debian/0000755000000000000000000000000012703723203007165 5ustar debian/libpcre3.docs0000644000000000000000000000002512024423620011533 0ustar README AUTHORS NEWS debian/changelog0000644000000000000000000005555512703722477011072 0ustar pcre3 (1:8.31-2ubuntu2.3) trusty; urgency=medium * Fix empty-matching possessive zero-repeat groups bug (LP: #1456195) -- Arne de Bruijn Wed, 13 Apr 2016 10:51:02 +0200 pcre3 (1:8.31-2ubuntu2.2) trusty-security; urgency=medium * SECURITY UPDATE: fix multiple security issues by applying patches from Debian jessie package: - 0001-Fix-overflow-when-ovector-has-size-1.patch - 794589-information-disclosure.patch - 0001-Fix-buffer-overflow-for-lookbehind-within-mutually-r.patch - 0001-Add-integer-overflow-check-to-n-code.patch - 0001-Fix-bug-for-classes-containing-sequences.patch - 0001-Fix-run-for-ever-bug-for-deeply-nested-sequences.patch - 0001-Make-pcregrep-q-override-l-and-c-for-compatibility-w.patch - 0001-Add-missing-integer-overflow-checks.patch - 0001-Fix-compile-time-loop-for-recursive-reference-within.patch - 0001-Fix-named-forward-reference-to-duplicate-group-numbe.patch - CVE-2015-2328, CVE-2015-8380, CVE-2015-8382, CVE-2015-8385, CVE-2015-8386, CVE-2015-8387, CVE-2015-8390, CVE-2015-8391, CVE-2015-8393, CVE-2015-8394 * SECURITY UPDATE: denial of service via pattern containing (*ACCEPT) substring with nested parantheses - debian/patches/apply-upstream-revision-1631-closes-8159: fix workspace overflow for (*ACCEPT) with deeply nested parentheses in pcreposix.c, pcre_compile.c, pcre_internal.h, add tests to testdata/testoutput11-8, testdata/testoutput11-16, testdata/testinput11. - CVE-2016-3191 * debian/rules: set make check to verbose. -- Marc Deslauriers Fri, 25 Mar 2016 07:55:28 -0400 pcre3 (1:8.31-2ubuntu2.1) trusty-security; urgency=low [ Seyeong Kim ] * SECURITY UPDATE: Heap buffer overflow in pcregrep - debian/patches/cve-2014-8964.patch: add ecode check. Based on upstream - CVE-2014-8964 * SECURITY UPDATE: PCRE Library Heap Overflow Vulnerability - debian/patches/cve-2015-2325.patch: change some variables pointer to integer, and related contents. Based on upstream patch - CVE-2015-2325 * SECURITY UPDATE: PCRE Library Heap overflow Vulnerability II - debian/patches/cve-2015-2326.patch: take save_hwm_offset out from adjust_recurse. Based on upstream patch - CVE-2015-2326 * SECURITY UPDATE: PCRE Library Heap Overflow Vulnerability in find_fixedlength() - debian/patches/cve-2015-5073.patch: add compare errorcode missing test code. Based on upstream patch - CVE-2015-5073 [ Marc Deslauriers ] * debian/patches/cve-2015-2325.patch: updated to fix test suite failure because of lack of auto-possessification in older pcre. -- Marc Deslauriers Fri, 24 Jul 2015 07:57:19 -0400 pcre3 (1:8.31-2ubuntu2) trusty; urgency=low * Don't patch the soname in the generated configure file, but in configure.ac. * Add symbols files to catch the practice to only change the soname in the generated files. -- Matthias Klose Tue, 03 Dec 2013 14:18:01 +0100 pcre3 (1:8.31-2ubuntu1) trusty; urgency=low * Use dh-autoreconf to update config files. * Use explicit stamp for the configure target. * Honor dpkg-buildflags. * Enable parallel builds. * Configure with --disable-silent-rules. -- Matthias Klose Tue, 03 Dec 2013 12:58:45 +0100 pcre3 (1:8.31-2) unstable; urgency=low * Build -dev package as Multi-arch: same. Thanks Steve Langasek / Ubuntu for the patch (Closes: 696217) -- Mark Baker Thu, 03 Jan 2013 20:30:05 +0000 pcre3 (1:8.31-1) unstable; urgency=low * New upstream release * Applied patch from upstream bugzilla #1287 to fix bug where wrong value is in re_nsub in some cases (Closes: #686495) -- Mark Baker Thu, 13 Sep 2012 19:58:45 +0100 pcre3 (1:8.30-5) unstable; urgency=low * There is no use in including debug information for the libraries from the udeb in the debug package; more importantly, because the installation system isn't multiarch, if they are included they result in arch specific files in arch independent paths (debug package is Multi-arch:same). Removed. (Closes: #670018) -- Mark Baker Tue, 01 May 2012 22:38:42 +0100 pcre3 (1:8.30-4) unstable; urgency=low * Reluctantly using an epoch, as it seems the funny version number with extra dots causes problems * Bumped standard version to 3.9.3. No changes needed * Converted to use new source format / quilt * Put back obsolete pcre_info() API that up * Don't include pcregrep binary in debug package Thanks to Elimar Riesebieter for the conversion to the new source format. -- Mark Baker Fri, 23 Mar 2012 22:34:54 +0000 pcre3 (8.30..-3) unstable; urgency=low * configure: fixed libpcreposix version (this is not the same bug as the previous one, though it's in the same few lines) -- Mark Baker Thu, 22 Mar 2012 19:45:03 +0000 pcre3 (8.30..