[Pkg-gnupg-commit] [gnupg2] 08/42: g10: Fix regexp sanitization.

[Daniel Kahn Gillmor]

This is an automated email from the git hooks/post-receive script.

dkg pushed a commit to branch upstream
in repository gnupg2.

commit 0d0b9eb0d4f99e8d293a4ce4b90921a879905115
Author: NIIBE Yutaka <gniibe at fsij.org>
Date:   Thu Nov 9 14:03:22 2017 +0900

    g10: Fix regexp sanitization.
    
    * g10/trustdb.c (sanitize_regexp): Only escape operators.
    
    --
    
    Backport from master commit:
    	ccf3ba92087e79abdeaa0208795829b431c6f201
    
    To sanitize a regular expression, quoting by backslash should be only
    done for defined characters.  POSIX defines 12 characters including
    dot and backslash.
    
    Quoting other characters is wrong, in two ways; It may build an
    operator like: \b, \s, \w when using GNU library.  Case ignored match
    doesn't work, because quoting lower letter means literally and no
    much to upper letter.
    
    GnuPG-bug-id: 2923
    Co-authored-by: Damien Goutte-Gattat <dgouttegattat at incenp.org>
    Signed-off-by: NIIBE Yutaka <gniibe at fsij.org>
---
 g10/trustdb.c | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/g10/trustdb.c b/g10/trustdb.c
index 92c1ca5..0a98c12 100644
--- a/g10/trustdb.c
+++ b/g10/trustdb.c
@@ -1505,6 +1505,10 @@ store_validation_status (ctrl_t ctrl, int depth,
 /* Returns a sanitized copy of the regexp (which might be "", but not
    NULL). */
 #ifndef DISABLE_REGEX
+/* Operator charactors except '.' and backslash.
+   See regex(7) on BSD.  */
+#define REGEXP_OPERATOR_CHARS "^[$()|*+?{"
+
 static char *
 sanitize_regexp(const char *old)
 {
@@ -1544,7 +1548,7 @@ sanitize_regexp(const char *old)
     {
       if(!escaped && old[start]=='\\')
 	escaped=1;
-      else if(!escaped && old[start]!='.')
+      else if (!escaped && strchr (REGEXP_OPERATOR_CHARS, old[start]))
 	new[idx++]='\\';
       else
 	escaped=0;

-- 
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-gnupg/gnupg2.git