packages/icu
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

!7 icu

Browse Source 
Merge pull request !7 from shirely/master
This commit is contained in:
openeuler-ci-bot 2020-07-22 21:13:29 +08:00 committed by Gitee
commit 558ce30918
4 changed files with 9 additions and 148 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

114
CVE-2020-10531.patch
View File

@ -1,114 +0,0 @@
Backported of:
From b7d08bc04a4296982fcef8b6b8a354a9e4e7afca Mon Sep 17 00:00:00 2001
From: Frank Tang <ftang@chromium.org>
Date: Sat, 1 Feb 2020 02:39:04 +0000
Subject: [PATCH] ICU-20958 Prevent SEGV_MAPERR in append
See #971
diff --git a/source/common/unistr.cpp b/source/common/unistr.cpp
index 1bfb71a..e8a7f12 100644
--- a/source/common/unistr.cpp
+++ b/source/common/unistr.cpp
@@ -1546,7 +1557,11 @@ UnicodeString::doAppend(const UChar *srcChars, int32_t srcStart, int32_t srcLeng
}
int32_t oldLength = length();
- int32_t newLength = oldLength + srcLength;
+ int32_t newLength;
+ if (uprv_add32_overflow(oldLength, srcLength, &newLength)) {
+ setToBogus();
+ return *this;
+ }
// optimize append() onto a large-enough, owned string
if((newLength <= getCapacity() && isBufferWritable()) ||
cloneArrayIfNeeded(newLength, getGrowCapacity(newLength))) {
diff --git a/source/test/intltest/ustrtest.cpp b/source/test/intltest/ustrtest.cpp
index b361e20..9b613d3 100644
--- a/source/test/intltest/ustrtest.cpp
+++ b/source/test/intltest/ustrtest.cpp
@@ -64,6 +64,7 @@ void UnicodeStringTest::runIndexedTest( int32_t index, UBool exec, const char* &
TESTCASE_AUTO(TestUInt16Pointers);
TESTCASE_AUTO(TestWCharPointers);
TESTCASE_AUTO(TestNullPointers);
+ TESTCASE_AUTO(TestLargeAppend);
TESTCASE_AUTO_END;
}
@@ -2253,3 +2254,64 @@ UnicodeStringTest::TestNullPointers() {
UnicodeString(u"def").extract(nullptr, 0, errorCode);
assertEquals("buffer overflow extracting to nullptr", U_BUFFER_OVERFLOW_ERROR, errorCode);
}
+
+void UnicodeStringTest::TestLargeAppend() {
+ if(quick) return;
+
+ IcuTestErrorCode status(*this, "TestLargeAppend");
+ // Make a large UnicodeString
+ int32_t len = 0xAFFFFFF;
+ UnicodeString str;
+ char16_t *buf = str.getBuffer(len);
+ // A fast way to set buffer to valid Unicode.
+ // 4E4E is a valid unicode character
+ uprv_memset(buf, 0x4e, len * 2);
+ str.releaseBuffer(len);
+ UnicodeString dest;
+ // Append it 16 times
+ // 0xAFFFFFF times 16 is 0xA4FFFFF1,
+ // which is greater than INT32_MAX, which is 0x7FFFFFFF.
+ int64_t total = 0;
+ for (int32_t i = 0; i < 16; i++) {
+ dest.append(str);
+ total += len;
+ if (total <= INT32_MAX) {
+ assertFalse("dest is not bogus", dest.isBogus());
+ } else {
+ assertTrue("dest should be bogus", dest.isBogus());
+ }
+ }
+ dest.remove();
+ total = 0;
+ for (int32_t i = 0; i < 16; i++) {
+ dest.append(str);
+ total += len;
+ if (total + len <= INT32_MAX) {
+ assertFalse("dest is not bogus", dest.isBogus());
+ } else if (total <= INT32_MAX) {
+ // Check that a string of exactly the maximum size works
+ UnicodeString str2;
+ int32_t remain = INT32_MAX - total;
+ char16_t *buf2 = str2.getBuffer(remain);
+ if (buf2 == nullptr) {
+ // if somehow memory allocation fail, return the test
+ return;
+ }
+ uprv_memset(buf2, 0x4e, remain * 2);
+ str2.releaseBuffer(remain);
+ dest.append(str2);
+ total += remain;
+ assertEquals("When a string of exactly the maximum size works", (int64_t)INT32_MAX, total);
+ assertEquals("When a string of exactly the maximum size works", INT32_MAX, dest.length());
+ assertFalse("dest is not bogus", dest.isBogus());
+
+ // Check that a string size+1 goes bogus
+ str2.truncate(1);
+ dest.append(str2);
+ total++;
+ assertTrue("dest should be bogus", dest.isBogus());
+ } else {
+ assertTrue("dest should be bogus", dest.isBogus());
+ }
+ }
+}
diff --git a/source/test/intltest/ustrtest.h b/source/test/intltest/ustrtest.h
index 4ba348c..d2d5ee1 100644
--- a/source/test/intltest/ustrtest.h
+++ b/source/test/intltest/ustrtest.h
@@ -96,6 +96,7 @@ public:
void TestUInt16Pointers();
void TestWCharPointers();
void TestNullPointers();
+ void TestLargeAppend();
};
#endif