-2) unstable; urgency=low * configure: Correct library version so soname is libpcre.so.3 instead of .2 (Closes: #664983) * Horrible version number is because of NMU of "8.30.really8.12-1.1"; this will sort between that and 8.31-1 -- Mark Baker Thu, 22 Mar 2012 17:52:35 +0000 pcre3 (8.30-1) unstable; urgency=low * New upstream release (Closes:#664166) -- Mark Baker Wed, 21 Mar 2012 21:03:39 +0000 pcre3 (8.12-4) unstable; urgency=low * Multi-arch support. Thanks Steve Langasek for patch (Closes: 634250) -- Mark Baker Mon, 18 Jul 2011 21:59:44 +0100 pcre3 (8.12-3) unstable; urgency=low * debian/rules: Increased shlib version to 8.10 (Closes: #612942, #613227, #613469, #614012, #615019) -- Mark Baker Sun, 20 Feb 2011 12:46:44 +0000 pcre3 (8.12-2) unstable; urgency=low * Include changes from Stéphane's NMU (including fix for bug 581202) that were accidentally omitted in previous release. * debian/control: -dbg package should be section debug, priority extra -- Mark Baker Tue, 08 Feb 2011 20:38:49 +0000 pcre3 (8.12-1) unstable; urgency=low * New upstream release (Closes: #554242) -- Mark Baker Mon, 07 Feb 2011 23:53:42 +0000 pcre3 (8.02-1.1) unstable; urgency=low * Non-maintainer upload. * Add explicit Breaks to applications using libpcre-ocaml, to allow proper upgrades from lenny (Closes: #581202) * Add debian/watch * Add debian/source/format * Remove duplicate fields spotted by Lintian * Promote XC-Package-Type field to Package-Type -- Stéphane Glondu Sat, 31 Jul 2010 16:05:27 -0400 pcre3 (8.02-1) unstable; urgency=low * New upstream release -- Mark Baker Fri, 07 May 2010 21:18:05 +0100 pcre3 (7.8-3) unstable; urgency=low * debian/rules: Install main library in /lib (Closes: 350468, #549608) * debian/pcre-config.1: Minor formatting changes (thanks Alexander Peslyak) (Closes: 338658) * Makefile.am,Makefile.in: Added libpcre.la to LDADD for various things; apparently this will make it cross-build successfully (Closes: 492565) * debian/control: Added ${misc:Depends} to dependencies for all the binary packages * debian/rules: Don't ignore errors from make distclean -- Mark Baker Wed, 07 Oct 2009 00:05:25 +0100 pcre3 (7.8-2) unstable; urgency=low * debian/rules: Bumped shlib version to 7.7 because of new feature in that version (Closes: #500987) -- Mark Baker Sun, 05 Oct 2008 17:06:46 +0100 pcre3 (7.8-1) unstable; urgency=low * New upstream release -- Mark Baker Sun, 21 Sep 2008 21:23:00 +0100 pcre3 (7.6-2.1) unstable; urgency=high * Non-maintainer upload. * Fix heap overflow in the pcre compiler triggered by patterns which contain options and multiple branches (CVE-2008-2371; Closes: #488919). * debian/rules (patch by Bryan Donlan): Update shlibdeps invocation for libpcrecpp0 due to new symbols (Closes: #476925). * debian/copyright: replace license information with the current license information shipped with upstream sources (Closes: #489318). -- Nico Golde Mon, 14 Jul 2008 19:13:11 +0200 pcre3 (7.6-2) unstable; urgency=low * pcrecpp.cc: Applied patch from PCRE bugzilla (bug 664) to fix ABI breakage (Closes: #463170, #463266, #463413, #464974) -- Mark Baker Wed, 13 Feb 2008 22:19:35 +0000 pcre3 (7.6-1) unstable; urgency=low * New upstream release * Ship pcredemo.c in examples directory (Closes: #377587) -- Mark Baker Mon, 28 Jan 2008 23:01:05 +0000 pcre3 (7.4-1) unstable; urgency=low * Build a -dbg package with debug symbols Thanks to Sebastian Dröge ,for all of the following: * New upstream release (Closes: #453372). * debian/control, debian/rules: + Provide udeb (Closes: #443114). Build depend on debhelper (>= 5.0.22) for this. * debian/rules: + Bump shlibs to >= 7.4 (Closes: #449289). * debian/compat: + Update debhelper compat level to 5. * debian/control: + Update Standards-Version to 3.7.3, no additional changes needed. + Use ${binary:Version} instead of ${Source-Version} to make package binNMU safe. * debian/*.files, debian/*.install, debian/rules: + Convert from dh_movefiles to dh_install. * debian/*.dirs: + Removed, not necessary. -- Mark Baker Mon, 7 Jan 2008 21:03:34 +0000 pcre3 (7.3-2) unstable; urgency=low * Overloaded RE::Init(), for compatibility with PCRE 6.x API (Closes #436210). Thanks to Matthias Klose for the patch. * Increased shlibdeps from 4.5 to 6.0. 6.0 introduced a new function (pcre_compile2) to the API, so anything using that requires at least 6.0. (Closes #441345) -- Mark Baker Mon, 7 Jan 2008 21:02:52 +0000 pcre3 (7.3-1) unstable; urgency=low * New upstream release -- Mark Baker Tue, 28 Aug 2007 20:53:39 +0100 pcre3 (7.2-1) unstable; urgency=low * New upstream release (Closes: #420280) * debian/rules: dummy binary-indep target (Closes: #395730) -- Mark Baker Fri, 3 Aug 2007 23:06:28 +0100 pcre3 (6.7-1) unstable; urgency=low * New upstream release (Closes: #389305) -- Mark Baker Mon, 25 Sep 2006 23:24:55 +0100 pcre3 (6.4-2) unstable; urgency=low * Makefile.in: Install pcrepartial.3 (Closes: #362011) * doc/pcreapi.3, doc/pcre_version.3: document pcre_version() as returning a const char * not a char * (Closes: #278619) * debian/libpcre3-dev.files: install libpcre.pc (Closes: #359662) * doc/pcregrep.1: fixed typo (Closes: #310338) * debian/control: drop dummy pgrep package (Closes: #247550) -- Mark Baker Thu, 