--- libonig-5.9.1.orig/configure.in +++ libonig-5.9.1/configure.in @@ -1,7 +1,7 @@ dnl Process this file with autoconf to produce a configure script. AC_INIT(onig, 5.9.1) -AM_INIT_AUTOMAKE +AM_INIT_AUTOMAKE([foreign]) AC_CONFIG_HEADER(config.h) --- libonig-5.9.1.orig/debian/changelog +++ libonig-5.9.1/debian/changelog @@ -0,0 +1,75 @@ +libonig (5.9.1-1ubuntu1.1) trusty-security; urgency=medium + + * SECURITY UPDATE: Fix multiple invalid pointer dereference, + out-of-bounds write memory corruption and stack buffer overflow. + - debian/patches/CVE-2017-9224-and-CVE-2017-9226-to-9229.patch: + fixes in regexec.c and regparse.c + - CVE-2017-9224 + - CVE-2017-9926 + - CVE-2017-9927 + - CVE-2017-9228 + - CVE-2017-9229 + + -- Eduardo Barretto Fri, 27 Jul 2018 15:09:10 -0300 + +libonig (5.9.1-1ubuntu1) trusty; urgency=medium + + * Use dh-autoreconf instead of autotools-dev to also fix FTBFS on ppc64el by + getting new libtool macros (still updates config.{sub,guess}). + * Use automake's "foreign" option to fix FTBFS while autoreconfing. + + -- Logan Rosen Wed, 08 Jan 2014 03:16:15 -0500 + +libonig (5.9.1-1) unstable; urgency=low + + [ Max Kellermann ] + * new upstream release + * acknowledge NMU, thanks Laurent (closes: #426355) + * run test suite after build + * added watch file + * bumped Standards-Version to 3.7.3 + * added homepage header to debian/control + * priority "extra" + + -- Alexander Wirt Mon, 07 Jan 2008 11:46:27 +0100 + +libonig (5.9.0-0.1) unstable; urgency=low + + * Non-maintainer upload. + * New upstream release (Closes: #426355) + * debian/control: + - Use binary:Version instead of Source-Version + * debian/rules: + - Don't hide make distclean error + - Fix copy of config.{sub,guess} + - Remove deprecated DH_COMPAT and use compat file instead + + -- Laurent Bigonville Sat, 04 Aug 2007 15:07:34 +0200 + +libonig (5.5.2-1) unstable; urgency=low + + * new upstream release + + -- Max Kellermann Wed, 14 Feb 2007 23:12:29 +0100 + +libonig (5.5.0-1) unstable; urgency=low + + [ Max Kellermann ] + * new upstream release + * update config.{sub,guess} in debian/rules + * removed libonig.la + + -- Alexander Wirt Wed, 6 Dec 2006 20:51:10 +0100 + +libonig (5.2.0-1) unstable; urgency=low + + * new upstream release + * updated copyright file since license has been changed to BSD + + -- Max Kellermann Wed, 15 Nov 2006 09:32:24 +0100 + +libonig (4.4.4-1) unstable; urgency=low + + * initial debian release (Closes: #388412) + + -- Max Kellermann Wed, 20 Sep 2006 12:17:40 +0200 --- libonig-5.9.1.orig/debian/compat +++ libonig-5.9.1/debian/compat @@ -0,0 +1 @@ +5 --- libonig-5.9.1.orig/debian/control +++ libonig-5.9.1/debian/control @@ -0,0 +1,36 @@ +Source: libonig +Section: libs +Priority: extra +Maintainer: Ubuntu Developers +XSBC-Original-Maintainer: Max Kellermann +Uploaders: Alexander Wirt +Homepage: http://www.geocities.jp/kosako3/oniguruma/ +Build-Depends: debhelper (>= 5), dh-autoreconf +Standards-Version: 3.7.3 + +Package: libonig2 +Architecture: any +Depends: ${shlibs:Depends} +Description: Oniguruma regular expressions library + The characteristics of this library is that different character + encoding for every regular expression object can be specified. + +Package: libonig2-dbg +Section: libdevel +Architecture: any +Depends: ${shlibs:Depends}, libonig2 (= ${binary:Version}) +Description: Debugging symbols for libonig2 + The characteristics of this library is that different character + encoding for every regular expression object can be specified. + . + This package provides the debugging symbols. + +Package: libonig-dev +Section: libdevel +Architecture: any +Depends: ${shlibs:Depends}, libonig2 (= ${binary:Version}) +Description: Development files for libonig2 + The characteristics of this library is that different character + encoding for every regular expression object can be specified. + . + This package provides development files and static libraries. --- libonig-5.9.1.orig/debian/copyright +++ libonig-5.9.1/debian/copyright @@ -0,0 +1,32 @@ +This package was debianized by Max Kellermann on +Tue Sep 19 21:00:57 CEST 2006 + +It was downloaded from http://www.geocities.jp/kosako3/oniguruma/ + +Upstream Author: K.Kosako + +Copyright: + + Copyright (c) 2002-2006 K.Kosako + All rights reserved. + + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions + are met: + 1. Redistributions of source code must retain the above copyright + notice, this list of conditions and the following disclaimer. + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + + THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND + ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + SUCH DAMAGE. --- libonig-5.9.1.orig/debian/libonig-dev.docs +++ libonig-5.9.1/debian/libonig-dev.docs @@ -0,0 +1,9 @@ +AUTHORS +README +README.ja +doc/API +doc/API.ja +doc/FAQ +doc/FAQ.ja +doc/RE +doc/RE.ja --- libonig-5.9.1.orig/debian/libonig-dev.examples +++ libonig-5.9.1/debian/libonig-dev.examples @@ -0,0 +1 @@ +sample/*.c --- libonig-5.9.1.orig/debian/libonig-dev.install +++ libonig-5.9.1/debian/libonig-dev.install @@ -0,0 +1,4 @@ +usr/bin/*-config +usr/lib/lib*.so +usr/lib/lib*.a +usr/include --- libonig-5.9.1.orig/debian/libonig2-dbg.dirs +++ libonig-5.9.1/debian/libonig2-dbg.dirs @@ -0,0 +1 @@ +usr/share/doc --- libonig-5.9.1.orig/debian/libonig2.install +++ libonig-5.9.1/debian/libonig2.install @@ -0,0 +1 @@ +usr/lib/lib*.so.* --- libonig-5.9.1.orig/debian/onig-config.1 +++ libonig-5.9.1/debian/onig-config.1 @@ -0,0 +1,50 @@ +.TH ONIG-CONFIG 1 +.SH NAME +onig-config - provide information about the installed version of libonig +.SH SYNOPSIS + +\fBonig-config\fR [ \fB --prefix\fI[=DIR]\fB \fR ] [ \fB --exec-prefix\fI[=DIR]\fB \fR ] [ \fB --libs \fR ] [ \fB --cflags \fR ] [ \fB --version \fR ] + +.SH DESCRIPTION +\fBonig-config\fR returns the configuration of the installed Oniguruma +library: the options required to compile a program which uses the +library. + + +.SH OPTIONS +.TP 10 +\fB--prefix=PREFIX\fR +If specified, use \fIPREFIX\fR instead +of the installation prefix that +\fIlibonig\fR was built with when computing +the output for the \fB--cflags\fR and +\fB--libs\fR options. This option is also used for +the exec prefix if \fB--exec-prefix\fR was +not specified. This option must be specified before any +\fB--libs\fR or \fB--cflags\fR options. +.TP +\fB--exec-prefix=PREFIX\fR +If specified, use \fIPREFIX\fR instead +of the installation exec prefix that +\fIlibonig\fR was built with when