From 79330e12fe0aa31180c7d3d607015f53845f5bd1 Mon Sep 17 00:00:00 2001
From: dogsheng <960055655@qq.com>
Date: Wed, 25 Dec 2019 15:59:16 +0800
Subject: [PATCH] Package init

---
 CVE-2018-15173.patch | 43 +++++++++++++++++++++++++++++++++++++++++++
 nmap.spec            |  9 ++++++++-
 2 files changed, 51 insertions(+), 1 deletion(-)
 create mode 100644 CVE-2018-15173.patch

diff --git a/CVE-2018-15173.patch b/CVE-2018-15173.patch
new file mode 100644
index 0000000..c3109c2
--- /dev/null
+++ b/CVE-2018-15173.patch
@@ -0,0 +1,43 @@
+From 6d8bb6df229f7acf768bcebfe14cdc8c3dbbe92b Mon Sep 17 00:00:00 2001
+From: dmiller <dmiller@e0a8ed71-7df4-0310-8962-fdc924857419>
+Date: Wed, 8 Aug 2018 16:36:21 +0000
+Subject: [PATCH] Set limits on PCRE matches to avoid issues like #1147
+
+---
+ service_scan.cc | 15 +++++++++++++++
+ 1 file changed, 15 insertions(+)
+
+diff --git a/service_scan.cc b/service_scan.cc
+index 1fc8056884..79e92b8f21 100644
+--- a/service_scan.cc
++++ b/service_scan.cc
+@@ -489,6 +489,15 @@ void ServiceProbeMatch::InitMatch(const char *matchtext, int lineno) {
+   if (pcre_errptr != NULL)
+     fatal("%s: failed to pcre_study regexp on line %d of nmap-service-probes: %s\n", __func__, lineno, pcre_errptr);
+ 
++  // Set some limits to avoid evil match cases.
++  // These are flexible; if they cause problems, increase them.
++#ifdef PCRE_ERROR_MATCHLIMIT
++  regex_extra->match_limit = 100000; // 100K
++#endif
++#ifdef PCRE_ERROR_RECURSIONLIMIT
++  regex_extra->match_limit_recursion = 10000; // 10K
++#endif
++
+   free(modestr);
+   free(flags);
+ 
+@@ -568,6 +577,12 @@ const struct MatchDetails *ServiceProbeMatch::testMatch(const u8 *buf, int bufle
+       if (o.debugging || o.verbose > 1)
+         error("Warning: Hit PCRE_ERROR_MATCHLIMIT when probing for service %s with the regex '%s'", servicename, matchstr);
+     } else
++#endif // PCRE_ERROR_MATCHLIMIT
++#ifdef PCRE_ERROR_RECURSIONLIMIT
++    if (rc == PCRE_ERROR_RECURSIONLIMIT) {
++      if (o.debugging || o.verbose > 1)
++        error("Warning: Hit PCRE_ERROR_RECURSIONLIMIT when probing for service %s with the regex '%s'", servicename, matchstr);
++    } else
+ #endif // PCRE_ERROR_MATCHLIMIT
+       if (rc != PCRE_ERROR_NOMATCH) {
+         fatal("Unexpected PCRE error (%d) when probing for service %s with the regex '%s'", rc, servicename, matchstr);
+
diff --git a/nmap.spec b/nmap.spec
index 58c68f7..5c431bc 100644
--- a/nmap.spec
+++ b/nmap.spec
@@ -3,7 +3,7 @@
 Name:                nmap
 Epoch:               2
 Version:             7.70
-Release:             8
+Release:             9
 License:             Nmap
 Summary:             A tool for network discovery and security auditing.
 Requires:            %{name}-ncat = %{epoch}:%{version}-%{release}
@@ -15,6 +15,7 @@ Patch2:              nmap-4.52-noms.patch
 Patch3:              ncat_reg_stdin.patch
 Patch4:              nmap-6.25-displayerror.patch
 Patch6000:           CVE-2017-18594.patch
+Patch6001:	     CVE-2018-15173.patch
 
 BuildRequires:       gcc-c++ openssl-devel gtk2-devel lua-devel libpcap-devel pcre-devel desktop-file-utils
 BuildRequires:       dos2unix libtool automake autoconf gettext-devel libssh2-devel
@@ -73,6 +74,12 @@ ln -s ncat %{buildroot}%{_bindir}/nc
 %{_mandir}/man1/*.1.gz
 
 %changelog
+* Sat Dec 21 2019 openEuler Buildteam <buildteam@openeuler.org> - 2:7.70-9
+- Type:cves
+- ID:CVE-2018-15173
+- SUG:restart
+- DESC:fix CVE-2018-15173
+
 * Mon Oct 21 2019 openEuler Buildteam <buildteam@openeuler.org> - 2:7.70-8
 - Type:enhancement
 - Id:NA