27 Apr 2006 22:32:06 +0100 pcre3 (6.4-1.1) unstable; urgency=low * Split out the C++ library into it's own package libpcrecpp0, as discussed in #339250. The C++ library was recently added, no package references the C++ library yet. Closes: #339250. * debian/rules: Remove testsavedregex in clean target. -- Matthias Klose Fri, 25 Nov 2005 07:59:14 +0100 pcre3 (6.4-1) unstable; urgency=low * New upstream release (Closes: 333191) -- Mark Baker Mon, 10 Oct 2005 23:14:53 +0100 pcre3 (6.3-1) unstable; urgency=low * New upstream release (Closes: 323761). * This includes fix to security issue CAN-2005-2491 (Closes: 324531) -- Mark Baker Sat, 27 Aug 2005 18:12:22 +0100 pcre3 (5.0-1.1) unstable; urgency=low * Non-maintainer upload. * Correct an alignment error in the pcretest.c test case, which was causing build failures on ia64 (closes: #309606). -- Steve Langasek Thu, 26 May 2005 05:15:34 +0000 pcre3 (5.0-1) unstable; urgency=low * New upstream release (Closes: #295287) - compatible, so same soname and package name can be used. * Compile with --enable-unicode-properties, a new feature of PCRE 5.0 * Removed . from description in control file * Included patch from Niibe Yutaka for cross building (Closes: #285407) Thanks Andreas for the NMU, which this is based on (Closes: #237644, #237265) -- Mark Baker Wed, 16 Feb 2005 21:47:14 +0000 pcre3 (4.5-1.1) unstable; urgency=low * NMU to fix rc-bugs. * Update libtool related files to fix build-error on mips, keep original config.in, as it is no generated file. (Closes: #237265) * pcregrep replaces pgrep. (Closes: #237564) * Bump shlibs, pcre 4.5 includes two new functions. * Let pgrep's /usr/share/doc symlink point to the package it depends on, pcregrep. -- Andreas Metzler Fri, 12 Mar 2004 13:23:02 +0100 pcre3 (4.5-1) unstable; urgency=low * New upstream release Thanks to Andreas Metzler for patches for all the following: * doc/pcregrep.1: added newline between synopsis for pcregrep and that for zpcregrp (Closes: #197899) * debian/control: Change package descriptions (Closes: #209904) * debian/rules and others: Renamed pgrep package to pcregrep, to match name of binary and avoid confusion with pgrep (which greps for processes, and is in the procps package; a dummy pgrep package will ease upgrades (Closes: #217076) -- Mark Baker Wed, 25 Feb 2004 20:49:33 +0000 pcre3 (4.3-4) unstable; urgency=low * debian/libpcre3.files: include pcrepattern(3) manpage in libpcre3 package instead of libpcre3-dev package. This means that anyone using a PCRE based application will have the man page available. -- Mark Baker Thu, 8 Jan 2004 21:19:51 +0000 pcre3 (4.3-3) unstable; urgency=low * ltmain.sh: Replaced with standard version from debian libtool package, but with Phil Hazel's patch applied (although I suspect his patch isn't necessary on debian systems). (Closes: #198147, #198668) I hope. -- Mark Baker Wed, 25 Jun 2003 21:09:22 +0100 pcre3 (4.3-2) unstable; urgency=low * pcretest.c: Cheat at test! Always print 40 instead of the size, because the size varies on different architectures, and we don't really want to fail the test because of this. -- Mark Baker Thu, 19 Jun 2003 21:00:39 +0100 pcre3 (4.3-1) unstable; urgency=low This release is entirely the work of Andreas Metzler . Thanks Andreas. * new upstream version (Closes: 182570) * this version apparently fixes infinite loop bug (Closes: 161184) * repacked using debhelper and upstream's Makefile. Switch to libtool's versioning scheme, see debian/README.Versioning.libtool for details. (Closes: #187371) * (however, don't ship .la files, they only give libtool strange ideas, see http://lists.debian.org/debian-devel/2003/debian-devel-200304/msg00827.html for an example.) * changed compile-options to really follow policy 3.5.7 * debian/control: changed description to say "Perl 5" as Perl 6, when it eventually appears, will have yet another different regex syntax (Closes: #166939) -- Mark Baker Mon, 16 Jun 2003 22:11:08 +0100 pcre3 (3.9-1) unstable; urgency=low * New upstream version (Closes: #119429, #161424) * Added zpcregrep script by Samuel Tardieu (Closes: #36897) * doc/pcregrep.1: mention zpcregrep * debian/rules: use && in test rule rather than -a option to test, for better POSIX compatibility (Closes: #158775) * debian/Makefile: build pcretest once with -rpath for doing tests, and once without, so that: * debian/rules: install pcretest program (Closes: #162998) * Don't create or remove /usr/doc/foo symlinks. This means that none of the packages have prerms and only libpcre3 has a postinst * debian/copyright: corrected to "Debian GNU/Linux" * debian/control: standards version updated to 3.5.7.0 * debian/rules: strip comment and note sections from libraries * The result of the last four changes is that it should now be lintian-clean apart from one caused by a known bug in lintian (see lintian bug #117260) (Closes: #162999) -- Mark Baker Sat, 26 Oct 2002 18:12:13 +0100 pcre3 (3.4-1.1) unstable; urgency=high * Non-maintainer upload. * Rebuild