26
icu-fix-memory-leak.patch
View File

@ -1,26 +0,0 @@
From 35a6cf2313357f9b58e60a000ea3f1d22e21dd65 Mon Sep 17 00:00:00 2001
From: songnannan2 <songnannan2@huawei.com>
Date: Tue, 18 Feb 2020 23:42:45 +0800
Subject: [PATCH] b
---
icu/source/common/uloc_tag.cpp | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/icu/source/common/uloc_tag.cpp b/icu/source/common/uloc_tag.cpp
index 87b9f63..6948e14 100644
--- a/source/common/uloc_tag.cpp
+++ b/source/common/uloc_tag.cpp
@@ -1242,7 +1242,8 @@ _appendLDMLExtensionAsKeywords(const char* ldmlext, ExtensionListEntry** appendT
attrBufIdx += (len + 1);
} else {
*status = U_ILLEGAL_ARGUMENT_ERROR;
- goto cleanup;
+ uprv_free(attr);
+ goto cleanup;
}
if (!_addAttributeToList(&attrFirst, attr)) {
--
2.19.1

17
icu.spec
View File

@ -1,21 +1,18 @@
Name: icu Name: icu
Version: 62.1 Version: 67.1
Release: 5 Release: 1
Summary: International Components for Unicode Summary: International Components for Unicode
License: MIT and UCD and Public Domain License: MIT and UCD and Public Domain
URL: http://site.icu-project.org/ URL: http://site.icu-project.org/
Source0: https://github.com/unicode-org/icu/releases/download/release-63-2/icu4c-62_1-src.tgz Source0: https://github.com/unicode-org/icu/releases/download/release-67-1/icu4c-67_1-src.tgz
Source1: icu-config.sh Source1: icu-config.sh
BuildRequires: gcc gcc-c++ doxygen autoconf python2 icu libicu-devel BuildRequires: gcc gcc-c++ doxygen autoconf python2 libicu
Requires: lib%{name} = %{version}-%{release} Requires: lib%{name} = %{version}-%{release}
Patch1: gennorm2-man.patch Patch1: gennorm2-man.patch
Patch2: icuinfo-man.patch Patch2: icuinfo-man.patch
Patch6000: icu-fix-memory-leak.patch
Patch6001: CVE-2020-10531.patch
%description %description
Tools and utilities for developing with icu. Tools and utilities for developing with icu.
@ -27,7 +24,7 @@ libs package for icu
e e
%package -n libicu-devel %package -n libicu-devel
Summary: header files for libicu Summary: header files for libicu
Requires: lib%{name} = %{version}-%{release} pkgconfig Requires: libicu = %{version}-%{release} pkgconfig
%description -n libicu-devel %description -n libicu-devel
header files for libicu header files for libicu
@ -78,6 +75,7 @@ chmod +x $RPM_BUILD_ROOT%{_libdir}/*.so.*
) )
install -p -m755 -D %{SOURCE1} $RPM_BUILD_ROOT%{_bindir}/icu-config install -p -m755 -D %{SOURCE1} $RPM_BUILD_ROOT%{_bindir}/icu-config
cp -a %{_libdir}/libicu*.so.62* %{buildroot}%{_libdir}
%check %check
if grep -q @VERSION@ source/tools/*/*.8 source/tools/*/*.1 source/config/*.1; then if grep -q @VERSION@ source/tools/*/*.8 source/tools/*/*.1 source/config/*.1; then
@ -129,6 +127,9 @@ LD_LIBRARY_PATH=lib:stubdata:tools/ctestfw:$LD_LIBRARY_PATH bin/uconv -l
%changelog %changelog
* Thu Jul 16 2020 hanhui <hanhui15@huawei.com> - 67.1
- update to icu4c-67.1
* Fri Mar 20 2020 gulining <gulining1@huawei.com> - 62.1-5 * Fri Mar 20 2020 gulining <gulining1@huawei.com> - 62.1-5
- fix CVE-2020-10531 - fix CVE-2020-10531

BIN
icu4c-62_1-src.tgz → icu4c-67_1-src.tgz
View File

Binary file not shown.