[libyaml-libyaml-perl] 03/04: Add libyaml-guard-against-overflows-in-indent-and-flow_level.patch patch
Salvatore Bonaccorso
carnil at debian.org
Thu Feb 27 19:25:18 UTC 2014
This is an automated email from the git hooks/post-receive script.
carnil pushed a commit to branch master
in repository libyaml-libyaml-perl.
commit 97e947a1e513b47e8b08824ec3756e5a61c895ef
Author: Salvatore Bonaccorso <carnil at debian.org>
Date: Sun Feb 23 22:28:01 2014 +0100
Add libyaml-guard-against-overflows-in-indent-and-flow_level.patch patch
Guard against overflows in indent and flow_level.
---
...gainst-overflows-in-indent-and-flow_level.patch | 86 ++++++++++++++++++++++
debian/patches/series | 1 +
2 files changed, 87 insertions(+)
diff --git a/debian/patches/libyaml-guard-against-overflows-in-indent-and-flow_level.patch b/debian/patches/libyaml-guard-against-overflows-in-indent-and-flow_level.patch
new file mode 100644
index 0000000..370fbd2
--- /dev/null
+++ b/debian/patches/libyaml-guard-against-overflows-in-indent-and-flow_level.patch
@@ -0,0 +1,86 @@
+Description: Guard against overflows in indent and flow_level
+Origin: upstream, https://bitbucket.org/xi/libyaml/commits/f859ed1eb757a3562b98a28a8ce69274bfd4b3f2,
+ https://bitbucket.org/xi/libyaml/commits/af3599437a87162554787c52d8b16eab553f537b
+Last-Update: 2014-02-10
+Applied-Upstream: 0.1.5
+
+--- a/LibYAML/scanner.c
++++ b/LibYAMLscanner.c
+@@ -615,11 +615,11 @@
+ */
+
+ static int
+-yaml_parser_roll_indent(yaml_parser_t *parser, int column,
+- int number, yaml_token_type_t type, yaml_mark_t mark);
++yaml_parser_roll_indent(yaml_parser_t *parser, ptrdiff_t column,
++ ptrdiff_t number, yaml_token_type_t type, yaml_mark_t mark);
+
+ static int
+-yaml_parser_unroll_indent(yaml_parser_t *parser, int column);
++yaml_parser_unroll_indent(yaml_parser_t *parser, ptrdiff_t column);
+
+ /*
+ * Token fetchers.
+@@ -1103,7 +1103,7 @@
+ */
+
+ int required = (!parser->flow_level
+- && parser->indent == (int)parser->mark.column);
++ && parser->indent == (ptrdiff_t)parser->mark.column);
+
+ /*
+ * A simple key is required only when it is the first token in the current
+@@ -1176,6 +1176,11 @@
+
+ /* Increase the flow level. */
+
++ if (parser->flow_level == INT_MAX) {
++ parser->error = YAML_MEMORY_ERROR;
++ return 0;
++ }
++
+ parser->flow_level++;
+
+ return 1;
+@@ -1206,8 +1211,8 @@
+ */
+
+ static int
+-yaml_parser_roll_indent(yaml_parser_t *parser, int column,
+- int number, yaml_token_type_t type, yaml_mark_t mark)
++yaml_parser_roll_indent(yaml_parser_t *parser, ptrdiff_t column,
++ ptrdiff_t number, yaml_token_type_t type, yaml_mark_t mark)
+ {
+ yaml_token_t token;
+
+@@ -1226,6 +1231,11 @@
+ if (!PUSH(parser, parser->indents, parser->indent))
+ return 0;
+
++ if (column > INT_MAX) {
++ parser->error = YAML_MEMORY_ERROR;
++ return 0;
++ }
++
+ parser->indent = column;
+
+ /* Create a token and insert it into the queue. */
+@@ -1254,7 +1264,7 @@
+
+
+ static int
+-yaml_parser_unroll_indent(yaml_parser_t *parser, int column)
++yaml_parser_unroll_indent(yaml_parser_t *parser, ptrdiff_t column)
+ {
+ yaml_token_t token;
+
+--- a/LibYAML/yaml_private.h
++++ b/LibYAML/yaml_private.h
+@@ -7,6 +7,7 @@
+
+ #include <assert.h>
+ #include <limits.h>
++#include <stddef.h>
+
+ /*
+ * Memory management.
diff --git a/debian/patches/series b/debian/patches/series
index 3028c1d..627ee5e 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -2,3 +2,4 @@ fix_ftbfs_hardening_flags.diff
disable-update.sh.patch
libyaml-string-overflow.patch
libyaml-node-id-hardening.patch
+libyaml-guard-against-overflows-in-indent-and-flow_level.patch
--
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-perl/packages/libyaml-libyaml-perl.git
More information about the Pkg-perl-cvs-commits
mailing list