summary refs log tree commit diff
diff options
context:
space:
mode:
authorKei Kebreau <kei@openmailbox.org>2017-01-03 08:11:15 -0500
committerKei Kebreau <kei@openmailbox.org>2017-01-03 08:35:02 -0500
commit6a37872cd2c132371ef2cb5344e004c63fdeb927 (patch)
tree6b94dee9745b73159347fce50718ca71020cd5b3
parentb9b6db45e84a7c9677f1b69040efadd0665139bb (diff)
downloadguix-6a37872cd2c132371ef2cb5344e004c63fdeb927.tar.gz
gnu: chicken: Fix CVE-2016-{6830,6831}.
* gnu/packages/patches/chicken-CVE-2016-6830+CVE-2016-6831.patch: New file.
* gnu/local.mk (dist_patch_DATA): Use it.
* gnu/packages/scheme.scm (chicken)[source]: Use it.
-rw-r--r--gnu/local.mk1
-rw-r--r--gnu/packages/patches/chicken-CVE-2016-6830+CVE-2016-6831.patch81
-rw-r--r--gnu/packages/scheme.scm4
3 files changed, 85 insertions, 1 deletions
diff --git a/gnu/local.mk b/gnu/local.mk
index 6ab1c1c488..0c42f9f442 100644
--- a/gnu/local.mk
+++ b/gnu/local.mk
@@ -497,6 +497,7 @@ dist_patch_DATA =						\
   %D%/packages/patches/calibre-drop-unrar.patch			\
   %D%/packages/patches/calibre-no-updates-dialog.patch		\
   %D%/packages/patches/cdparanoia-fpic.patch			\
+  %D%/packages/patches/chicken-CVE-2016-6830+CVE-2016-6831.patch	\
   %D%/packages/patches/chmlib-inttypes.patch			\
   %D%/packages/patches/clang-libc-search-path.patch		\
   %D%/packages/patches/clang-3.8-libc-search-path.patch		\
diff --git a/gnu/packages/patches/chicken-CVE-2016-6830+CVE-2016-6831.patch b/gnu/packages/patches/chicken-CVE-2016-6830+CVE-2016-6831.patch
new file mode 100644
index 0000000000..59decde0e9
--- /dev/null
+++ b/gnu/packages/patches/chicken-CVE-2016-6830+CVE-2016-6831.patch
@@ -0,0 +1,81 @@
+diff -ur a/irregex-core.scm b/irregex-core.scm
+--- a/irregex-core.scm	2016-09-11 19:03:00.000000000 -0400
++++ b/irregex-core.scm	2017-01-01 22:24:08.000000000 -0500
+@@ -30,6 +30,8 @@
+ 
+ ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
+ ;;;; History
++;; 0.9.6: 2016/12/05 - fixed exponential memory use of + in compilation
++;;                     of backtracking matcher.
