pkgsrc-Changes-HG archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

[pkgsrc/pkgsrc-2018Q1]: pkgsrc/devel/jq Pullup ticket #5766 - requested by bs...



details:   https://anonhg.NetBSD.org/pkgsrc/rev/6abadee1c1ad
branches:  pkgsrc-2018Q1
changeset: 408505:6abadee1c1ad
user:      spz <spz%pkgsrc.org@localhost>
date:      Sun Jun 17 12:43:56 2018 +0000

description:
Pullup ticket #5766 - requested by bsiegert
devel/jq: security patch

Revisions pulled up:
- devel/jq/Makefile                                             1.15
- devel/jq/distinfo                                             1.9
- devel/jq/patches/patch-src_jv__print.c                        1.1

-------------------------------------------------------------------
   Module Name:    pkgsrc
   Committed By:   ginsbach
   Date:           Wed May 30 16:03:48 UTC 2018

   Modified Files:
           pkgsrc/devel/jq: Makefile distinfo
   Added Files:
           pkgsrc/devel/jq/patches: patch-src_jv__print.c

   Log Message:
   CVE-2016-4074 denial-of-service (via upstream)

   Fix present in jq-1.6rc1 (https://github.com/stedolan/jq/commit/83e2cf6).
   The fix prevents 'infinite' recursion preventing stack exhaustion.


   To generate a diff of this commit:
   cvs rdiff -u -r1.14 -r1.15 pkgsrc/devel/jq/Makefile
   cvs rdiff -u -r1.8 -r1.9 pkgsrc/devel/jq/distinfo
   cvs rdiff -u -r0 -r1.1 pkgsrc/devel/jq/patches/patch-src_jv__print.c

diffstat:

 devel/jq/Makefile                      |   4 +-
 devel/jq/distinfo                      |   3 +-
 devel/jq/patches/patch-src_jv__print.c |  41 ++++++++++++++++++++++++++++++++++
 3 files changed, 45 insertions(+), 3 deletions(-)

diffs (72 lines):

diff -r ca06ad36aedd -r 6abadee1c1ad devel/jq/Makefile
--- a/devel/jq/Makefile Sun Jun 17 11:40:03 2018 +0000
+++ b/devel/jq/Makefile Sun Jun 17 12:43:56 2018 +0000
@@ -1,7 +1,7 @@
-# $NetBSD: Makefile,v 1.14 2018/03/22 08:14:52 adam Exp $
+# $NetBSD: Makefile,v 1.14.2.1 2018/06/17 12:43:56 spz Exp $
 
 DISTNAME=      jq-1.5
-PKGREVISION=   3
+PKGREVISION=   4
 CATEGORIES=    devel
 MASTER_SITES=  ${MASTER_SITE_GITHUB:=stedolan/}
 
diff -r ca06ad36aedd -r 6abadee1c1ad devel/jq/distinfo
--- a/devel/jq/distinfo Sun Jun 17 11:40:03 2018 +0000
+++ b/devel/jq/distinfo Sun Jun 17 12:43:56 2018 +0000
@@ -1,4 +1,4 @@
-$NetBSD: distinfo,v 1.8 2018/01/15 08:51:55 adam Exp $
+$NetBSD: distinfo,v 1.8.2.1 2018/06/17 12:43:56 spz Exp $
 
 SHA1 (jq-1.5.tar.gz) = 664638b560d9e734178e8cafb21d98817af5b5f3
 RMD160 (jq-1.5.tar.gz) = 33ac77ac93e0539f6d66d29cd717013cdab8cf61
@@ -6,3 +6,4 @@
 Size (jq-1.5.tar.gz) = 1118086 bytes
 SHA1 (patch-Makefile.in) = 446be0fa3517fb6fc1e2f5761d1f8fb28339c79c
 SHA1 (patch-src_jv__parse.c) = efca86e70daf27291a01bf538487b745b7bd600c
+SHA1 (patch-src_jv__print.c) = 4d53dc1a1f0bb1cc827dd1adb62ecef2b7393970
diff -r ca06ad36aedd -r 6abadee1c1ad devel/jq/patches/patch-src_jv__print.c
--- /dev/null   Thu Jan 01 00:00:00 1970 +0000
+++ b/devel/jq/patches/patch-src_jv__print.c    Sun Jun 17 12:43:56 2018 +0000
@@ -0,0 +1,41 @@
+$NetBSD: patch-src_jv__print.c,v 1.1.2.2 2018/06/17 12:43:56 spz Exp $
+
+CVE-2016-4074
+
+From 83e2cf607f3599d208b6b3129092fa7deb2e5292 Mon Sep 17 00:00:00 2001
+From: W-Mark Kubacki <wmark%hurrikane.de@localhost>
+Date: Fri, 19 Aug 2016 19:50:39 +0200
+Subject: [PATCH] Skip printing what's below a MAX_PRINT_DEPTH
+
+This addresses #1136, and mitigates a stack exhaustion when printing
+a very deeply nested term.
+---
+ src/jv_print.c | 8 +++++++-
+ 1 file changed, 7 insertions(+), 1 deletion(-)
+
+diff --git a/src/jv_print.c b/src/jv_print.c
+index 5f4f234b..ce4a59af 100644
+--- jv_print.c
++++ jv_print.c
+@@ -13,6 +13,10 @@
+ #include "jv_dtoa.h"
+ #include "jv_unicode.h"
+ 
++#ifndef MAX_PRINT_DEPTH
++#define MAX_PRINT_DEPTH (256)
++#endif
++
+ #define ESC "\033"
+ #define COL(c) (ESC "[" c "m")
+ #define COLRESET (ESC "[0m")
+@@ -150,7 +154,9 @@ static void jv_dump_term(struct dtoa_context* C, jv x, int flags, int indent, FI
+       }
+     }
+   }
+-  switch (jv_get_kind(x)) {
++  if (indent > MAX_PRINT_DEPTH) {
++    put_str("<skipped: too deep>", F, S, flags & JV_PRINT_ISATTY);
++  } else switch (jv_get_kind(x)) {
+   default:
+   case JV_KIND_INVALID:
+     if (flags & JV_PRINT_INVALID) {



Home | Main Index | Thread Index | Old Index