[Pkg-gnupg-commit] [gnupg1] 01/08: import upstream bugfix for regexp sanitization

Tue Feb 6 03:11:13 UTC 2018

This is an automated email from the git hooks/post-receive script.

dkg pushed a commit to branch master
in repository gnupg1.

commit 9081606ac6ebc2c3848b176772d8866ad5c69f47
Author: Daniel Kahn Gillmor <dkg at fifthhorseman.net>
Date:   Mon Feb 5 21:55:52 2018 -0500

    import upstream bugfix for regexp sanitization
---
 .../patches/0009-g10-Fix-regexp-sanitization.patch | 61 ++++++++++++++++++++++
 debian/patches/series                              |  1 +
 2 files changed, 62 insertions(+)

diff --git a/debian/patches/0009-g10-Fix-regexp-sanitization.patch b/debian/patches/0009-g10-Fix-regexp-sanitization.patch
new file mode 100644
index 0000000..8a16706
--- /dev/null
+++ b/debian/patches/0009-g10-Fix-regexp-sanitization.patch
@@ -0,0 +1,61 @@
+From: NIIBE Yutaka <gniibe at fsij.org>
+Date: Thu, 9 Nov 2017 14:03:22 +0900
+Subject: g10: Fix regexp sanitization.
+
+* g10/trustdb.c (sanitize_regexp): Only escape operators.
+
+--
+
+Backport from master commit:
+	ccf3ba92087e79abdeaa0208795829b431c6f201
+
+To sanitize a regular expression, quoting by backslash should be only
+done for defined characters.  POSIX defines 12 characters including
+dot and backslash.
+
+Quoting other characters is wrong, in two ways; It may build an
+operator like: \b, \s, \w when using GNU library.  Case ignored match
+doesn't work, because quoting lower letter means literally and no
+much to upper letter.
+
+GnuPG-bug-id: 2923
+Co-authored-by: Damien Goutte-Gattat <dgouttegattat at incenp.org>
+Signed-off-by: NIIBE Yutaka <gniibe at fsij.org>
+(cherry picked from commit 9441946e1824eb58249c58432ed1f554d0d8a102)
+---
+ g10/trustdb.c | 8 +++++++-
+ 1 file changed, 7 insertions(+), 1 deletion(-)
+
+diff --git a/g10/trustdb.c b/g10/trustdb.c
+index 1e3ef5f..13fa321 100644
+--- a/g10/trustdb.c
++++ b/g10/trustdb.c
+@@ -1817,6 +1817,11 @@ clean_key(KBNODE keyblock,int noisy,int self_only,
+ 
+ /* Returns a sanitized copy of the regexp (which might be "", but not
+    NULL). */
++#ifndef DISABLE_REGEX
++/* Operator charactors except '.' and backslash.
++   See regex(7) on BSD.  */
++#define REGEXP_OPERATOR_CHARS "^[$()|*+?{"
++
+ static char *
+ sanitize_regexp(const char *old)
+ {
+@@ -1856,7 +1861,7 @@ sanitize_regexp(const char *old)
+     {
+       if(!escaped && old[start]=='\\')
+ 	escaped=1;
+-      else if(!escaped && old[start]!='.')
++      else if (!escaped && strchr (REGEXP_OPERATOR_CHARS, old[start]))
+ 	new[idx++]='\\';
+       else
+ 	escaped=0;
+@@ -1877,6 +1882,7 @@ sanitize_regexp(const char *old)
+ 
+   return new;
+ }
++#endif /*!DISABLE_REGEX*/
+ 
+ /* Used by validate_one_keyblock to confirm a regexp within a trust
+    signature.  Returns 1 for match, and 0 for no match or regex
diff --git a/debian/patches/series b/debian/patches/series
index fa9f92f..ee8466c 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -6,3 +6,4 @@
 0006-po-Update-Spanish-translation.patch
 0007-Import-dutch-po-file-Closes-845695.patch
 0008-undocument-unimplemented-faked-system-time-Closes-76.patch
+0009-g10-Fix-regexp-sanitization.patch

-- 
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-gnupg/gnupg1.git

