gnu: chicken: Fix CVE-2016-{6830,6831}.
* gnu/packages/patches/chicken-CVE-2016-6830+CVE-2016-6831.patch: New file. * gnu/local.mk (dist_patch_DATA): Use it. * gnu/packages/scheme.scm (chicken)[source]: Use it.
This commit is contained in:
parent
b9b6db45e8
commit
6a37872cd2
|
@ -497,6 +497,7 @@ dist_patch_DATA = \
|
||||||
%D%/packages/patches/calibre-drop-unrar.patch \
|
%D%/packages/patches/calibre-drop-unrar.patch \
|
||||||
%D%/packages/patches/calibre-no-updates-dialog.patch \
|
%D%/packages/patches/calibre-no-updates-dialog.patch \
|
||||||
%D%/packages/patches/cdparanoia-fpic.patch \
|
%D%/packages/patches/cdparanoia-fpic.patch \
|
||||||
|
%D%/packages/patches/chicken-CVE-2016-6830+CVE-2016-6831.patch \
|
||||||
%D%/packages/patches/chmlib-inttypes.patch \
|
%D%/packages/patches/chmlib-inttypes.patch \
|
||||||
%D%/packages/patches/clang-libc-search-path.patch \
|
%D%/packages/patches/clang-libc-search-path.patch \
|
||||||
%D%/packages/patches/clang-3.8-libc-search-path.patch \
|
%D%/packages/patches/clang-3.8-libc-search-path.patch \
|
||||||
|
|
|
@ -0,0 +1,81 @@
|
||||||
|
diff -ur a/irregex-core.scm b/irregex-core.scm
|
||||||
|
--- a/irregex-core.scm 2016-09-11 19:03:00.000000000 -0400
|
||||||
|
+++ b/irregex-core.scm 2017-01-01 22:24:08.000000000 -0500
|
||||||
|
@@ -30,6 +30,8 @@
|
||||||
|
|
||||||
|
;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
|
||||||
|
;;;; History
|
||||||
|
+;; 0.9.6: 2016/12/05 - fixed exponential memory use of + in compilation
|
||||||
|
+;; of backtracking matcher.
|
||||||
|
;; 0.9.5: 2016/09/10 - fixed a bug in irregex-fold handling of bow
|
||||||
|
;; 0.9.4: 2015/12/14 - performance improvement for {n,m} matches
|
||||||
|
;; 0.9.3: 2014/07/01 - R7RS library
|
||||||
|
@@ -3170,16 +3172,7 @@
|
||||||
|
((sre-empty? (sre-sequence (cdr sre)))
|
||||||
|
(error "invalid sre: empty *" sre))
|
||||||
|
(else
|
||||||
|
- (letrec
|
||||||
|
- ((body
|
||||||
|
- (lp (sre-sequence (cdr sre))
|
||||||
|
- n
|
||||||
|
- flags
|
||||||
|
- (lambda (cnk init src str i end matches fail)
|
||||||
|
- (body cnk init src str i end matches
|
||||||
|
- (lambda ()
|
||||||
|
- (next cnk init src str i end matches fail)
|
||||||
|
- ))))))
|
||||||
|
+ (let ((body (rec (list '+ (sre-sequence (cdr sre))))))
|
||||||
|
(lambda (cnk init src str i end matches fail)
|
||||||
|
(body cnk init src str i end matches
|
||||||
|
(lambda ()
|
||||||
|
@@ -3204,10 +3197,21 @@
|
||||||
|
(lambda ()
|
||||||
|
(body cnk init src str i end matches fail))))))))
|
||||||
|
((+)
|
||||||
|
- (lp (sre-sequence (cdr sre))
|
||||||
|
- n
|
||||||
|
- flags
|
||||||
|
- (rec (list '* (sre-sequence (cdr sre))))))
|
||||||
|
+ (cond
|
||||||
|
+ ((sre-empty? (sre-sequence (cdr sre)))
|
||||||
|
+ (error "invalid sre: empty +" sre))
|
||||||
|
+ (else
|
||||||
|
+ (letrec
|
||||||
|
+ ((body
|
||||||
|
+ (lp (sre-sequence (cdr sre))
|
||||||
|
+ n
|
||||||
|
+ flags
|
||||||
|
