diff --git a/pkgs/development/libraries/pcre/cve-2015-3210.patch b/pkgs/development/libraries/pcre/cve-2015-3210.patch deleted file mode 100644 index c97849fb70c7..000000000000 --- a/pkgs/development/libraries/pcre/cve-2015-3210.patch +++ /dev/null @@ -1,87 +0,0 @@ -From 68ff1beb43bb3d4d8838f3285c97023d1e50513a Mon Sep 17 00:00:00 2001 -From: ph10 -Date: Fri, 15 May 2015 17:17:03 +0000 -Subject: [PATCH] Fix buffer overflow for named recursive back reference when - the name is duplicated. -MIME-Version: 1.0 -Content-Type: text/plain; charset=UTF-8 -Content-Transfer-Encoding: 8bit - -Upstream commit ported to pcre-8.37: - -commit 4b79af6b4cbeb5326ae5e4d83f3e935e00286c19 -Author: ph10 -Date: Fri May 15 17:17:03 2015 +0000 - - Fix buffer overflow for named recursive back reference when the name is - duplicated. - - git-svn-id: svn://vcs.exim.org/pcre/code/trunk@1558 2f5784b3-3f2a-0410-8824-cb99058d5e15 - -This fixes CVE-2015-3210. - -Signed-off-by: Petr Písař ---- - pcre_compile.c | 16 ++++++++++++++-- - testdata/testinput2 | 2 ++ - testdata/testoutput2 | 2 ++ - 3 files changed, 18 insertions(+), 2 deletions(-) - -diff --git a/pcre_compile.c b/pcre_compile.c -index 0efad26..6f06912 100644 ---- a/pcre_compile.c -+++ b/pcre_compile.c -@@ -7173,14 +7173,26 @@ for (;; ptr++) - number. If the name is not found, set the value to 0 for a forward - reference. */ - -+ recno = 0; - ng = cd->named_groups; - for (i = 0; i < cd->names_found; i++, ng++) - { - if (namelen == ng->length && - STRNCMP_UC_UC(name, ng->name, namelen) == 0) -- break; -+ { -+ open_capitem *oc; -+ recno = ng->number; -+ if (is_recurse) break; -+ for (oc = cd->open_caps; oc != NULL; oc = oc->next) -+ { -+ if (oc->number == recno) -+ { -+ oc->flag = TRUE; -+ break; -+ } -+ } -+ } - } -- recno = (i < cd->names_found)? ng->number : 0; - - /* Count named back references. */ - -diff --git a/testdata/testinput2 b/testdata/testinput2 -index 58fe53b..83bb471 100644 ---- a/testdata/testinput2 -+++ b/testdata/testinput2 -@@ -4152,4 +4152,6 @@ backtracking verbs. --/ - - /((?2){73}(?2))((?1))/ - -+"(?J)(?'d'(?'d'\g{d}))" -+ - /-- End of testinput2 --/ -diff --git a/testdata/testoutput2 b/testdata/testoutput2 -index b718df0..7dff52a 100644 ---- a/testdata/testoutput2 -+++ b/testdata/testoutput2 -@@ -14423,4 +14423,6 @@ Failed: lookbehind assertion is not fixed length at offset 17 - - /((?2){73}(?2))((?1))/ - -+"(?J)(?'d'(?'d'\g{d}))" -+ - /-- End of testinput2 --/ --- -2.4.3 - diff --git a/pkgs/development/libraries/pcre/cve-2015-5073.patch b/pkgs/development/libraries/pcre/cve-2015-5073.patch deleted file mode 100644 index 16fd45c87b1d..000000000000 --- a/pkgs/development/libraries/pcre/cve-2015-5073.patch +++ /dev/null @@ -1,68 +0,0 @@ -From 354e1f8e921dcb9cf2f3a5eac93cd826d01a7d8a Mon Sep 17 00:00:00 2001 -From: ph10 -Date: Tue, 23 Jun 2015 16:34:53 +0000 -Subject: [PATCH] Fix buffer overflow for forward reference within backward - assertion with excess closing parenthesis. Bugzilla 1651. -MIME-Version: 1.0 -Content-Type: text/plain; charset=UTF-8 -Content-Transfer-Encoding: 8bit - -This is upstream commit ported to 8.37: - -commit 764692f9aea9eab50fdba6cb537441d8b34c6c37 -Author: ph10 -Date: Tue Jun 23 16:34:53 2015 +0000 - - Fix buffer overflow for forward reference within backward assertion with excess - closing parenthesis. Bugzilla 1651. - - git-svn-id: svn://vcs.exim.org/pcre/code/trunk@1571 2f5784b3-3f2a-0410-8824-cb99058d5e15 - -It fixes CVE-2015-5073. - -Signed-off-by: Petr Písař ---- - pcre_compile.c | 2 +- - testdata/testinput2 | 2 ++ - testdata/testoutput2 | 3 +++ - 3 files changed, 6 insertions(+), 1 deletion(-) - -diff --git a/pcre_compile.c b/pcre_compile.c -index 6f06912..b66b1f6 100644 ---- a/pcre_compile.c -+++ b/pcre_compile.c -@@ -9392,7 +9392,7 @@ OP_RECURSE that are not fixed length get a diagnosic with a useful offset. The - exceptional ones forgo this. We scan the pattern to check that they are fixed - length, and set their lengths. */ - --if (cd->check_lookbehind) -+if (errorcode == 0 && cd->check_lookbehind) - { - pcre_uchar *cc = (pcre_uchar *)codestart; - -diff --git a/testdata/testinput2 b/testdata/testinput2 -index 83bb471..5cc9ce6 100644 ---- a/testdata/testinput2 -+++ b/testdata/testinput2 -@@ -4154,4 +4154,6 @@ backtracking verbs. --/ - - "(?J)(?'d'(?'d'\g{d}))" - -+/(?=di(?<=(?1))|(?=(.))))/ -+ - /-- End of testinput2 --/ -diff --git a/testdata/testoutput2 b/testdata/testoutput2 -index 7dff52a..4decb8d 100644 ---- a/testdata/testoutput2 -+++ b/testdata/testoutput2 -@@ -14425,4 +14425,7 @@ Failed: lookbehind assertion is not fixed length at offset 17 - - "(?J)(?'d'(?'d'\g{d}))" - -+/(?=di(?<=(?1))|(?=(.))))/ -+Failed: unmatched parentheses at offset 23 -+ - /-- End of testinput2 --/ --- -2.4.3 - diff --git a/pkgs/development/libraries/pcre/default.nix b/pkgs/development/libraries/pcre/default.nix index 3370e910565e..92f53b067204 100644 --- a/pkgs/development/libraries/pcre/default.nix +++ b/pkgs/development/libraries/pcre/default.nix @@ -5,17 +5,15 @@ with stdenv.lib; stdenv.mkDerivation rec { - name = "pcre-8.37"; + name = "pcre-8.38"; src = fetchurl { url = "ftp://ftp.csx.cam.ac.uk/pub/software/programming/pcre/${name}.tar.bz2"; - sha256 = "17bqykp604p7376wj3q2nmjdhrb6v1ny8q08zdwi7qvc02l9wrsi"; + sha256 = "1pvra19ljkr5ky35y2iywjnsckrs9ch2anrf5b0dc91hw8v2vq5r"; }; patches = - [ ./cve-2015-3210.patch - ./cve-2015-5073.patch - ]; + [ ]; outputs = [ "out" "doc" "man" ];