Module Name: src
Committed By: spz
Date: Tue Jun 24 22:24:18 UTC 2014
Modified Files:
src/lib/libc/citrus: citrus_prop.c citrus_prop.h
src/lib/libc/citrus/modules: citrus_big5.c citrus_hz.c
Log Message:
Fix our iconv version for the issues that apply to us from CVE-2014-3951
(which are the:
- Consistently pass around context information using a simple pointer.
This fixes some dereferencing bugs in Chinese character set conversions.
- Fix Simplified Chinese character set conversions by switching around the
fields of an internal struct so it corresponds with the way variables of
this type are initialised.
part)
Patch taken from FreeBSD and mutilated to fit.
FreeBSD credits: Manuel Mausz (reporter), Tijl Coosemans (report handler)
To generate a diff of this commit:
cvs rdiff -u -r1.4 -r1.5 src/lib/libc/citrus/citrus_prop.c
cvs rdiff -u -r1.5 -r1.6 src/lib/libc/citrus/citrus_prop.h
cvs rdiff -u -r1.14 -r1.15 src/lib/libc/citrus/modules/citrus_big5.c
cvs rdiff -u -r1.3 -r1.4 src/lib/libc/citrus/modules/citrus_hz.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/lib/libc/citrus/citrus_prop.c
diff -u src/lib/libc/citrus/citrus_prop.c:1.4 src/lib/libc/citrus/citrus_prop.c:1.5
--- src/lib/libc/citrus/citrus_prop.c:1.4 Wed Mar 30 08:22:01 2011
+++ src/lib/libc/citrus/citrus_prop.c Tue Jun 24 22:24:18 2014
@@ -1,4 +1,4 @@
-/* $NetBSD: citrus_prop.c,v 1.4 2011/03/30 08:22:01 jruoho Exp $ */
+/* $NetBSD: citrus_prop.c,v 1.5 2014/06/24 22:24:18 spz Exp $ */
/*-
* Copyright (c)2006 Citrus Project,
@@ -29,7 +29,7 @@
#include <sys/cdefs.h>
#if defined(LIBC_SCCS) && !defined(lint)
-__RCSID("$NetBSD: citrus_prop.c,v 1.4 2011/03/30 08:22:01 jruoho Exp $");
+__RCSID("$NetBSD: citrus_prop.c,v 1.5 2014/06/24 22:24:18 spz Exp $");
#endif /* LIBC_SCCS and not lint */
#include <assert.h>
@@ -350,7 +350,7 @@ name_found:
static int
_citrus_prop_parse_element(struct _memstream * __restrict ms,
const _citrus_prop_hint_t * __restrict hints,
- void ** __restrict context)
+ void * __restrict context)
{
int ch, errnum;
#define _CITRUS_PROP_HINT_NAME_LEN_MAX 255
@@ -459,8 +459,7 @@ _citrus_prop_parse_variable(const _citru
if (ch == EOF || ch == '\0')
break;
_memstream_ungetc(&ms, ch);
- errnum = _citrus_prop_parse_element(
- &ms, hints, (void **)&context);
+ errnum = _citrus_prop_parse_element(&ms, hints, context);
if (errnum != 0)
return errnum;
}
Index: src/lib/libc/citrus/citrus_prop.h
diff -u src/lib/libc/citrus/citrus_prop.h:1.5 src/lib/libc/citrus/citrus_prop.h:1.6
--- src/lib/libc/citrus/citrus_prop.h:1.5 Mon May 23 14:52:32 2011
+++ src/lib/libc/citrus/citrus_prop.h Tue Jun 24 22:24:18 2014
@@ -1,4 +1,4 @@
-/* $NetBSD: citrus_prop.h,v 1.5 2011/05/23 14:52:32 joerg Exp $ */
