rpms
/
boost
2
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Add patch for Boost.Regex integer overflow (#1564252)

This commit is contained in:
Jonathan Wakely 2018-04-18 18:46:36 +01:00
parent d2d8b8a7f3
commit 6aa7147c5a
2 changed files with 35 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

26
boost-1.64.0-regex-overflow.patch Normal file
View File

@ -0,0 +1,26 @@
From bc9b25b5d3c3784543158510c6087d41739ab64a Mon Sep 17 00:00:00 2001
From: jzmaddock <john@johnmaddock.co.uk>
Date: Mon, 31 Jul 2017 19:18:10 +0100
Subject: [PATCH] Fix potential overflow in max_state_count calculation. Fixes:
https://svn.boost.org/trac10/ticket/13036.
---
include/boost/regex/v4/perl_matcher_common.hpp | 5 +++++
1 file changed, 5 insertions(+)
diff --git a/include/boost/regex/v4/perl_matcher_common.hpp b/include/boost/regex/v4/perl_matcher_common.hpp
index 7974e7483..f08e9d434 100644
--- a/include/boost/regex/v4/perl_matcher_common.hpp
+++ b/include/boost/regex/v4/perl_matcher_common.hpp
@@ -113,6 +113,11 @@ void perl_matcher<BidiIterator, Allocator, traits>::estimate_max_state_count(std
std::ptrdiff_t states = re.size();
if(states == 0)
states = 1;
+ if ((std::numeric_limits<std::ptrdiff_t>::max)() / states < states)
+ {
+ max_state_count = (std::min)((std::ptrdiff_t)BOOST_REGEX_MAX_STATE_COUNT, (std::numeric_limits<std::ptrdiff_t>::max)() - 2);
+ return;
+ }
states *= states;
if((std::numeric_limits<std::ptrdiff_t>::max)() / dist < states)
{

10
boost.spec
View File

@ -35,7 +35,7 @@ Name: boost
Summary: The free peer-reviewed portable C++ source libraries
Version: 1.63.0
%global version_enc 1_63_0
Release: 11%{?dist}
Release: 12%{?dist}
License: Boost and MIT and Python
%global toplev_dirname %{name}_%{version_enc}
@ -148,6 +148,10 @@ Patch87: boost-1.63.0-asio-ssl.patch
# https://github.com/boostorg/icl/pull/11
Patch88: boost-1.64.0-icl-undefined-shift.patch
# https://bugzilla.redhat.com/show_bug.cgi?id=1564252
# https://svn.boost.org/trac10/ticket/13036
Patch90: boost-1.64.0-regex-overflow.patch
%bcond_with tests
%bcond_with docs_generated
@ -767,6 +771,7 @@ find ./boost -name '*.hpp' -perm /111 | xargs chmod a-x
%patch84 -p1
%patch86 -p2
%patch88 -p2
%patch90 -p2
# At least python2_version needs to be a macro so that it's visible in
# %%install as well.
@ -1560,6 +1565,9 @@ fi
%{_mandir}/man1/bjam.1*
%changelog
* Wed Apr 18 2018 Jonathan Wakely <jwakely@redhat.com> - 1.63.0-12
- Add patch for Boost.Regex integer overflow (#1564252)
* Wed Feb 28 2018 Jonathan Wakely <jwakely@redhat.com> - 1.63.0-11
- Ensure boost metapackage installs boost-container