computing +the output for the \fB--cflags\fR and +\fB--libs\fR options. This option must be specified +before any \fB--libs\fR or \fB--cflags\fR options. +.TP +\fB--libs\fR +Print the linker flags that are necessary to link a +\fIlibonig\fR program. +.TP +\fB--cflags\fR +Print the compiler flags that are necessary to compile a +\fIlibonig\fR program. +.TP +\fB--version\fR +Print the currently installed version of +\fIlibonig\fR on the standard output. + + +.SH AUTHOR +This manual page was written by Max Kellermann for +the Debian GNU/Linux system (but may be used by others), based on +other Debian manual pages. --- libonig-5.9.1.orig/debian/patches/CVE-2017-9224-and-CVE-2017-9226-to-9229.patch +++ libonig-5.9.1/debian/patches/CVE-2017-9224-and-CVE-2017-9226-to-9229.patch @@ -0,0 +1,123 @@ +Author: "K.Kosako" +Description: +Correct CVE-2017-9224 and CVE-2017-922[6-9] + Fix multiple invalid pointer dereference, out-of-bounds write memory + corruption and stack buffer overflow, +Origin: Cherrypicked from upstream +Bug: https://github.com/kkos/oniguruma/issues/[55|57|58|59|60] +Bug-Debian: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=86331[2|4|5|6|8] +Forwarded: not-needed +Last-Update: 2017-05-25 +--- +This patch header follows DEP-3: http://dep.debian.net/deps/dep3/ +Index: 5.9.5-3.2-deb8u1/regexec.c +=================================================================== +--- 5.9.5-3.2-deb8u1.orig/regexec.c ++++ 5.9.5-3.2-deb8u1/regexec.c +@@ -1425,14 +1425,9 @@ match_at(regex_t* reg, const UChar* str, + break; + + case OP_EXACT1: MOP_IN(OP_EXACT1); +-#if 0 + DATA_ENSURE(1); + if (*p != *s) goto fail; + p++; s++; +-#endif +- if (*p != *s++) goto fail; +- DATA_ENSURE(0); +- p++; + MOP_OUT; + break; + +@@ -3128,6 +3123,8 @@ forward_search_range(regex_t* reg, const + } + else { + UChar *q = p + reg->dmin; ++ ++ if (q >= end) return 0; /* fail */ + while (p < q) p += enclen(reg->enc, p); + } + } +@@ -3207,18 +3204,25 @@ forward_search_range(regex_t* reg, const + } + else { + if (reg->dmax != ONIG_INFINITE_DISTANCE) { +- *low = p - reg->dmax; +- if (*low > s) { +- *low = onigenc_get_right_adjust_char_head_with_prev(reg->enc, s, +- *low, (const UChar** )low_prev); +- if (low_prev && IS_NULL(*low_prev)) +- *low_prev = onigenc_get_prev_char_head(reg->enc, +- (pprev ? pprev : s), *low); ++ if (p - str < reg->dmax) { ++ *low = (UChar* )str; ++ if (low_prev) ++ *low_prev = onigenc_get_prev_char_head(reg->enc, str, *low); + } + else { +- if (low_prev) +- *low_prev = onigenc_get_prev_char_head(reg->enc, +- (pprev ? pprev : str), *low); ++ *low = p - reg->dmax; ++ if (*low > s) { ++ *low = onigenc_get_right_adjust_char_head_with_prev(reg->enc, s, ++ *low, (const UChar** )low_prev); ++ if (low_prev && IS_NULL(*low_prev)) ++ *low_prev = onigenc_get_prev_char_head(reg->enc, ++ (pprev ? pprev : s), *low); ++ } ++ else { ++ if (low_prev) ++ *low_prev = onigenc_get_prev_char_head(reg->enc, ++ (pprev ? pprev : str), *low); ++ } + } + } + } +Index: 5.9.5-3.2-deb8u1/regparse.c +=================================================================== +--- 5.9.5-3.2-deb8u1.orig/regparse.c ++++ 5.9.5-3.2-deb8u1/regparse.c +@@ -3064,7 +3064,7 @@ fetch_token_in_cc(OnigToken* tok, UChar* + PUNFETCH; + prev = p; + num = scan_unsigned_octal_number(&p, end, 3, enc); +- if (num < 0) return ONIGERR_TOO_BIG_NUMBER; ++ if (num < 0 || num >= 256) return ONIGERR_TOO_BIG_NUMBER; + if (p == prev) { /* can't read nothing. */ + num = 0; /* but, it's not error */ + } +@@ -3436,7 +3436,7 @@ fetch_token(OnigToken* tok, UChar** src, + if (IS_SYNTAX_OP(syn, ONIG_SYN_OP_ESC_OCTAL3)) { + prev = p; + num = scan_unsigned_octal_number(&p, end, (c == '0' ? 