with a version of libc6 without a broken atexit() symbol (closes: #108597, critical). * Add to LD_LIBRARY_PATH rather than clobbering it, to avoid fakeroot dying (closes: #108661, #108891). -- Colin Watson Sun, 19 Aug 2001 20:43:28 +0100 pcre3 (3.4-1) unstable; urgency=low * new upstream version (Closes: #93876) -- Mark Baker Sat, 28 Apr 2001 00:05:22 +0100 pcre3 (3.3-5) unstable; urgency=low * debian/rules: install pcregrep as that name (only) rather than as pgrep with a symlink called pcregrep. This avoids a name clash with the process table grepper also called pgrep. * doc/pcregrep.1: change name of program being documented (back) to pcregrep. -- Mark Baker Tue, 23 Jan 2001 23:54:08 +0000 pcre3 (3.3-4) unstable; urgency=low * debian/rules: only install config files that are meant to be installed in libpcre3-dev package (Closes: #78354) * debian/Makefile: distclean target clears up configure output -- Mark Baker Wed, 29 Nov 2000 23:59:19 +0000 pcre3 (3.3-3) unstable; urgency=low * debian/rules: make debian/Makefile executable before trying to run it (Closes: #74316) -- Mark Baker Sun, 8 Oct 2000 21:18:15 +0100 pcre3 (3.3-2) unstable; urgency=low * debian/rules: pgrep should symlink to docs in /usr/doc/libpcre3, not /usr/doc/libpcre2 * debian/rules: manpage pgrep.1.gz should not be installed as executable! * debian/rules: pcregrep.1.gz is symlink to pgrep.1.gz * doc/pcre-config.1: basic manpage for pcre-config written * debian/rules: install pcre-config.1 * debian/rules: use -isp option to dpkg-gencontrol -- Mark Baker Tue, 22 Aug 2000 00:11:54 +0100 pcre3 (3.3-1) unstable; urgency=low * new package for pcre 3.x -- Mark Baker Sat, 19 Aug 2000 13:44:00 +0000 pcre2 (2.08-1) unstable; urgency=low What follows is the changelog from pcre2, up to the point where the pcre3 package was made. * new upstream version (#50386) * put -lc after -lpcre when linking libpcreposix (#50046) -- Mark Baker Thu, 18 Nov 1999 21:45:14 +0000 pcre2 (2.07-2) unstable; urgency=low * debian/rules: use /usr/share/doc and /usr/share/man, as mandated by policy 3.1.0 * debian/postinst: create /usr/doc symlink; don't install library * debian/postinst-lib (new file): create /usr/doc symlink and install library * debian/prerm: remove /usr/doc symlink * debian/rules: install postinst and prerm for all packages; but postinst-lib for library package -- Mark Baker Sat, 13 Nov 1999 18:57:59 +0000 pcre2 (2.07-1) unstable; urgency=low * new upstream version * pcre.c, pcre.h: new upstream version is incompatible with old one! I've done a nasty hack so that old binaries will still work. Old source won't, but at least it won't fail silently so this shouldn't be a major problem. * debian/rules: /usr/doc/pgrep should be a link to libpcre2, not libpcre1 (#42450) -- Mark Baker Tue, 3 Aug 1999 23:58:35 +0100 pcre2 (2.05-1) unstable; urgency=low * new upstream version (#36776) -- Mark Baker Tue, 27 Apr 1999 23:00:25 +0100 pcre2 (2.02-3) unstable; urgency=low * pcre.3: removed description of regular expression syntax and semantics * pcre.7: new file, containing material removed from above (this is so it can be put in the libpcre2 package (#34087) -- Mark Baker Fri, 5 Mar 1999 01:08:47 +0000 pcre2 (2.02-2) unstable; urgency=low * debian/rules: install copyright in correct location in libpcre2-dev; a typo before meant the package wouldn't install * debian/shlibs: update to refer to libpcre2 instead of libpcre1 -- Mark Baker Fri, 29 Jan 1999 00:12:00 +0000 pcre2 (2.02-1) unstable; urgency=low * first release of pcre2 * install source of pgrep (it's small) in /usr/doc/libpcre2-dev/examples -- Mark Baker Thu, 28 Jan 1999 00:45:00 +0000 pcre (1.09-2) unstable; urgency=low What follows is the changelog from pcre 1, up to the point where the pcre2 package was made. The changes are not that large but the API, and therefore the ABI, are changed so version 2 is not compatible. * pcreposix.c,pcreposix.h: prefixed function names with pcreposix_ * pcreposix.h: #defines so un-prefixed names can be used * These mean pcre routines will be used instead of the regex library built into libc (#22525) * debian/shlibs: pcreposix needs libpcre1 >=1.09-2 now * debian/rules: it's not pcre 1.01 any more. -- Mark Baker Sat, 30 May 1998 16:54:31 +0100 pcre (1.09-1) unstable; urgency=low * New upstream version -- Mark Baker Sat, 28 Feb 1998 21:29:07 +0000 pcre (1.08-1) unstable; urgency=low * New upstream version (new features, so in unstable only) -- Mark Baker Sat, 28 Feb 1998 21:29:07 +0000 pcre (1.06-3) unstable; urgency=low * Strip pgrep -- Mark Baker Sat, 28 Feb 1998 21:29:07 +0000 pcre (1.06-2) unstable; urgency=low * Extended description for pgrep * Compress manpage * Updated standards-version to 2.4.0.0 -- Mark Baker Mon, 9 Feb 1998 23:56:15 +0000 pcre (1.06-1) unstable; urgency=low * New upstream version (bug fixes) -- Mark Baker Sun, 25 Jan 1998 22:37:37 +0000 pcre (1.05-2) unstable; urgency=low * Remove debian/*~ in clean target * Only run ldconfig on "configure" -- Mark Baker Wed, 