'fix for pcre problem in math/gunmeric'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       openbsd-ports
Subject:    fix for pcre problem in math/gunmeric
From:       marc () msys ! ch
Date:       2005-08-27 11:15:59
Message-ID: 43104B6F.3060906 () msys ! ch
[Download RAW message or body]

this patch fixes the pcre problem/vulnerability in math/gnumeric.

ok?

["math_gnumeric.diff" (text/plain)]

diff -urN -x CVS math/gnumeric/Makefile math/gnumeric.p0/Makefile
--- math/gnumeric/Makefile	Fri May 27 19:50:26 2005
+++ math/gnumeric.p0/Makefile	Sat Aug 27 12:17:38 2005
@@ -4,6 +4,8 @@
 
 VERSION=		1.4.3
 DISTNAME=		gnumeric-${VERSION}
+PKGNAME=		${DISTNAME}p0
+
 CATEGORIES=    		math x11/gnome
 
 HOMEPAGE=		http://www.gnome.org/projects/gnumeric/
diff -urN -x CVS math/gnumeric/patches/patch-src_cut-n-paste-code_goffice_cut-n-paste_pcre_pcre_c \
                math/gnumeric.p0/patches/patch-src_cut-n-paste-code_goffice_cut-n-paste_pcre_pcre_c
                
--- math/gnumeric/patches/patch-src_cut-n-paste-code_goffice_cut-n-paste_pcre_pcre_c	Thu \
                Jan  1 01:00:00 1970
+++ math/gnumeric.p0/patches/patch-src_cut-n-paste-code_goffice_cut-n-paste_pcre_pcre_c	Sat \
Aug 27 12:15:42 2005 @@ -0,0 +1,55 @@
+$OpenBSD$
+--- src/cut-n-paste-code/goffice/cut-n-paste/pcre/pcre.c.orig	Fri Oct 29 20:13:19 \
2004 ++++ src/cut-n-paste-code/goffice/cut-n-paste/pcre/pcre.c	Sat Aug 27 12:10:16 \
2005 +@@ -1062,14 +1062,30 @@ read_repeat_counts(const uschar *p, int 
+ int min = 0;
+ int max = -1;
+ 
++/* Read the minimum value and do a paranoid check: a negative value indicates
++an integer overflow. */
++
+ while ((digitab[*p] & ctype_digit) != 0) min = min * 10 + *p++ - '0';
++if (min < 0 || min > 65535)
++  {
++  *errorptr = ERR5;
++  return p;
++  }
+ 
++/* Read the maximum value if there is one, and again do a paranoid on its size.
++Also, max must not be less than min. */
++
+ if (*p == '}') max = min; else
+   {
+   if (*(++p) != '}')
+     {
+     max = 0;
+     while((digitab[*p] & ctype_digit) != 0) max = max * 10 + *p++ - '0';
++    if (max < 0 || max > 65535)
++      {
++      *errorptr = ERR5;
++      return p;
++      }
+     if (max < min)
+       {
+       *errorptr = ERR4;
+@@ -1078,16 +1094,11 @@ if (*p == '}') max = min; else
+     }
+   }
+ 
+-/* Do paranoid checks, then fill in the required variables, and pass back the
+-pointer to the terminating '}'. */
++/* Fill in the required variables, and pass back the pointer to the terminating
++'}'. */
+ 
+-if (min > 65535 || max > 65535)
+-  *errorptr = ERR5;
+-else
+-  {
+-  *minp = min;
+-  *maxp = max;
+-  }
++*minp = min;
++*maxp = max;
+ return p;
+ }
+ 



[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic