!31 Upgrade to version 2.0.20230219

From: @chen-jan 
Reviewed-by: @lyn1001 
Signed-off-by: @lyn1001

CVE-2021-33641.patch

@@ -0,0 +1,55 @@
+From 162549f599c4460bcefc1526cfa014fec626ebc5 Mon Sep 17 00:00:00 2001
+From: zhoupengcheng <zhoupengcheng11@huawei.com>
+Date: Sat, 26 Nov 2022 18:27:48 +0800
+
+Subject: [PATCH] fix CVE-2021-33641
+
+the global variable:cptr use-after-free in  more_curly(),
+save original line in more_curly() in case get new line to fix
+CVE-2021-33641.
+---
+ reader.c | 19 +++++++++++++++++--
+ 1 file changed, 17 insertions(+), 2 deletions(-)
+
+diff --git a/reader.c b/reader.c
+index 37dc2cb..2a1dfe5 100644
+--- a/reader.c
++++ b/reader.c
+@@ -1027,9 +1027,16 @@ trim_blanks(char *buffer)
+ static int
+ more_curly(void)
+ {
+-    char *save = cptr;
++    
+     int result = 0;
+     int finish = 0;
++    FILE *f = input_file;
++    long int old_pos = ftell(f); 
++    int save_linesize = linesize;
++    char *save_line = TMALLOC(char, linesize);
++    NO_SPACE(save_line);
++    char *save_cptr = save_line + (cptr - line);
++    memcpy(save_line, line, linesize);
+     do
+     {
+ 	switch (next_inline())
+@@ -1046,7 +1053,15 @@ more_curly(void)
+ 	++cptr;
+     }
+     while (!finish);
+-    cptr = save;
++
++    // in case of next_inline malloc new line space 
++    free(line);
++    cptr = save_cptr;
++    line = save_line;
++    linesize = save_linesize;
++    // Since get_line also move the postion in file forward
++    //  we need to move it back
++    fseek(f, old_pos, SEEK_SET);
+     return result;
+ }
+ 
+-- 
+2.27.0
+

CVE-2021-33642.patch

@@ -0,0 +1,44 @@
+From ab5ee87cbbe1b94a45d5c7974b321e2ee78d1238 Mon Sep 17 00:00:00 2001
+From: zhoupengcheng <zhoupengcheng11@huawei.com>
+Date: Sat, 26 Nov 2022 18:27:48 +0800
+Subject: [PATCH] fix CVE-2021-33642
+
+next_inline() return EOF cause infinite loop in more_curly(),
+Add EOF case in more_curly(), don't allow multiple line.
+---
+ reader.c | 10 +++++++++-
+ 1 file changed, 9 insertions(+), 1 deletion(-)
+
+diff --git a/reader.c b/reader.c
+index 2a1dfe5..6a9bb7c 100644
+--- a/reader.c
++++ b/reader.c
+@@ -1030,8 +1030,10 @@ more_curly(void)
+     
+     int result = 0;
+     int finish = 0;
++    int c;
+     FILE *f = input_file;
+     long int old_pos = ftell(f); 
++    long int new_pos = old_pos;
+     int save_linesize = linesize;
+     char *save_line = TMALLOC(char, linesize);
+     NO_SPACE(save_line);
+@@ -1039,7 +1041,13 @@ more_curly(void)
+     memcpy(save_line, line, linesize);
+     do
+     {
+-	switch (next_inline())
++	c = next_inline();
++	// Don't allow multiple line, so we use file position to check
++	// Only get_line() will move file postion forward
++	new_pos = ftell(f);
++	if (c == (EOF) || old_pos != new_pos)
++	    break;
++	switch (c)
+ 	{
+ 	case 0:
+ 	case '\n':
+-- 
+2.27.0
+

byacc.spec

@@ -1,4 +1,4 @@
-%define byaccdate 20210808
+%define byaccdate 20230219
 
 Name:           byacc
 Version:        2.0.%{byaccdate}
@@ -6,7 +6,10 @@ Release:        1
 Summary:        A parser generator
 License:        public domain
 URL:            https://invisible-island.net/byacc/byacc.html
-Source0:        https://invisible-island.net/datafiles/release/byacc-%{byaccdate}.tgz
+Source0:        https://invisible-mirror.net/archives/byacc/byacc-%{byaccdate}.tgz
+
+Patch9000:      CVE-2021-33641.patch
+Patch9001:      CVE-2021-33642.patch
 
 BuildRequires:  gcc
 
@@ -20,7 +23,7 @@ rejected.
 %package_help
 
 %prep
-%autosetup -n byacc-20210808 -p1
+%autosetup -n byacc-%{byaccdate} -p1
 find . -type f -name \*.c -print0 | xargs -0 sed -i 's/YYSTACKSIZE 500/YYSTACKSIZE 10000/g'
 
 %build
@@ -33,10 +36,10 @@ ln -s yacc %{buildroot}%{_bindir}/byacc
 ln -s yacc.1 %{buildroot}%{_mandir}/man1/byacc.1
 
 %check
-#make check
+%make_build check
 
 %files
-%doc ACKNOWLEDGEMENTS README* NO_WARRANTY
+%doc ACKNOWLEDGEMENTS NEW_FEATURES NO_WARRANTY README
 %license AUTHORS
 %{_bindir}/*
 
@@ -45,13 +48,28 @@ ln -s yacc.1 %{buildroot}%{_mandir}/man1/byacc.1
 %{_mandir}/man1/*
 
 %changelog
+* Fri Jun 16 2023 chenchen <chen_aka_jan@163.com> - 2.0.20230219-1
+- Upgrade to version 2.0.20230219
+
+* Mon Dec 26 2022 zhoupengcheng <zhoupengcheng11@huawei.com> - 2.0.20210808-5
+- fix CVE-2021-33641 and CVE-2021-33642
+
+* Sat Dec 24 2022 chenmaodong <chenmaodong@xfusion.com> - 2.0.20210808-4
+- Modify changelog error
+
+* Mon Nov 21 2022 yaoxin <yaoxin30@h-partners.com> - 2.0.20210808-3
+- Modify invalid Source
+
+* Wed Jun 29 2022 wangjiang <wangjiang37@h-partners.com> - 2.0.20210808-2
+- DESC:enable check test suite
+
 * Sat Dec 25 2021 tianwei<tianwei12@huawei.com> - 2.0.20210808
 - DESC:upgrade to 2.0.20210808
 
 * Mon Feb 1 2021 wangjie<wangjie294@huawei.com> - 2.0.20210109
 - DESC:upgrade 2.0.20210109
 
-* Sta Jul 25 2020 xinghe <xinghe1@huawei.com> - 1.9.20200330-1
+* Sat Jul 25 2020 xinghe <xinghe1@huawei.com> - 1.9.20200330-1
 - update version to 1.9.20200330
 
 * Wed Jan 22 2020 gulining<gulining1@huawei.com> - 1.9.20170709-9