7 Jan 1998 21:14:51 +0000 pcre (1.05-1) unstable; urgency=low * New upstream version (bug fixes) -- Mark Baker Sat, 27 Dec 1997 11:26:32 +0000 pcre (1.02-1) unstable; urgency=low * New upstream version -- Mark Baker Sat, 13 Dec 1997 22:01:48 +0000 pcre (1.01-4) unstable; urgency=low * Use -fPIC instead of -fpic (identical on i386, but different on other architectures like m68k) * Nasty trick so pgrep gets the right dependencies whether or not libpcre1 is installed -- Mark Baker Tue, 2 Dec 1997 17:57:07 +0000 pcre (1.01-3) unstable; urgency=low * Apply patch to manpage from Karl Hegbloom * Rewritten makefile (copy sent upstream) -- Mark Baker Tue, 25 Nov 1997 12:12:05 +0000 pcre (1.01-2) unstable; urgency=low * Correct typo (libprce) in debian/rules * Use gcc instead of ld in makefile * Build static libraries * Use shlibdeps instead of hard-coding libc6 * Use --strip-unneeded when stripping -- Mark Baker Fri, 21 Nov 1997 23:52:06 +0000 pcre (1.01-1) unstable; urgency=low * Initial debian release -- Mark Baker Fri, 21 Nov 1997 20:36:13 +0000 debian/libpcre3.install0000644000000000000000000000016512024423617012264 0ustar debian/tmp/usr/lib/*/libpcre.so.* debian/tmp/usr/lib/*/libpcreposix.so.* debian/tmp/usr/share/man/man3/pcrepattern.3 debian/compat0000644000000000000000000000000212024423620010357 0ustar 5 debian/libpcrecpp0.install0000644000000000000000000000004512024423617012761 0ustar debian/tmp/usr/lib/*/libpcrecpp.so.* debian/pcregrep.links0000644000000000000000000000016112024423620012030 0ustar usr/share/doc/libpcre3 usr/share/doc/pcregrep usr/share/man/man1/pcregrep.1.gz usr/share/man/man1/zpcregrep.1.gz debian/libpcre3.symbols0000644000000000000000000000306412247356651012321 0ustar libpcre.so.3 libpcre3 _pcre_OP_lengths@Base 8.10 _pcre_default_tables@Base 8.10 _pcre_find_bracket@Base 8.10 _pcre_is_newline@Base 8.10 _pcre_ord2utf@Base 8.10 _pcre_ucd_records@Base 8.10 _pcre_ucd_stage1@Base 8.10 _pcre_ucd_stage2@Base 8.10 _pcre_ucp_gentype@Base 8.10 _pcre_utf8_table1@Base 8.10 _pcre_utf8_table1_size@Base 8.10 _pcre_utf8_table2@Base 8.10 _pcre_utf8_table3@Base 8.10 _pcre_utf8_table4@Base 8.10 _pcre_utt@Base 8.10 _pcre_utt_names@Base 8.10 _pcre_utt_size@Base 8.10 _pcre_valid_utf@Base 8.10 _pcre_was_newline@Base 8.10 _pcre_xclass@Base 8.10 pcre_assign_jit_stack@Base 8.10 pcre_callout@Base 8.10 pcre_compile2@Base 8.10 pcre_compile@Base 8.10 pcre_config@Base 8.10 pcre_copy_named_substring@Base 8.10 pcre_copy_substring@Base 8.10 pcre_dfa_exec@Base 8.10 pcre_exec@Base 8.10 pcre_free@Base 8.10 pcre_free_study@Base 8.10 pcre_free_substring@Base 8.10 pcre_free_substring_list@Base 8.10 pcre_fullinfo@Base 8.10 pcre_get_named_substring@Base 8.10 pcre_get_stringnumber@Base 8.10 pcre_get_stringtable_entries@Base 8.10 pcre_get_substring@Base 8.10 pcre_get_substring_list@Base 8.10 pcre_info@Base 8.10 pcre_jit_stack_alloc@Base 8.10 pcre_jit_stack_free@Base 8.10 pcre_maketables@Base 8.10 pcre_malloc@Base 8.10 pcre_pattern_to_host_byte_order@Base 8.10 pcre_refcount@Base 8.10 pcre_stack_free@Base 8.10 pcre_stack_malloc@Base 8.10 pcre_study@Base 8.10 pcre_version@Base 8.10 libpcreposix.so.3 libpcre3 pcreposix_regcomp@Base 8.10 pcreposix_regerror@Base 8.10 pcreposix_regexec@Base 8.10 pcreposix_regfree@Base 8.10 debian/libpcre3-udeb.install0000644000000000000000000000013112024423617013172 0ustar debian/tmp/usr/lib/*/libpcre.so.* usr/lib debian/tmp/usr/lib/*/libpcreposix.so.* usr/lib debian/libpcre3-dev.install0000644000000000000000000000025712024423617013042 0ustar debian/tmp/usr/include/* debian/tmp/usr/lib/*/lib*.a debian/tmp/usr/lib/*/lib*.so debian/tmp/usr/lib/*/pkgconfig/* debian/tmp/usr/bin/*-config debian/tmp/usr/share/man/man3/* debian/libpcrecpp0.symbols0000644000000000000000000001117112247356600013011 0ustar libpcrecpp.so.0 libpcrecpp0 #MINVER# _ZN7pcrecpp2RE4InitEPKcPKNS_10RE_OptionsE@Base 7.7 _ZN7pcrecpp2RE4InitERKSsPKNS_10RE_OptionsE@Base 7.7 _ZN7pcrecpp2RE6no_argE@Base 7.7 _ZN7pcrecpp2RE7CleanupEv@Base 7.7 _ZN7pcrecpp2RE7CompileENS0_6AnchorE@Base 7.7 _ZN7pcrecpp2RE9QuoteMetaERKNS_11StringPieceE@Base 7.7 _ZN7pcrecpp2RED1Ev@Base 7.7 _ZN7pcrecpp2RED2Ev@Base 7.7 _ZN7pcrecpp3Arg10parse_charEPKciPv@Base 7.7 _ZN7pcrecpp3Arg10parse_longEPKciPv@Base 7.7 _ZN7pcrecpp3Arg10parse_nullEPKciPv@Base 7.7 _ZN7pcrecpp3Arg10parse_uintEPKciPv@Base 7.7 _ZN7pcrecpp3Arg11parse_floatEPKciPv@Base 7.7 _ZN7pcrecpp3Arg11parse_shortEPKciPv@Base 7.7 _ZN7pcrecpp3Arg11parse_ucharEPKciPv@Base 7.7 _ZN7pcrecpp3Arg11parse_ulongEPKciPv@Base 7.7 _ZN7pcrecpp3Arg12parse_doubleEPKciPv@Base 7.7 _ZN7pcrecpp3Arg12parse_stringEPKciPv@Base 7.7 _ZN7pcrecpp3Arg12parse_ushortEPKciPv@Base 7.7 _ZN7pcrecpp3Arg13parse_int_hexEPKciPv@Base 7.7 _ZN7pcrecpp3Arg14parse_long_hexEPKciPv@Base 7.7 _ZN7pcrecpp3Arg14parse_longlongEPKciPv@Base 7.7 _ZN7pcrecpp3Arg14parse_uint_hexEPKciPv@Base 7.7 _ZN7pcrecpp3Arg15parse_int_octalEPKciPv@Base 7.7 _ZN7pcrecpp3Arg15parse_int_radixEPKciPvi@Base 7.7 _ZN7pcrecpp3Arg15parse_short_hexEPKciPv@Base 7.7 _ZN7pcrecpp3Arg15parse_ulong_hexEPKciPv@Base 