2:3), enc); +- if (num < 0) return ONIGERR_TOO_BIG_NUMBER; ++ if (num < 0 || num >= 256) return ONIGERR_TOO_BIG_NUMBER; + if (p == prev) { /* can't read nothing. */ + num = 0; /* but, it's not error */ + } +@@ -4068,7 +4068,9 @@ next_state_class(CClassNode* cc, OnigCod + } + } + +- *state = CCS_VALUE; ++ if (*state != CCS_START) ++ *state = CCS_VALUE; ++ + *type = CCV_CLASS; + return 0; + } +@@ -4083,8 +4085,12 @@ next_state_val(CClassNode* cc, OnigCodeP + + switch (*state) { + case CCS_VALUE: +- if (*type == CCV_SB) ++ if (*type == CCV_SB) { ++ if (*vs > 0xff) ++ return ONIGERR_INVALID_CODE_POINT_VALUE; ++ + BITSET_SET_BIT(cc->bs, (int )(*vs)); ++ } + else if (*type == CCV_CODE_POINT) { + r = add_code_range(&(cc->mbuf), env, *vs, *vs); + if (r < 0) return r; --- libonig-5.9.1.orig/debian/rules +++ libonig-5.9.1/debian/rules @@ -0,0 +1,109 @@ +#!/usr/bin/make -f +# -*- mode: makefile; coding: utf-8 -*- + +# Uncomment this to turn on verbose mode. +#export DH_VERBOSE=1 + +DEB_HOST_GNU_TYPE ?= $(shell dpkg-architecture -qDEB_HOST_GNU_TYPE) +DEB_BUILD_GNU_TYPE ?= $(shell dpkg-architecture -qDEB_BUILD_GNU_TYPE) + +CFLAGS = -Wall -g + +ifneq (,$(findstring noopt,$(DEB_BUILD_OPTIONS))) + CFLAGS += -O0 +else + CFLAGS += -O2 -fno-strict-aliasing +endif + +configure: debian/stamp-configure +debian/stamp-configure: + dh_testdir + dh_autoreconf + CFLAGS="$(CFLAGS)" ./configure --host=$(DEB_HOST_GNU_TYPE) --build=$(DEB_BUILD_GNU_TYPE) \ + --disable-dependency-tracking \ + --without-rubydir \ + --prefix=/usr + + @touch $@ + +build: debian/stamp-build +debian/stamp-build: debian/stamp-configure + dh_testdir + + $(MAKE) + + @touch $@ + +check: debian/stamp-check +debian/stamp-check: debian/stamp-build + dh_testdir + + $(MAKE) check + + @touch $@ + +clean: + dh_testdir + dh_testroot + rm -f debian/stamp-* + + [ ! -f Makefile ] || $(MAKE) distclean + dh_autoreconf_clean + dh_clean + +install: debian/stamp-install +debian/stamp-install: debian/stamp-build + dh_testdir + dh_testroot + dh_clean -k + dh_installdirs + + $(MAKE) DESTDIR=`pwd`/debian/tmp install + + @touch $@ + +# Build architecture-independent files here. +binary-indep: build check install + dh_testdir -i + dh_testroot -i + dh_installdocs -i -A AUTHORS TODO README NEWS + dh_installchangelogs -i debian/no-upstream-changelog + dh_install -i --sourcedir=debian/tmp + dh_link -i + dh_strip -i + dh_compress -i + dh_fixperms -i + dh_installdeb -i + dh_shlibdeps -i + dh_gencontrol -i + dh_md5sums -i + dh_builddeb -i + +# Build architecture-dependent files here. +binary-arch: build check install + dh_testdir -a + dh_testroot -a + dh_installexamples -plibonig-dev + dh_installdocs -plibonig-dev + dh_installdocs -plibonig2 -A AUTHORS README README.ja + ln -sf libonig2 debian/libonig2-dbg/usr/share/doc/libonig2-dbg + dh_installman -plibonig-dev -A debian/onig-config.1 + dh_installchangelogs -plibonig2 HISTORY + dh_installchangelogs -plibonig-dev HISTORY + dh_install -a --sourcedir=debian/tmp + dh_link -a + dh_strip -a --dbg-package=libonig2-dbg + dh_compress -a + dh_fixperms -a + dh_makeshlibs -a -V 'libonig2 (>= 5.2.0)' + dh_installdeb -a + dh_shlibdeps -a + dh_gencontrol -a + dh_md5sums -a + dh_builddeb -a + +source diff: + @echo >&2 'source and diff are obsolete - use dpkg-source -b'; false + +binary: binary-indep binary-arch +.PHONY: configure build check clean binary-indep binary-arch binary install --- libonig-5.9.1.orig/debian/watch +++ libonig-5.9.1/debian/watch @@ -0,0 +1,5 @@ +version=3 + +http://www.geocities.jp/kosako3/oniguruma/ \ + archive/onig-(\S+)\.tar\.gz + --- libonig-5.9.1.orig/regexec.c +++ libonig-5.9.1/regexec.c @@ -1425,14 +1425,9 @@ break; case OP_EXACT1: MOP_IN(OP_EXACT1); -#if 0 DATA_ENSURE(1); if (*p != *s) goto fail; p++; s++; -#endif - if (*p != *s++) goto fail; - DATA_ENSURE(0); - p++; MOP_OUT; break; @@ -3130,6 +3125,8 @@ } else { UChar *q = p + reg->dmin; + + if (q >= end) return 0; /* fail */ while (p < q) p += enclen(reg->enc, p); } } @@ -3209,18 +3206,25 @@ } else { if (reg->dmax != ONIG_INFINITE_DISTANCE) { - *low = p - reg->dmax; - if (*low > s) { - *low = onigenc_get_right_adjust_char_head_with_prev(reg->enc, s, - *low, (const UChar** )low_prev); - if (low_prev && IS_NULL(*low_prev)) - *low_prev = onigenc_get_prev_char_head(reg->enc, - (pprev ? pprev : s), *low); + if (p - str < reg->dmax) { + *low = (UChar* )str; + if (low_prev) + *low_prev = onigenc_get_prev_char_head(reg->enc, str, *low); } else { - if (low_prev) - *low_prev = onigenc_get_prev_char_head(reg->enc, - (pprev ? pprev : str), *low); + *low = p - reg->dmax; + if (*low > s) { + *low = onigenc_get_right_adjust_char_head_with_prev(reg->enc, s, + *low, (const UChar** )low_prev); + if (low_prev && IS_NULL(*low_prev)) + *low_prev = onigenc_get_prev_char_head(reg->enc, + (pprev ? pprev : s), *low); + } + else { + if (low_prev) + *low_prev = onigenc_get_prev_char_head(reg->enc, + (pprev ? pprev : str), *low); + } } } } --- libonig-5.9.1.orig/regparse.c +++ libonig-5.9.1/regparse.c @@ -3056,7 +3056,7 @@ PUNFETCH; prev = p; num = scan_unsigned_octal_number(&p, end, 3, enc); - if (num < 0) return ONIGERR_TOO_BIG_NUMBER; + if (num < 0 || num >= 256) return ONIGERR_TOO_BIG_NUMBER; if (p == prev) { /* can't read nothing. */ num = 0; /* but, it's not error */ } @@ -3428,7 +3428,7 @@ if (IS_SYNTAX_OP(syn, ONIG_SYN_OP_ESC_OCTAL3)) { prev = p; num = scan_unsigned_octal_number(&p, end, (c == '0' ? 2:3), enc); - if (num < 0) return ONIGERR_TOO_BIG_NUMBER; + if (num < 0 || num >= 256) return ONIGERR_TOO_BIG_NUMBER; if (p == prev) { /* can't read nothing. */ num = 0; /* but, it's not error */ } @@ -4062,7 +4062,9 @@ } } - *state = CCS_VALUE; + if (*state != CCS_START) + *state = CCS_VALUE; + *type = CCV_CLASS; return 0; } @@ -4077,8 +4079,12 @@ switch (*state) { case CCS_VALUE: - if (*type == CCV_SB) + if (*type == CCV_SB) { + if (*vs > 0xff) + return ONIGERR_INVALID_CODE_POINT_VALUE; + BITSET_SET_BIT(cc->bs, (int )(*vs)); + } else if (*type == CCV_CODE_POINT) { r = add_code_range(&(cc->mbuf), env, *vs, *vs); if (r < 0) return r;