+ ;; 0.9.5: 2016/09/10 - fixed a bug in irregex-fold handling of bow
+ ;; 0.9.4: 2015/12/14 - performance improvement for {n,m} matches
+ ;; 0.9.3: 2014/07/01 - R7RS library
+@@ -3170,16 +3172,7 @@
+               ((sre-empty? (sre-sequence (cdr sre)))
+                (error "invalid sre: empty *" sre))
+               (else
+-               (letrec
+-                   ((body
+-                     (lp (sre-sequence (cdr sre))
+-                         n
+-                         flags
+-                         (lambda (cnk init src str i end matches fail)
+-                           (body cnk init src str i end matches
+-                                 (lambda ()
+-                                   (next cnk init src str i end matches fail)
+-                                   ))))))
++               (let ((body (rec (list '+ (sre-sequence (cdr sre))))))
+                  (lambda (cnk init src str i end matches fail)
+                    (body cnk init src str i end matches
+                          (lambda ()
+@@ -3204,10 +3197,21 @@
+                          (lambda ()
+                            (body cnk init src str i end matches fail))))))))
+             ((+)
+-             (lp (sre-sequence (cdr sre))
+-                 n
+-                 flags
+-                 (rec (list '* (sre-sequence (cdr sre))))))
++             (cond
++              ((sre-empty? (sre-sequence (cdr sre)))
++               (error "invalid sre: empty +" sre))
++              (else
++               (letrec
++                   ((body
++                     (lp (sre-sequence (cdr sre))
++                         n
++                         flags
++                         (lambda (cnk init src str i end matches fail)
++                           (body cnk init src str i end matches
++                                 (lambda ()
++                                   (next cnk init src str i end matches fail)
++                                   ))))))
++                 body))))
+             ((=)
+              (rec `(** ,(cadr sre) ,(cadr sre) ,@(cddr sre))))
+             ((>=)
+diff -ur a/irregex-utils.scm b/irregex-utils.scm
+--- a/irregex-utils.scm	2016-09-11 19:03:00.000000000 -0400
++++ b/irregex-utils.scm	2017-01-01 22:25:25.000000000 -0500
+@@ -89,7 +89,7 @@
+         (case (car x)
+           ((: seq)
+            (cond
+-            ((and (pair? (cddr x)) (pair? (cddr x)) (not (eq? x obj)))
++            ((and (pair? (cdr x)) (pair? (cddr x)) (not (eq? x obj)))
+              (display "(?:" out) (for-each lp (cdr x)) (display ")" out))
+             (else (for-each lp (cdr x)))))
+           ((submatch)
+diff -ur "a/manual-html/Unit irregex.html" "b/manual-html/Unit irregex.html"
+--- "a/manual-html/Unit irregex.html"	2016-09-11 19:10:47.000000000 -0400
++++ "b/manual-html/Unit irregex.html"	2017-01-01 22:26:05.000000000 -0500
+@@ -353,6 +353,6 @@
+ <dd class="defsig"><p>Returns an optimized SRE matching any of the literal strings in the list, like Emacs' <tt>regexp-opt</tt>.  Note this optimization doesn't help when irregex is able to build a DFA.</p></dd>
+ </dl>
+ <h5 id="sec:sre-.3estring"><a href="#sec:sre-.3estring">sre-&gt;string</a></h5><dl class="defsig"><dt class="defsig" id="def:sre-.3estring"><span class="sig"><tt>(sre-&gt;string &lt;sre&gt;)</tt></span> <span class="type">procedure</span></dt>
+-<dd class="defsig"><p>Convert an SRE to a POSIX-style regular expression string, if possible.</p></dd>
++<dd class="defsig"><p>Convert an SRE to a PCRE-style regular expression string, if possible.</p></dd>
+ </dl>
+-<hr /><p>Previous: <a href="Unit%20extras.html">Unit extras</a></p><p>Next: <a href="Unit%20srfi-1.html">Unit srfi-1</a></p></div></div></body>
+\ No newline at end of file
++<hr /><p>Previous: <a href="Unit%20extras.html">Unit extras</a></p><p>Next: <a href="Unit%20srfi-1.html">Unit srfi-1</a></p></div></div></body>
diff --git a/gnu/packages/scheme.scm b/gnu/packages/scheme.scm
index 08bb89cefb..2756805f3d 100644
--- a/gnu/packages/scheme.scm
+++ b/gnu/packages/scheme.scm
@@ -332,7 +332,9 @@ mashups, office (web agendas, mail clients, ...), etc.")
                                   "2016/09/12/chicken-" version ".tar.gz"))
               (sha256
                (base32
-                "1rwymbbmnwdyhdzilv9w75an989xw9kjf3x52iqdng3nphpflcga"))))
+                "1rwymbbmnwdyhdzilv9w75an989xw9kjf3x52iqdng3nphpflcga"))
+              (patches
+               (search-patches "chicken-CVE-2016-6830+CVE-2016-6831.patch"))))
     (build-system gnu-build-system)
     (arguments
      `(#:modules ((guix build gnu-build-system)