7.7 _ZN7pcrecpp3Arg15parse_ulonglongEPKciPv@Base 7.7 _ZN7pcrecpp3Arg16parse_int_cradixEPKciPv@Base 7.7 _ZN7pcrecpp3Arg16parse_long_octalEPKciPv@Base 7.7 _ZN7pcrecpp3Arg16parse_long_radixEPKciPvi@Base 7.7 _ZN7pcrecpp3Arg16parse_uint_octalEPKciPv@Base 7.7 _ZN7pcrecpp3Arg16parse_uint_radixEPKciPvi@Base 7.7 _ZN7pcrecpp3Arg16parse_ushort_hexEPKciPv@Base 7.7 _ZN7pcrecpp3Arg17parse_long_cradixEPKciPv@Base 7.7 _ZN7pcrecpp3Arg17parse_short_octalEPKciPv@Base 7.7 _ZN7pcrecpp3Arg17parse_short_radixEPKciPvi@Base 7.7 _ZN7pcrecpp3Arg17parse_stringpieceEPKciPv@Base 7.7 _ZN7pcrecpp3Arg17parse_uint_cradixEPKciPv@Base 7.7 _ZN7pcrecpp3Arg17parse_ulong_octalEPKciPv@Base 7.7 _ZN7pcrecpp3Arg17parse_ulong_radixEPKciPvi@Base 7.7 _ZN7pcrecpp3Arg18parse_longlong_hexEPKciPv@Base 7.7 _ZN7pcrecpp3Arg18parse_short_cradixEPKciPv@Base 7.7 _ZN7pcrecpp3Arg18parse_ulong_cradixEPKciPv@Base 7.7 _ZN7pcrecpp3Arg18parse_ushort_octalEPKciPv@Base 7.7 _ZN7pcrecpp3Arg18parse_ushort_radixEPKciPvi@Base 7.7 _ZN7pcrecpp3Arg19parse_ulonglong_hexEPKciPv@Base 7.7 _ZN7pcrecpp3Arg19parse_ushort_cradixEPKciPv@Base 7.7 _ZN7pcrecpp3Arg20parse_longlong_octalEPKciPv@Base 7.7 _ZN7pcrecpp3Arg20parse_longlong_radixEPKciPvi@Base 7.7 _ZN7pcrecpp3Arg21parse_longlong_cradixEPKciPv@Base 7.7 _ZN7pcrecpp3Arg21parse_ulonglong_octalEPKciPv@Base 7.7 _ZN7pcrecpp3Arg21parse_ulonglong_radixEPKciPvi@Base 7.7 _ZN7pcrecpp3Arg22parse_ulonglong_cradixEPKciPv@Base 7.7 _ZN7pcrecpp3Arg9parse_intEPKciPv@Base 7.7 _ZN7pcrecpp6no_argE@Base 7.7 _ZN7pcrecpp7Scanner10EnableSkipEv@Base 7.7 _ZN7pcrecpp7Scanner11ConsumeSkipEv@Base 7.7 _ZN7pcrecpp7Scanner11DisableSkipEv@Base 7.7 _ZN7pcrecpp7Scanner11GetCommentsEiiPSt6vectorINS_11StringPieceESaIS2_EE@Base 7.7 _ZN7pcrecpp7Scanner15GetNextCommentsEPSt6vectorINS_11StringPieceESaIS2_EE@Base 7.7 _ZN7pcrecpp7Scanner17SetSkipExpressionEPKc@Base 7.7 _ZN7pcrecpp7Scanner4SkipEPKc@Base 7.7 _ZN7pcrecpp7Scanner7ConsumeERKNS_2REERKNS_3ArgES6_S6_@Base 7.7 _ZN7pcrecpp7ScannerC1ERKSs@Base 7.7 _ZN7pcrecpp7ScannerC1Ev@Base 7.7 _ZN7pcrecpp7ScannerC2ERKSs@Base 7.7 _ZN7pcrecpp7ScannerC2Ev@Base 7.7 _ZN7pcrecpp7ScannerD1Ev@Base 7.7 _ZN7pcrecpp7ScannerD2Ev@Base 7.7 _ZNK7pcrecpp2RE11DoMatchImplERKNS_11StringPieceENS0_6AnchorEPiPKPKNS_3ArgEiS5_i@Base 7.7 _ZNK7pcrecpp2RE12PartialMatchERKNS_11StringPieceERKNS_3ArgES6_S6_S6_S6_S6_S6_S6_S6_S6_S6_S6_S6_S6_S6_S6_@Base 7.7 _ZNK7pcrecpp2RE13GlobalReplaceERKNS_11StringPieceEPSs@Base 7.7 _ZNK7pcrecpp2RE14FindAndConsumeEPNS_11StringPieceERKNS_3ArgES5_S5_S5_S5_S5_S5_S5_S5_S5_S5_S5_S5_S5_S5_S5_@Base 7.7 _ZNK7pcrecpp2RE23NumberOfCapturingGroupsEv@Base 7.7 _ZNK7pcrecpp2RE7ConsumeEPNS_11StringPieceERKNS_3ArgES5_S5_S5_S5_S5_S5_S5_S5_S5_S5_S5_S5_S5_S5_S5_@Base 7.7 _ZNK7pcrecpp2RE7DoMatchERKNS_11StringPieceENS0_6AnchorEPiPKPKNS_3ArgEi@Base 7.7 _ZNK7pcrecpp2RE7ExtractERKNS_11StringPieceES3_PSs@Base 7.7 _ZNK7pcrecpp2RE7ReplaceERKNS_11StringPieceEPSs@Base 7.7 _ZNK7pcrecpp2RE7RewriteEPSsRKNS_11StringPieceES4_Pii@Base 7.7 _ZNK7pcrecpp2RE8TryMatchERKNS_11StringPieceEiNS0_6AnchorEbPii@Base 7.7 _ZNK7pcrecpp2RE9FullMatchERKNS_11StringPieceERKNS_3ArgES6_S6_S6_S6_S6_S6_S6_S6_S6_S6_S6_S6_S6_S6_S6_@Base 7.7 _ZNK7pcrecpp7Scanner10LineNumberEv@Base 7.7 _ZNK7pcrecpp7Scanner6OffsetEv@Base 7.7 _ZNK7pcrecpp7Scanner9LookingAtERKNS_2REE@Base 7.7 _ZNSt6vectorIN7pcrecpp11StringPieceESaIS1_EE13_M_insert_auxEN9__gnu_cxx17__normal_iteratorIPS1_S3_EERKS1_@Base 7.7 _ZlsRSoRKN7pcrecpp11StringPieceE@Base 7.7 debian/dirs0000644000000000000000000000002112024423617010044 0ustar usr/bin usr/sbin debian/rules0000755000000000000000000001015712675122273010261 0ustar #!/usr/bin/make -f # Sample debian/rules that uses debhelper. # GNU copyright 1997 to 1999 by Joey Hess. # Uncomment this to turn on verbose mode. #export DH_VERBOSE=1 # These are used for cross-compiling and for saving the configure script # from having to guess our platform (since we know it already) DEB_HOST_GNU_TYPE ?= $(shell dpkg-architecture -qDEB_HOST_GNU_TYPE) DEB_BUILD_GNU_TYPE ?= $(shell dpkg-architecture -qDEB_BUILD_GNU_TYPE) DEB_HOST_MULTIARCH ?= $(shell dpkg-architecture -qDEB_HOST_MULTIARCH) COMMA = , ifneq (,$(filter parallel=%,$(subst $(COMMA), ,$(DEB_BUILD_OPTIONS)))) NJOBS := -j $(subst parallel=,,$(filter parallel=%,$(subst $(COMMA), ,$(DEB_BUILD_OPTIONS)))) endif CFLAGS := -Wall $(shell dpkg-buildflags --get CFLAGS) CPPFLAGS := $(shell dpkg-buildflags --get CPPFLAGS) LDFLAGS := $(shell dpkg-buildflags --get LDFLAGS) INSTALL = install INSTALL_FILE = $(INSTALL) -p -o root -g root -m 644 INSTALL_PROGRAM = $(INSTALL) -p -o root -g root -m 755 INSTALL_SCRIPT = $(INSTALL) -p -o root -g root -m 755 INSTALL_DIR = $(INSTALL) -p -d -o root -g root -m 755 ifeq (,$(findstring nostrip,$(DEB_BUILD_OPTIONS))) INSTALL_PROGRAM += -s endif configure-stamp: dh_testdir # Add here commands to configure the package. dh_autoreconf CC_FOR_BUILD=cc CPPFLAGS="$(CPPFLAGS)" CFLAGS="$(CFLAGS)" LDFLAGS="$(LDFLAGS)" \ ./configure \ --host=$(DEB_HOST_GNU_TYPE) --build=$(DEB_BUILD_GNU_TYPE) \ --prefix=/usr --mandir=\$${prefix}/share/man \ --infodir=\$${prefix}/share/info \ --libdir=\$${prefix}/lib/$(DEB_HOST_MULTIARCH) \ --enable-utf8 --enable-unicode-properties \ --disable-silent-rules touch configure-stamp build: build-arch build-indep build-arch: build-stamp build-indep: build-stamp build-stamp: configure-stamp dh_testdir # Add here commands to compile the package. $(MAKE) $(NJOBS) ifeq ($(DEB_BUILD_GNU_TYPE),$(DEB_HOST_GNU_TYPE)) $(MAKE) check VERBOSE=1 endif touch build-stamp clean: dh_testdir dh_testroot rm -f configure-stamp build-stamp # Add here commands to clean up after the build process. [ ! -f Makefile ] || $(MAKE) distclean ### -test -r /usr/share/misc/config.sub && \ ### cp -f /usr/share/misc/config.sub config.sub ### -test -r /usr/share/misc/config.guess && \ ### cp -f /usr/share/misc/config.guess config.guess rm -f dftables testsavedregex dh_autoreconf_clean dh_clean install: build dh_testdir dh_testroot dh_clean -k dh_installdirs # Add here commands to install the package into debian/tmp $(MAKE) install DESTDIR=$(CURDIR)/debian/tmp # Build architecture-dependent files here. binary-arch: build install dh_testdir -a dh_testroot -a dh_install -a # This man page is in the main package, don't want it in -dev rm debian/libpcre3-dev/usr/share/man/man3/pcrepattern.3 # Move actual library to /lib mkdir -p debian/libpcre3/lib/$(DEB_HOST_MULTIARCH) mv debian/libpcre3/usr/lib/$(DEB_HOST_MULTIARCH)/libpcre.so.* debian/libpcre3/lib/$(DEB_HOST_MULTIARCH) ln -sf /lib/$(DEB_HOST_MULTIARCH)/libpcre.so.3 debian/libpcre3-dev/usr/lib/$(DEB_HOST_MULTIARCH)/libpcre.so # we never need to reference the library path in pcre-config on # Debian, so clip it out so that the script will be multiarch-safe. sed -i -e"s,/$(DEB_HOST_MULTIARCH),,g" debian/libpcre3-dev/usr/bin/pcre-config dh_link -a # dh_installdebconf -a dh_installdocs -a dh_installexamples -a # dh_installmenu -a # dh_installlogrotate -a # dh_installemacsen -a # dh_installpam -a # dh_installmime -a # dh_installinit -a # dh_installcron -a dh_installman -a dh_installinfo -a # dh_undocumented -a dh_installchangelogs -a ChangeLog dh_strip -a --dbg-package=libpcre3-dbg # Don't include pcregrep or libraries from udeb in debug package rm -r debian/libpcre3-dbg/usr/lib/debug/usr/bin rm debian/libpcre3-dbg/usr/lib/debug/usr/lib/libpcre* dh_compress -a dh_fixperms -a dh_makeshlibs -plibpcre3 --add-udeb="libpcre3-udeb" dh_makeshlibs -plibpcrecpp0 dh_installdeb -a # dh_perl -a dh_shlibdeps -a -ldebian/libpcre3/usr/lib/$(DEB_HOST_MULTIARCH) dh_gencontrol -a dh_md5sums -a dh_builddeb -a binary-indep: binary: binary-arch binary-indep .PHONY: build clean binary-arch binary install debian/patches/0000755000000000000000000000000012703722433010620 5ustar debian/patches/pcreposix.patch0000644000000000000000000000227412024423620013652 0ustar From: Mark Baker Description: Fix PCRE posix interface otherwise libc regexes are used (Bug 22525) Index: pcre-8.30/pcreposix.h =================================================================== --- pcre-8.30.orig/pcreposix.h 2011-12-28 17:57:51.000000000 +0100 +++ pcre-8.30/pcreposix.h 2012-03-23 11:05:02.223026534 +0100 @@ -133,14 +133,19 @@ /* The functions */ -PCREPOSIX_EXP_DECL int regcomp(regex_t *, const char *, int); -PCREPOSIX_EXP_DECL int regexec(const regex_t *, const char *, size_t, +PCREPOSIX_EXP_DECL int pcreposix_regcomp(regex_t *, const char *, int); +PCREPOSIX_EXP_DECL int pcreposix_regexec(const regex_t *, const char *, size_t, regmatch_t *, int); -PCREPOSIX_EXP_DECL size_t regerror(int, const regex_t *, char *, size_t); -PCREPOSIX_EXP_DECL void regfree(regex_t *); +PCREPOSIX_EXP_DECL size_t pcreposix_regerror(int, const regex_t *, char *, size_t); +PCREPOSIX_EXP_DECL void pcreposix_regfree(regex_t *); #ifdef __cplusplus } /* extern "C" */ #endif +#define regcomp pcreposix_regcomp +#define regexec pcreposix_regexec +#define regerror pcreposix_regerror +#define regfree pcreposix_regfree + #endif /* End of pcreposix.h */ debian/patches/cve-2015-5073.patch0000644000000000000000000000402612554167774013420 0ustar Description: PCRE Library Heap Overflow Vulnerability in find_fixedlength() PCRE library is prone to a vulnerability which leads to Heap Overflow. During subpattern calculation of a malformed regular expression, an offset that is used as an array index is fully controlled and can be large enough so that unexpected heap memory regions are accessed. One could at least exploit this issue to read objects nearby of the affected application's memory. Such information disclosure may also be used to bypass memory protection method such as ASLR. Author: Philip Hazel Origin: upstream, http://vcs.pcre.org/pcre?view=revision&revision=1571 Bug: https://bugs.exim.org/show_bug.cgi?id=1651 Bug-Debian: https://security-tracker.debian.org/tracker/CVE-2015-5073 Last-Update: 2015-06-23 --- This patch header follows DEP-3: http://dep.debian.net/deps/dep3/ Index: pcre3-8.31/pcre_compile.c =================================================================== --- pcre3-8.31.orig/pcre_compile.c +++ pcre3-8.31/pcre_compile.c @@ -8018,7 +8018,7 @@ OP_RECURSE that are not fixed length get exceptional ones forgo this. We scan the pattern to check that they are fixed length, and set their lengths. */ -if (cd->check_lookbehind) +if (errorcode == 0 && cd->check_lookbehind) { pcre_uchar *cc = (pcre_uchar *)codestart; Index: pcre3-8.31/testdata/testinput2 =================================================================== --- pcre3-8.31.orig/testdata/testinput2 +++ pcre3-8.31/testdata/testinput2 @@ -3781,4 +3781,6 @@ assertion, and therefore fails the entir /((?