From 41ee547d299803fb17ab6b53229d8fa8acfcb868 Mon Sep 17 00:00:00 2001 From: Sylvestre Ledru Date: Fri, 28 Aug 2015 12:21:48 +0000 Subject: [PATCH] Remove CVE-2015-2305.patch. Already fixed upstream in a different way --- debian/changelog | 9 ++++---- debian/patches/CVE-2015-2305.patch | 35 ------------------------------ debian/patches/series | 1 - 3 files changed, 5 insertions(+), 40 deletions(-) delete mode 100644 debian/patches/CVE-2015-2305.patch diff --git a/debian/changelog b/debian/changelog index 7d562768..32b6ac4b 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,6 +1,4 @@ -llvm-toolchain-snapshot (1:3.8~svn245286-2) UNRELEASED; urgency=medium - - * Team upload +llvm-toolchain-snapshot (1:3.8~svn245286-3) UNRELEASED; urgency=medium [ Gianfranco Costamagna ] * d/p/bug783205.patch fix s390x porting issue @@ -19,8 +17,11 @@ llvm-toolchain-snapshot (1:3.8~svn245286-2) UNRELEASED; urgency=medium needs a change after upstream revision r241080 (Addresses: #794905) + [ Sylvestre Ledru ] + * Remove CVE-2015-2305.patch. Already fixed upstream in a different + way - -- Gianfranco Costamagna Tue, 18 Aug 2015 18:37:46 +0200 + -- Sylvestre Ledru Fri, 28 Aug 2015 14:21:27 +0200 llvm-toolchain-snapshot (1:3.8~svn245286-1) unstable; urgency=medium diff --git a/debian/patches/CVE-2015-2305.patch b/debian/patches/CVE-2015-2305.patch deleted file mode 100644 index 7d5964e9..00000000 --- a/debian/patches/CVE-2015-2305.patch +++ /dev/null @@ -1,35 +0,0 @@ -Description: Taken from http://gitweb.dragonflybsd.org/dragonfly.git/blobdiff/4d133046c59a851141519d03553a70e903b3eefc..2841837793bd095a82f477e9c370cfe6cfb3862c:/lib/libc/regex/regcomp.c ---- llvm-toolchain-3.5-3.5.2.orig/lib/Support/regcomp.c -+++ llvm-toolchain-3.5-3.5.2/lib/Support/regcomp.c -@@ -169,6 +169,7 @@ llvm_regcomp(llvm_regex_t *preg, const c - struct parse *p = &pa; - int i; - size_t len; -+ size_t maxlen; - #ifdef REDEBUG - # define GOODFLAGS(f) (f) - #else -@@ -191,7 +192,23 @@ llvm_regcomp(llvm_regex_t *preg, const c - (NC-1)*sizeof(cat_t)); - if (g == NULL) - return(REG_ESPACE); -+ /* -+ * Limit the pattern space to avoid a 32-bit overflow on buffer -+ * extension. Also avoid any signed overflow in case of conversion -+ * so make the real limit based on a 31-bit overflow. -+ * -+ * Likely not applicable on 64-bit systems but handle the case -+ * generically (who are we to stop people from using ~715MB+ -+ * patterns?). -+ */ -+ maxlen = ((size_t)-1 >> 1) / sizeof(sop) * 2 / 3; -+ if (len >= maxlen) { -+ free((char *)g); -+ return(REG_ESPACE); -+ } - p->ssize = len/(size_t)2*(size_t)3 + (size_t)1; /* ugh */ -+ assert(p->ssize >= len); -+ - p->strip = (sop *)calloc(p->ssize, sizeof(sop)); - p->slen = 0; - if (p->strip == NULL) { diff --git a/debian/patches/series b/debian/patches/series index bbfd02fc..e9cae4a7 100644 --- a/debian/patches/series +++ b/debian/patches/series @@ -39,7 +39,6 @@ lit-lang.diff compiler-rt-i586.diff clang-analyzer-force-version.diff locale-issue-ld.diff -CVE-2015-2305.patch bug783205.patch fix-cmake-config-prefix.diff kfreebsd-build-fix.patch