[arch-commits] Commit in pcre/trunk (3 files)

Eric Belanger eric at archlinux.org
Mon Jul 7 12:12:01 EDT 2008


    Date: Monday, July 7, 2008 @ 12:12:00
  Author: eric
Revision: 4449

upgpkg: pcre 7.7-2
    Security fix: buffer overflow (close FS#10845)

Added:
  pcre/trunk/libpcre-7.7-buffer-overflow.patch
Modified:
  pcre/trunk/ChangeLog
  pcre/trunk/PKGBUILD

-----------------------------------+
 ChangeLog                         |    5 +++++
 PKGBUILD                          |   24 +++++++++++++-----------
 libpcre-7.7-buffer-overflow.patch |   16 ++++++++++++++++
 3 files changed, 34 insertions(+), 11 deletions(-)

Modified: ChangeLog
===================================================================
--- ChangeLog	2008-07-07 15:59:06 UTC (rev 4448)
+++ ChangeLog	2008-07-07 16:12:00 UTC (rev 4449)
@@ -1,3 +1,8 @@
+2008-07-07  Eric Belanger  <eric at archlinux.org>
+
+	* pcre 7.7-2
+	* Added libpcre-7.7-buffer-overflow.patch to fix buffer overflow (close FS#10845)
+
 2008-05-10  Eric Belanger  <eric at archlinux.org>
 
 	* pcre 7.7-1

Modified: PKGBUILD
===================================================================
--- PKGBUILD	2008-07-07 15:59:06 UTC (rev 4448)
+++ PKGBUILD	2008-07-07 16:12:00 UTC (rev 4449)
@@ -4,7 +4,7 @@
 
 pkgname=pcre
 pkgver=7.7
-pkgrel=1
+pkgrel=2
 pkgdesc="A library that implements Perl 5-style regular expressions"
 arch=('i686' 'x86_64') 
 url="http://pcre.sourceforge.net"
@@ -12,19 +12,21 @@
 groups=('base')
 depends=('gcc-libs')
 options=('!libtool' '!makeflags')
-source=(ftp://ftp.csx.cam.ac.uk/pub/software/programming/pcre/${pkgname}-${pkgver}.tar.bz2)
-md5sums=('4b2e9cde1f7227448dddba59843efa0b')
-sha1sums=('f1f54d3e13e6cb427de962e62eaaee32c74cba38')
+source=(ftp://ftp.csx.cam.ac.uk/pub/software/programming/pcre/${pkgname}-${pkgver}.tar.bz2 \
+        libpcre-7.7-buffer-overflow.patch)
+md5sums=('4b2e9cde1f7227448dddba59843efa0b' 'ea2204b6a0cbc83b3ca925ace06459a1')
+sha1sums=('f1f54d3e13e6cb427de962e62eaaee32c74cba38' '5a69fb97f1fa547f9012082221a6b98d77b65277')
 
 build() {
-  cd ${startdir}/src/${pkgname}-${pkgver}
+  cd ${srcdir}/${pkgname}-${pkgver}
   [ "${CARCH}" = "x86_64" ] && export CFLAGS="${CFLAGS} -fPIC"
-  ./configure --prefix=/usr --enable-utf8 --enable-unicode-properties
+  patch -p1 < ../libpcre-7.7-buffer-overflow.patch || return 1
+  ./configure --prefix=/usr --enable-utf8 --enable-unicode-properties || return 1
   make || return 1
-  make DESTDIR=${startdir}/pkg install
+  make DESTDIR=${pkgdir} install || return 1
   # grep uses pcre, so we need the libs in /lib
-  mkdir -p ${startdir}/pkg/lib
-  mv ${startdir}/pkg/usr/lib/libpcre.so.* ${startdir}/pkg/lib/
-  ln -sf ../../lib/libpcre.so.0 ${startdir}/pkg/usr/lib/libpcre.so
-  install -D -m644 LICENCE ${startdir}/pkg/usr/share/licenses/${pkgname}/license.txt
+  mkdir -p ${pkgdir}/lib
+  mv ${pkgdir}/usr/lib/libpcre.so.* ${pkgdir}/lib/ || return 1
+  ln -sf ../../lib/libpcre.so.0 ${pkgdir}/usr/lib/libpcre.so || return 1
+  install -D -m644 LICENCE ${pkgdir}/usr/share/licenses/${pkgname}/license.txt || return 1
 }

Added: libpcre-7.7-buffer-overflow.patch
===================================================================
--- libpcre-7.7-buffer-overflow.patch	                        (rev 0)
+++ libpcre-7.7-buffer-overflow.patch	2008-07-07 16:12:00 UTC (rev 4449)
@@ -0,0 +1,16 @@
+diff -NrU5 pcre-7.7.orig/pcre_compile.c pcre-7.7/pcre_compile.c
+--- pcre-7.7.orig/pcre_compile.c	2008-06-18 17:08:49.000000000 +0200
++++ pcre-7.7/pcre_compile.c	2008-06-18 17:11:04.000000000 +0200
+@@ -4929,11 +4929,11 @@
+           {
+           if (code == cd->start_code + 1 + LINK_SIZE &&
+                (lengthptr == NULL || *lengthptr == 2 + 2*LINK_SIZE))
+             {
+             cd->external_options = newoptions;
+-            options = newoptions;
++            options = *optionsptr = newoptions;
+             }
+          else
+             {
+             if ((options & PCRE_IMS) != (newoptions & PCRE_IMS))
+               {





More information about the arch-commits mailing list