+ (lambda (cnk init src str i end matches fail)
|
||||||
|
+ (body cnk init src str i end matches
|
||||||
|
+ (lambda ()
|
||||||
|
+ (next cnk init src str i end matches fail)
|
||||||
|
+ ))))))
|
||||||
|
+ body))))
|
||||||
|
((=)
|
||||||
|
(rec `(** ,(cadr sre) ,(cadr sre) ,@(cddr sre))))
|
||||||
|
((>=)
|
||||||
|
diff -ur a/irregex-utils.scm b/irregex-utils.scm
|
||||||
|
--- a/irregex-utils.scm 2016-09-11 19:03:00.000000000 -0400
|
||||||
|
+++ b/irregex-utils.scm 2017-01-01 22:25:25.000000000 -0500
|
||||||
|
@@ -89,7 +89,7 @@
|
||||||
|
(case (car x)
|
||||||
|
((: seq)
|
||||||
|
(cond
|
||||||
|
- ((and (pair? (cddr x)) (pair? (cddr x)) (not (eq? x obj)))
|
||||||
|
+ ((and (pair? (cdr x)) (pair? (cddr x)) (not (eq? x obj)))
|
||||||
|
(display "(?:" out) (for-each lp (cdr x)) (display ")" out))
|
||||||
|
(else (for-each lp (cdr x)))))
|
||||||
|
((submatch)
|
||||||
|
diff -ur "a/manual-html/Unit irregex.html" "b/manual-html/Unit irregex.html"
|
||||||
|
--- "a/manual-html/Unit irregex.html" 2016-09-11 19:10:47.000000000 -0400
|
||||||
|
+++ "b/manual-html/Unit irregex.html" 2017-01-01 22:26:05.000000000 -0500
|
||||||
|
@@ -353,6 +353,6 @@
|
||||||
|
<dd class="defsig"><p>Returns an optimized SRE matching any of the literal strings in the list, like Emacs' <tt>regexp-opt</tt>. Note this optimization doesn't help when irregex is able to build a DFA.</p></dd>
|
||||||
|
</dl>
|
||||||
|
<h5 id="sec:sre-.3estring"><a href="#sec:sre-.3estring">sre->string</a></h5><dl class="defsig"><dt class="defsig" id="def:sre-.3estring"><span class="sig"><tt>(sre->string <sre>)</tt></span> <span class="type">procedure</span></dt>
|
||||||
|
-<dd class="defsig"><p>Convert an SRE to a POSIX-style regular expression string, if possible.</p></dd>
|
||||||
|
+<dd class="defsig"><p>Convert an SRE to a PCRE-style regular expression string, if possible.</p></dd>
|
||||||
|
</dl>
|
||||||
|
-<hr /><p>Previous: <a href="Unit%20extras.html">Unit extras</a></p><p>Next: <a href="Unit%20srfi-1.html">Unit srfi-1</a></p></div></div></body>
|
||||||
|
\ No newline at end of file
|
||||||
|
+<hr /><p>Previous: <a href="Unit%20extras.html">Unit extras</a></p><p>Next: <a href="Unit%20srfi-1.html">Unit srfi-1</a></p></div></div></body>
|
|
@ -332,7 +332,9 @@ mashups, office (web agendas, mail clients, ...), etc.")
|
||||||
"2016/09/12/chicken-" version ".tar.gz"))
|
"2016/09/12/chicken-" version ".tar.gz"))
|
||||||
(sha256
|
(sha256
|
||||||
(base32
|
(base32
|
||||||
"1rwymbbmnwdyhdzilv9w75an989xw9kjf3x52iqdng3nphpflcga"))))
|
"1rwymbbmnwdyhdzilv9w75an989xw9kjf3x52iqdng3nphpflcga"))
|
||||||
|
(patches
|
||||||
|
(search-patches "chicken-CVE-2016-6830+CVE-2016-6831.patch"))))
|
||||||
(build-system gnu-build-system)
|
(build-system gnu-build-system)
|
||||||
(arguments
|
(arguments
|
||||||
`(#:modules ((guix build gnu-build-system)
|
`(#:modules ((guix build gnu-build-system)
|
||||||
|
|
Loading…
Reference in New Issue