diff options
Diffstat (limited to 'poky/meta/recipes-core/gettext/gettext-0.19.8.1/fix-CVE-2018-18751.patch')
-rw-r--r-- | poky/meta/recipes-core/gettext/gettext-0.19.8.1/fix-CVE-2018-18751.patch | 141 |
1 files changed, 0 insertions, 141 deletions
diff --git a/poky/meta/recipes-core/gettext/gettext-0.19.8.1/fix-CVE-2018-18751.patch b/poky/meta/recipes-core/gettext/gettext-0.19.8.1/fix-CVE-2018-18751.patch deleted file mode 100644 index 6dfe200d65..0000000000 --- a/poky/meta/recipes-core/gettext/gettext-0.19.8.1/fix-CVE-2018-18751.patch +++ /dev/null @@ -1,141 +0,0 @@ -Upstream-Status: Backport [https://git.savannah.gnu.org/gitweb/?p=gettext.git;a=commit;h=dce3a16] -CVE: CVE-2018-18751 - -Signed-off-by: Kai Kang <kai.kang@windriver.com> - -From dce3a16e5e9368245735e29bf498dcd5e3e474a4 Mon Sep 17 00:00:00 2001 -From: Daiki Ueno <ueno@gnu.org> -Date: Thu, 15 Sep 2016 13:57:24 +0200 -Subject: [PATCH] xgettext: Fix crash with *.po file input - -When xgettext was given two *.po files with the same msgid_plural, it -crashed with double-free. Problem reported by Davlet Panech in: -http://lists.gnu.org/archive/html/bug-gettext/2016-09/msg00001.html -* gettext-tools/src/po-gram-gen.y: Don't free msgid_pluralform after -calling do_callback_message, assuming that it takes ownership. -* gettext-tools/src/read-catalog.c (default_add_message): Free -msgid_plural after calling message_alloc. -* gettext-tools/tests/xgettext-po-2: New file. -* gettext-tools/tests/Makefile.am (TESTS): Add new test. ---- - gettext-tools/src/po-gram-gen.y | 13 ++++----- - gettext-tools/src/read-catalog.c | 2 ++ - gettext-tools/tests/Makefile.am | 2 +- - gettext-tools/tests/xgettext-po-2 | 55 +++++++++++++++++++++++++++++++++++++++ - 4 files changed, 63 insertions(+), 9 deletions(-) - create mode 100755 gettext-tools/tests/xgettext-po-2 - -diff --git a/gettext-tools/src/po-gram-gen.y b/gettext-tools/src/po-gram-gen.y -index becf5e6..4428e77 100644 ---- a/gettext-tools/src/po-gram-gen.y -+++ b/gettext-tools/src/po-gram-gen.y -@@ -221,14 +221,11 @@ message - check_obsolete ($1, $3); - check_obsolete ($1, $4); - if (!$1.obsolete || pass_obsolete_entries) -- { -- do_callback_message ($1.ctxt, string2, &$1.pos, $3.string, -- $4.rhs.msgstr, $4.rhs.msgstr_len, &$4.pos, -- $1.prev_ctxt, -- $1.prev_id, $1.prev_id_plural, -- $1.obsolete); -- free ($3.string); -- } -+ do_callback_message ($1.ctxt, string2, &$1.pos, $3.string, -+ $4.rhs.msgstr, $4.rhs.msgstr_len, &$4.pos, -+ $1.prev_ctxt, -+ $1.prev_id, $1.prev_id_plural, -+ $1.obsolete); - else - { - free_message_intro ($1); -diff --git a/gettext-tools/src/read-catalog.c b/gettext-tools/src/read-catalog.c -index 571d18e..6af6d20 100644 ---- a/gettext-tools/src/read-catalog.c -+++ b/gettext-tools/src/read-catalog.c -@@ -397,6 +397,8 @@ default_add_message (default_catalog_reader_ty *this, - appropriate. */ - mp = message_alloc (msgctxt, msgid, msgid_plural, msgstr, msgstr_len, - msgstr_pos); -+ if (msgid_plural != NULL) -+ free (msgid_plural); - mp->prev_msgctxt = prev_msgctxt; - mp->prev_msgid = prev_msgid; - mp->prev_msgid_plural = prev_msgid_plural; -diff --git a/gettext-tools/tests/Makefile.am b/gettext-tools/tests/Makefile.am -index 23b09b1..0dfb4d8 100644 ---- a/gettext-tools/tests/Makefile.am -+++ b/gettext-tools/tests/Makefile.am -@@ -95,7 +95,7 @@ TESTS = gettext-1 gettext-2 gettext-3 gettext-4 gettext-5 gettext-6 gettext-7 \ - xgettext-perl-1 xgettext-perl-2 xgettext-perl-3 xgettext-perl-4 \ - xgettext-perl-5 xgettext-perl-6 xgettext-perl-7 xgettext-perl-8 \ - xgettext-php-1 xgettext-php-2 xgettext-php-3 xgettext-php-4 \ -- xgettext-po-1 \ -+ xgettext-po-1 xgettext-po-2 \ - xgettext-properties-1 \ - xgettext-python-1 xgettext-python-2 xgettext-python-3 \ - xgettext-python-4 \ -diff --git a/gettext-tools/tests/xgettext-po-2 b/gettext-tools/tests/xgettext-po-2 -new file mode 100755 -index 0000000..c4bd9d0 ---- /dev/null -+++ b/gettext-tools/tests/xgettext-po-2 -@@ -0,0 +1,55 @@ -+#! /bin/sh -+. "${srcdir=.}/init.sh"; path_prepend_ . ../src -+ -+# Test PO extractors with multiple input files. -+ -+cat <<EOF > xg-po-2-1.po -+msgid "first msgid" -+msgid_plural "first msgid (plural)" -+msgstr[0] "" -+msgstr[1] "" -+ -+msgid "second msgid" -+msgid_plural "second msgid (plural)" -+msgstr[0] "" -+msgstr[1] "" -+EOF -+ -+cat <<EOF > xg-po-2-2.po -+msgid "third msgid" -+msgid_plural "third msgid (plural)" -+msgstr[0] "" -+msgstr[1] "" -+ -+msgid "second msgid" -+msgid_plural "second msgid (plural)" -+msgstr[0] "" -+msgstr[1] "" -+EOF -+ -+: ${XGETTEXT=xgettext} -+${XGETTEXT} --omit-header xg-po-2-1.po xg-po-2-2.po -o xg-po-2.tmp.po || Exit 1 -+LC_ALL=C tr -d '\r' < xg-po-2.tmp.po > xg-po-2.po || Exit 1 -+ -+cat <<EOF > xg-po-2.ok -+msgid "first msgid" -+msgid_plural "first msgid (plural)" -+msgstr[0] "" -+msgstr[1] "" -+ -+msgid "second msgid" -+msgid_plural "second msgid (plural)" -+msgstr[0] "" -+msgstr[1] "" -+ -+msgid "third msgid" -+msgid_plural "third msgid (plural)" -+msgstr[0] "" -+msgstr[1] "" -+EOF -+ -+: ${DIFF=diff} -+${DIFF} xg-po-2.ok xg-po-2.po -+result=$? -+ -+exit $result --- -1.9.1 - |