openpkg
/
openpkg-packages
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
93719 Commits
1 Branch
2 Tags
575 MiB
 
 
 
 
 
 
Tree: e9dbc43ba1
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'e9dbc43ba1'
${ noResults }
openpkg-packages/hypermail/hypermail.patch

124 lines
3.7 KiB
Raw Blame History

Index: src/proto.h
--- src/proto.h.orig 2003-07-04 01:00:18 +0200
+++ src/proto.h 2004-12-15 10:09:08 +0100
@@ -94,7 +94,9 @@
char *PushString(struct Push *, const char *);
char *PushNString(struct Push *, const char *, int);
+#ifndef HAVE_STRCASESTR
char *strcasestr (char *, const char *);
+#endif
char *strsav(const char *);
char *strreplace(char *, char *);
void strcpymax(char *, const char *, int);
------------------------------------------------------------------------------
Security Fix (CAN-2005-2491)
Index: src/pcre/pcre.c
--- src/pcre/pcre.c.orig 2003-07-03 20:04:06 +0200
+++ src/pcre/pcre.c 2005-09-05 16:29:25 +0200
@@ -908,7 +908,18 @@
int min = 0;
int max = -1;
+/* Read the minimum value and do a paranoid check: a negative value indicates
+an integer overflow. */
+
while ((digitab[*p] & ctype_digit) != 0) min = min * 10 + *p++ - '0';
+if (min < 0 || min > 65535)
+ {
+ *errorptr = ERR5;
+ return p;
+ }
+
+/* Read the maximum value if there is one, and again do a paranoid on its size.
+Also, max must not be less than min. */
if (*p == '}') max = min; else
{
@@ -916,6 +927,11 @@
{
max = 0;
while((digitab[*p] & ctype_digit) != 0) max = max * 10 + *p++ - '0';
+ if (max < 0 || max > 65535)
+ {
+ *errorptr = ERR5;
+ return p;
+ }
if (max < min)
{
*errorptr = ERR4;
@@ -3765,6 +3781,7 @@
BOOL class_utf8;
#endif
BOOL inescq = FALSE;
+BOOL capturing;
unsigned int brastackptr = 0;
size_t size;
uschar *code;
@@ -4169,6 +4186,7 @@
case '(':
branch_newextra = 0;
bracket_length = 1 + LINK_SIZE;
+ capturing = FALSE;
/* Handle special forms of bracket, which all start (? */
@@ -4256,6 +4274,9 @@
case 'P':
ptr += 3;
+
+ /* Handle the definition of a named subpattern */
+
if (*ptr == '<')
{
const uschar *p; /* Don't amalgamate; some compilers */
@@ -4268,9 +4289,12 @@
}
name_count++;
if (ptr - p > max_name_size) max_name_size = (ptr - p);
+ capturing = TRUE; /* Named parentheses are always capturing */
break;
}
+ /* Handle back references and recursive calls to named subpatterns */
+
if (*ptr == '=' || *ptr == '>')
{
while ((compile_block.ctypes[*(++ptr)] & ctype_word) != 0);
@@ -4445,18 +4469,24 @@
continue;
}
- /* If options were terminated by ':' control comes here. Fall through
- to handle the group below. */
+ /* If options were terminated by ':' control comes here. This is a
+ non-capturing group with an options change. There is nothing more that
+ needs to be done because "capturing" is already set FALSE by default;
+ we can just fall through. */
+
}
}
- /* Extracting brackets must be counted so we can process escapes in a
- Perlish way. If the number exceeds EXTRACT_BASIC_MAX we are going to
- need an additional 3 bytes of store per extracting bracket. However, if
- PCRE_NO_AUTO)CAPTURE is set, unadorned brackets become non-capturing, so we
- must leave the count alone (it will aways be zero). */
+ /* Ordinary parentheses, not followed by '?', are capturing unless
+ PCRE_NO_AUTO_CAPTURE is set. */
+
+ else capturing = (options & PCRE_NO_AUTO_CAPTURE) == 0;
+
+ /* Capturing brackets must be counted so we can process escapes in a
+ Perlish way. If the number exceeds EXTRACT_BASIC_MAX we are going to need
+ an additional 3 bytes of memory per capturing bracket. */
- else if ((options & PCRE_NO_AUTO_CAPTURE) == 0)
+ if (capturing)
{
bracount++;
if (bracount > EXTRACT_BASIC_MAX) bracket_length += 3;