[pkg-boost-commits] r14144 - in boost/trunk: boost/regex/v4 debian debian/patches libs/regex/test/regress

cavok at alioth.debian.org cavok at alioth.debian.org
Thu Jan 17 18:01:46 UTC 2008 

Author: cavok
Date: 2008-01-17 18:01:36 +0000 (Thu, 17 Jan 2008)
New Revision: 14144

Added:
   boost/trunk/debian/patches/05_regex_fixes.patch
Modified:
   boost/trunk/boost/regex/v4/basic_regex_parser.hpp
   boost/trunk/debian/changelog
   boost/trunk/libs/regex/test/regress/test_perl_ex.cpp
Log:
re-synchronized with ubuntu, fixes #461236

Modified: boost/trunk/boost/regex/v4/basic_regex_parser.hpp
===================================================================
--- boost/trunk/boost/regex/v4/basic_regex_parser.hpp	2007-12-28 20:19:48 UTC (rev 14143)
+++ boost/trunk/boost/regex/v4/basic_regex_parser.hpp	2008-01-17 18:01:36 UTC (rev 14144)
@@ -777,6 +777,7 @@
       case syntax_element_restart_continue:
       case syntax_element_jump:
       case syntax_element_startmark:
+      case syntax_element_backstep:
          // can't legally repeat any of the above:
          fail(regex_constants::error_badrepeat, m_position - m_base);
          return false;
@@ -1862,6 +1863,7 @@
    if(markid == -4)
    {
       re_syntax_base* b = this->getaddress(expected_alt_point);
+      // Make sure we have exactly one alternative following this state:
       if(b->type != syntax_element_alt)
       {
          re_alt* alt = static_cast<re_alt*>(this->insert_state(expected_alt_point, syntax_element_alt, sizeof(re_alt)));
@@ -1872,6 +1874,15 @@
          fail(regex_constants::error_bad_pattern, m_position - m_base);
          return false;
       }
+      // check for invalid repetition of next state:
+      b = this->getaddress(expected_alt_point);
+      b = this->getaddress(static_cast<re_alt*>(b)->next.i, b);
+      if((b->type != syntax_element_assert_backref)
+         && (b->type != syntax_element_startmark))
+      {
+         fail(regex_constants::error_badrepeat, m_position - m_base);
+         return false;
+      }
    }
    //
    // append closing parenthesis state:

Modified: boost/trunk/debian/changelog
===================================================================
--- boost/trunk/debian/changelog	2007-12-28 20:19:48 UTC (rev 14143)
+++ boost/trunk/debian/changelog	2008-01-17 18:01:36 UTC (rev 14144)
@@ -1,3 +1,10 @@
+boost (1.34.1-5) experimental; urgency=low
+
+  * Re-synchronized with friends from Ubuntu. Thanks!
+    - got fixes for CVE-2008-0171 and CVE-2008-0172.  Closes: #461236.
+
+ -- Domenico Andreoli <cavok at debian.org>  Thu, 17 Jan 2008 19:00:27 +0100
+
 boost (1.34.1-4) unstable; urgency=low
 
   * Merged Steve Langasek's -2.1 and -2.2 changes into
@@ -5,6 +12,19 @@
 
  -- Steve M. Robbins <smr at debian.org>  Sun, 23 Dec 2007 21:14:55 -0600
 
+boost (1.34.1-2.3) unstable; urgency=low
+
+  * debian/patches/05_regex_fixes.patch: fix for
+    basic_regex_parser() in boost/regex/v4/basic_regex_parser.hpp to return
+    error on invalid repetition of next state
+  * References
+    CVE-2008-0171
+    CVE-2008-0172
+    http://svn.boost.org/trac/boost/changeset/42674
+    http://svn.boost.org/trac/boost/changeset/42745
+
+ -- Jamie Strandboge <jamie at strandboge.com>  Tue, 15 Jan 2008 18:22:26 +0000
+
 boost (1.34.1-2.2) unstable; urgency=low
 
   * Non-maintainer upload.

