int rc;
   int options = 0;
-  int *ovector = NULL;
-  int small_ovector[POSIX_MALLOC_THRESHOLD * 3];
-  int allocated_ovector = 0;
+  pcre2_match_data *md;
+  size_t *ovector = NULL;
+  uint32_t md_size;
 
   ((htt_regex_t *) preg)->re_erroffset = (apr_size_t) (-1); /* Only has 
meaning after compile */
 
   if (nmatch > 0) {
 if (nmatch <= POSIX_MALLOC_THRESHOLD) {
-  ovector = &(small_ovector[0]);
+  md_size = POSIX_MALLOC_THRESHOLD * 3;
 }
 else {
-  ovector = (int *) malloc(sizeof(int) * nmatch * 3);
-  allocated_ovector = 1;
+  md_size = nmatch * 3;
 }
   }
 
-  rc = pcre_exec((const pcre *) preg->re_pcre, NULL, data,
- len, 0, options, ovector, nmatch * 3);
+  md = pcre2_match_data_create(md_size, NULL);
+  rc = pcre2_match(preg->re_pcre, (PCRE2_SPTR) data,
+   len, 0, options, md, NULL);
 
   if (rc == 0) {
 rc = nmatch;/* All captured slots were filled in */
@@ -139,22 +141,19 @@
 
   if (rc >= 0) {
 apr_size_t i;
+ovector = pcre2_get_ovector_pointer(md);
 for (i = 0; i < (apr_size_t) rc; i++) {
   pmatch[i].rm_so = ovector[i * 2];
   pmatch[i].rm_eo = ovector[i * 2 + 1];
 }
-if (allocated_ovector) {
-  free(ovector);
-}
+pcre2_match_data_free(md);
 for (; i < nmatch; i++)
   pmatch[i].rm_so = pmatch[i].rm_eo = -1;
 ++preg->match;
 return 0;
   }
   else {
-if (allocated_ovector) {
-  free(ovector);
-}
+pcre2_match_data_free(md);
 return rc;
   }
 }
@@ -187,7 +186,7 @@
  * @retu

Bug#1050183: httest: depends on obsolete pcre3 library

2023-08-21 Thread Bastian Germann 

Source: httest
Severity: serious
Version: 2.4.23-1.4
User: matthew-pcre...@debian.org
Usertags: obsolete-pcre3

Dear maintainer,

When the pcre3 -> pcre2 mass bug was filed, this package was left out.
I am filing this (edited copy) after the fact:

Your package still depends on the old, obsolete PCRE3 libraries
(i.e. libpcre3-dev). This has been end of life for a while now, and
upstream do not intend to fix any further bugs in it. Accordingly, we
would like to remove the pcre3 libraries from Debian.

The newer PCRE2 library was first released in 2015, and has been in
Debian since stretch. Upstream's documentation for PCRE2 is available
here: https://pcre.org/current/doc/html/

Many large projects that use PCRE have made the switch now (e.g. git,
php); it does involve some work, but we are now at the stage where
PCRE3 should not be used, particularly if it might ever be exposed to
untrusted input.

This mass bug filing was discussed on debian-devel@ in
https://lists.debian.org/debian-devel/2021/11/msg00176.html

Thanks,
Bastian