+/* $NetBSD: citrus_prop.h,v 1.6 2014/06/24 22:24:18 spz Exp $ */
/*-
* Copyright (c)2006 Citrus Project,
@@ -41,7 +41,7 @@ typedef struct _citrus_prop_hint_t _citr
#define _CITRUS_PROP_CB0_T(_func_, _type_) \
typedef int (*_citrus_prop_##_func_##_cb_func_t) \
- (void ** __restrict, const char *, _type_); \
+ (void * __restrict, const char *, _type_); \
typedef struct { \
_citrus_prop_##_func_##_cb_func_t func; \
} _citrus_prop_##_func_##_cb_t;
@@ -51,7 +51,7 @@ _CITRUS_PROP_CB0_T(str, const char *)
#define _CITRUS_PROP_CB1_T(_func_, _type_) \
typedef int (*_citrus_prop_##_func_##_cb_func_t) \
- (void ** __restrict, const char *, _type_, _type_); \
+ (void * __restrict, const char *, _type_, _type_); \
typedef struct { \
_citrus_prop_##_func_##_cb_func_t func; \
} _citrus_prop_##_func_##_cb_t;
Index: src/lib/libc/citrus/modules/citrus_big5.c
diff -u src/lib/libc/citrus/modules/citrus_big5.c:1.14 src/lib/libc/citrus/modules/citrus_big5.c:1.15
--- src/lib/libc/citrus/modules/citrus_big5.c:1.14 Tue May 28 16:57:56 2013
+++ src/lib/libc/citrus/modules/citrus_big5.c Tue Jun 24 22:24:18 2014
@@ -1,4 +1,4 @@
-/* $NetBSD: citrus_big5.c,v 1.14 2013/05/28 16:57:56 joerg Exp $ */
+/* $NetBSD: citrus_big5.c,v 1.15 2014/06/24 22:24:18 spz Exp $ */
/*-
* Copyright (c)2002, 2006 Citrus Project,
@@ -60,7 +60,7 @@
#include <sys/cdefs.h>
#if defined(LIBC_SCCS) && !defined(lint)
-__RCSID("$NetBSD: citrus_big5.c,v 1.14 2013/05/28 16:57:56 joerg Exp $");
+__RCSID("$NetBSD: citrus_big5.c,v 1.15 2014/06/24 22:24:18 spz Exp $");
#endif /* LIBC_SCCS and not lint */
#include <sys/queue.h>
@@ -192,18 +192,18 @@ _citrus_BIG5_check_excludes(_BIG5Encodin
}
static int
-_citrus_BIG5_fill_rowcol(void ** __restrict ctx, const char * __restrict s,
+_citrus_BIG5_fill_rowcol(void * __restrict ctx, const char * __restrict s,
uint64_t start, uint64_t end)
{
_BIG5EncodingInfo *ei;
int i;
uint64_t n;
- _DIAGASSERT(ctx != NULL && *ctx != NULL);
+ _DIAGASSERT(ctx != NULL);
if (start > 0xFF || end > 0xFF)
return EINVAL;
- ei = (_BIG5EncodingInfo *)*ctx;
+ ei = (_BIG5EncodingInfo *)ctx;
i = strcmp("row", s) ? 1 : 0;
i = 1 << i;
for (n = start; n <= end; ++n)
@@ -213,17 +213,17 @@ _citrus_BIG5_fill_rowcol(void ** __restr
static int
/*ARGSUSED*/
-_citrus_BIG5_fill_excludes(void ** __restrict ctx, const char * __restrict s,
+_citrus_BIG5_fill_excludes(void * __restrict ctx, const char * __restrict s,
uint64_t start, uint64_t end)
{
_BIG5EncodingInfo *ei;
_BIG5Exclude *exclude;
- _DIAGASSERT(ctx != NULL && *ctx != NULL);
+ _DIAGASSERT(ctx != NULL);
if (start > 0xFFFF || end > 0xFFFF)
return EINVAL;
- ei = (_BIG5EncodingInfo *)*ctx;
+ ei = (_BIG5EncodingInfo *)ctx;
exclude = TAILQ_LAST(&ei->excludes, _BIG5ExcludeList);
if (exclude != NULL && (wint_t)start <= exclude->end)
return EINVAL;
@@ -286,9 +286,9 @@ _citrus_BIG5_encoding_module_init(_BIG5E
}
/* fallback Big5-1984, for backward compatibility. */
- _citrus_BIG5_fill_rowcol((void **)&ei, "row", 0xA1, 0xFE);
- _citrus_BIG5_fill_rowcol((void **)&ei, "col", 0x40, 0x7E);
- _citrus_BIG5_fill_rowcol((void **)&ei, "col", 0xA1, 0xFE);
+ _citrus_BIG5_fill_rowcol(ei, "row", 0xA1, 0xFE);
+ _citrus_BIG5_fill_rowcol(ei, "col", 0x40, 0x7E);
+ _citrus_BIG5_fill_rowcol(ei, "col", 0xA1, 0xFE);
return 0;
}
Index: src/lib/libc/citrus/modules/citrus_hz.c
diff -u src/lib/libc/citrus/modules/citrus_hz.c:1.3 src/lib/libc/citrus/modules/citrus_hz.c:1.4
--- src/lib/libc/citrus/modules/citrus_hz.c:1.3 Tue May 28 16:57:56 2013
+++ src/lib/libc/citrus/modules/citrus_hz.c Tue Jun 24 22:24:18 2014
@@ -1,4 +1,4 @@
-/* $NetBSD: citrus_hz.c,v 1.3 2013/05/28 16:57:56 joerg Exp $ */
+/* $NetBSD: citrus_hz.c,v 1.4 2014/06/24 22:24:18 spz Exp $ */
/*-
* Copyright (c)2004, 2006 Citrus Project,
@@ -29,7 +29,7 @@
#include <sys/cdefs.h>
#if defined(LIBC_SCCS) && !defined(lint)
-__RCSID("$NetBSD: citrus_hz.c,v 1.3 2013/05/28 16:57:56 joerg Exp $");
+__RCSID("$NetBSD: citrus_hz.c,v 1.4 2014/06/24 22:24:18 spz Exp $");
#endif /* LIBC_SCCS and not lint */
#include <sys/queue.h>
@@ -559,7 +559,7 @@ _citrus_HZ_encoding_module_uninit(_HZEnc
}
static int
-_citrus_HZ_parse_char(void **context, const char *name, const char *s)
+_citrus_HZ_parse_char(void *context, const char *name, const char *s)
{
void **p;
escape_t *escape;
@@ -568,7 +568,7 @@ _citrus_HZ_parse_char(void **context, co
_DIAGASSERT(name != NULL);
_DIAGASSERT(s != NULL);
- p = (void **)*context;
+ p = (void **)context;
escape = (escape_t *)p[0];
if (escape->ch != '\0')
return EINVAL;
@@ -580,7 +580,7 @@ _citrus_HZ_parse_char(void **context, co
}
static int
-_citrus_HZ_parse_graphic(void **context, const char *name, const char *s)
+_citrus_HZ_parse_graphic(void *context, const char *name, const char *s)
{
void **p;
_HZEncodingInfo *ei;
@@ -591,7 +591,7 @@ _citrus_HZ_parse_graphic(void **context,
_DIAGASSERT(name != NULL);
_DIAGASSERT(s != NULL);
- p = (void **)*context;
+ p = (void **)context;
escape = (escape_t *)p[0];
ei = (_HZEncodingInfo *)p[1];
graphic = malloc(sizeof(*graphic));
@@ -654,7 +654,7 @@ _CITRUS_PROP_HINT_END
};
static int
-_citrus_HZ_parse_escape(void **context, const char *name, const char *s)
+_citrus_HZ_parse_escape(void *context, const char *name, const char *s)
{
_HZEncodingInfo *ei;
escape_t *escape;
@@ -664,7 +664,7 @@ _citrus_HZ_parse_escape(void **context,
_DIAGASSERT(name != NULL);
_DIAGASSERT(s != NULL);
- ei = (_HZEncodingInfo *)*context;
+ ei = (_HZEncodingInfo *)context;
escape = malloc(sizeof(*escape));
if (escape == NULL)
return EINVAL;