Added: boost/trunk/debian/patches/05_regex_fixes.patch
===================================================================
--- boost/trunk/debian/patches/05_regex_fixes.patch	                        (rev 0)
+++ boost/trunk/debian/patches/05_regex_fixes.patch	2008-01-17 18:01:36 UTC (rev 14144)
@@ -0,0 +1,56 @@
+diff -Naur ../unpatched/boost-1.34.1/boost/regex/v4/basic_regex_parser.hpp boost-1.34.1/boost/regex/v4/basic_regex_parser.hpp
+--- ../unpatched/boost-1.34.1/boost/regex/v4/basic_regex_parser.hpp	2006-12-20 17:19:05.000000000 +0000
++++ boost-1.34.1/boost/regex/v4/basic_regex_parser.hpp	2008-01-15 18:20:54.000000000 +0000
+@@ -777,6 +777,7 @@
+       case syntax_element_restart_continue:
+       case syntax_element_jump:
+       case syntax_element_startmark:
++      case syntax_element_backstep:
+          // can't legally repeat any of the above:
+          fail(regex_constants::error_badrepeat, m_position - m_base);
+          return false;
+@@ -1862,6 +1863,7 @@
+    if(markid == -4)
+    {
+       re_syntax_base* b = this->getaddress(expected_alt_point);
++      // Make sure we have exactly one alternative following this state:
+       if(b->type != syntax_element_alt)
+       {
+          re_alt* alt = static_cast<re_alt*>(this->insert_state(expected_alt_point, syntax_element_alt, sizeof(re_alt)));
+@@ -1872,6 +1874,15 @@
+          fail(regex_constants::error_bad_pattern, m_position - m_base);
+          return false;
+       }
++      // check for invalid repetition of next state:
++      b = this->getaddress(expected_alt_point);
++      b = this->getaddress(static_cast<re_alt*>(b)->next.i, b);
++      if((b->type != syntax_element_assert_backref)
++         && (b->type != syntax_element_startmark))
++      {
++         fail(regex_constants::error_badrepeat, m_position - m_base);
++         return false;
++      }
+    }
+    //
+    // append closing parenthesis state:
+diff -Naur ../unpatched/boost-1.34.1/libs/regex/test/regress/test_perl_ex.cpp boost-1.34.1/libs/regex/test/regress/test_perl_ex.cpp
+--- ../unpatched/boost-1.34.1/libs/regex/test/regress/test_perl_ex.cpp	2005-09-14 12:20:08.000000000 +0000
++++ boost-1.34.1/libs/regex/test/regress/test_perl_ex.cpp	2008-01-15 18:20:54.000000000 +0000
+@@ -121,6 +121,17 @@
+    TEST_INVALID_REGEX("(?:(a)|b)(?(?:", perl);
+    TEST_INVALID_REGEX("(?:(a)|b)(?(?<", perl);
+    TEST_INVALID_REGEX("(?:(a)|b)(?(?<a", perl);
++
++   TEST_INVALID_REGEX("(?(?!#?)+)", perl);
++   TEST_INVALID_REGEX("(?(?=:-){0})", perl);
++   TEST_INVALID_REGEX("(?(123){1})", perl);
++   TEST_INVALID_REGEX("(?(?<=A)*)", perl);
++   TEST_INVALID_REGEX("(?(?<=A)+)", perl);
++
++   TEST_INVALID_REGEX("(?<!*|^)", perl);
++   TEST_INVALID_REGEX("(?<!*|A)", perl);
++   TEST_INVALID_REGEX("(?<=?|A)", perl);
++   TEST_INVALID_REGEX("(?<=*|\\B)", perl);
+ }
+ 
+ void test_options()

Modified: boost/trunk/libs/regex/test/regress/test_perl_ex.cpp
===================================================================
--- boost/trunk/libs/regex/test/regress/test_perl_ex.cpp	2007-12-28 20:19:48 UTC (rev 14143)
+++ boost/trunk/libs/regex/test/regress/test_perl_ex.cpp	2008-01-17 18:01:36 UTC (rev 14144)
@@ -121,6 +121,17 @@
    TEST_INVALID_REGEX("(?:(a)|b)(?(?:", perl);
    TEST_INVALID_REGEX("(?:(a)|b)(?(?<", perl);
    TEST_INVALID_REGEX("(?:(a)|b)(?(?<a", perl);
+
+   TEST_INVALID_REGEX("(?(?!#?)+)", perl);
+   TEST_INVALID_REGEX("(?(?=:-){0})", perl);
+   TEST_INVALID_REGEX("(?(123){1})", perl);
+   TEST_INVALID_REGEX("(?(?<=A)*)", perl);
+   TEST_INVALID_REGEX("(?(?<=A)+)", perl);
+
+   TEST_INVALID_REGEX("(?<!*|^)", perl);
+   TEST_INVALID_REGEX("(?<!*|A)", perl);
+   TEST_INVALID_REGEX("(?<=?|A)", perl);
+   TEST_INVALID_REGEX("(?<=*|\\B)", perl);
 }
 
 void test_options()

More information about the pkg-boost-commits mailing list