+1)(\1))/BZ +/(?=di(?<=(?1))|(?=(.))))/ + /-- End of testinput2 --/ Index: pcre3-8.31/testdata/testoutput2 =================================================================== --- pcre3-8.31.orig/testdata/testoutput2 +++ pcre3-8.31/testdata/testoutput2 @@ -12412,4 +12412,7 @@ No match End ------------------------------------------------------------------ +/(?=di(?<=(?1))|(?=(.))))/ +Failed: unmatched parentheses at offset 23 + /-- End of testinput2 --/ debian/patches/soname.patch0000644000000000000000000000124612247354466013140 0ustar From: Mark Baker Description: Change soname to what debian use Index: b/configure.ac =================================================================== --- a/configure.ac +++ b/configure.ac @@ -17,9 +17,9 @@ # 50 lines of this file. Please update that if the variables above are moved. # Libtool shared library interface versions (current:revision:age) -m4_define(libpcre_version, [1:1:0]) -m4_define(libpcre16_version, [0:1:0]) -m4_define(libpcreposix_version, [0:1:0]) +m4_define(libpcre_version, [16:1:13]) +m4_define(libpcre16_version, [16:1:13]) +m4_define(libpcreposix_version, [16:1:13]) m4_define(libpcrecpp_version, [0:0:0]) AC_PREREQ(2.57) debian/patches/0001-Add-integer-overflow-check-to-n-code.patch0000644000000000000000000000452312675016675021061 0ustar Description: Add integer overflow check to (?n) code. . Addresses CVE-2015-8387. Origin: upstream, http://vcs.pcre.org/pcre?view=revision&revision=1563 Forwarded: not-needed Author: Salvatore Bonaccorso Last-Update: 2015-12-29 Applied-Upstream: 8.38 --- pcre_compile.c | 8 ++++++++ testdata/testinput2 | 2 ++ testdata/testoutput2 | 3 +++ 4 files changed, 15 insertions(+) Index: pcre3-8.31/pcre_compile.c =================================================================== --- pcre3-8.31.orig/pcre_compile.c 2016-03-24 13:02:50.278833756 -0400 +++ pcre3-8.31/pcre_compile.c 2016-03-24 13:02:50.270833656 -0400 @@ -6299,7 +6299,15 @@ recno = 0; while(IS_DIGIT(*ptr)) + { + if (recno > INT_MAX / 10 - 1) /* Integer overflow */ + { + while (IS_DIGIT(*ptr)) ptr++; + *errorcodeptr = ERR61; + goto FAILED; + } recno = recno * 10 + *ptr++ - CHAR_0; + } if (*ptr != terminator) { Index: pcre3-8.31/testdata/testinput2 =================================================================== --- pcre3-8.31.orig/testdata/testinput2 2016-03-24 13:02:50.278833756 -0400 +++ pcre3-8.31/testdata/testinput2 2016-03-24 13:02:50.270833656 -0400 @@ -3789,4 +3789,6 @@ ".*?\h.+.\.+\R*?\xd(?i)(?=!(?=b`b`b`\`b\xa9b!)`\a`bbbbbbbbbbbbb`bbbbbbbbbbbb*R\x85bbbbbbb\C?{((?2)(?))(( \H){8(?<=(?1){29}\xa8bbbb\x16\xd\xc6^($(? Last-Update: 2015-12-29 Applied-Upstream: 8.38 --- pcre_compile.c | 17 +++++------------ testdata/testinput2 | 2 ++ testdata/testoutput2 | 3 +++ 4 files changed, 13 insertions(+), 12 deletions(-) Index: pcre3-8.31/pcre_compile.c =================================================================== --- pcre3-8.31.orig/pcre_compile.c 2016-03-24 13:06:38.205693475 -0400 +++ pcre3-8.31/pcre_compile.c 2016-03-24 13:06:38.197693375 -0400 @@ -2694,19 +2694,12 @@ (ptr[1] == CHAR_RIGHT_SQUARE_BRACKET || ptr[1] == CHAR_BACKSLASH)) ptr++; - else if (*ptr == CHAR_RIGHT_SQUARE_BRACKET) return FALSE; - else + else if ((*ptr == CHAR_LEFT_SQUARE_BRACKET && ptr[1] == terminator) || + *ptr == CHAR_RIGHT_SQUARE_BRACKET) return FALSE; + else if (*ptr == terminator && ptr[1] == CHAR_RIGHT_SQUARE_BRACKET) { - if (*ptr == terminator && ptr[1] == CHAR_RIGHT_SQUARE_BRACKET) - { - *endptr = ptr; - return TRUE; - } - if (*ptr == CHAR_LEFT_SQUARE_BRACKET && - (ptr[1] == CHAR_COLON || ptr[1] == CHAR_DOT || - ptr[1] == CHAR_EQUALS_SIGN) && - check_posix_syntax(ptr, endptr)) - return FALSE; + *endptr = ptr; + return TRUE; } } return FALSE; Index: pcre3-8.31/testdata/testinput2 =================================================================== --- pcre3-8.31.orig/testdata/testinput2 2016-03-24 13:06:38.205693475 -0400 +++ pcre3-8.31/testdata/testinput2 2016-03-24 13:06:38.201693425 -0400 @@ -3793,4 +3793,6 @@ /[[:\\](?'abc')[a:]/ +"[[[.\xe8Nq\xffq\xff\xe0\x2|||::Nq\xffq\xff\xe0\x6\x2|||::[[[:[::::::[[[[[::::::::[:[[[:[:::[[[[[[[[[[[[:::::::::::::::::[[.\xe8Nq\xffq\xff\xe0\x2|||::Nq\xffq\xff\xe0\x6\x2|||::[[[:[::::::[[[[[::::::::[:[[[:[:::[[[[[[[[[[[[[[:::E[[[:[:[[:[:::[[:::E[[[:[:[[:'[:::::E[[[:[::::::[[[:[[[[[[[::E[[[:[::::::[[[:[[[[[[[[:[[::[::::[[:::::::[[:[[[[[[[:[[::[:[[:[~" + /-- End of testinput2 --/ Index: pcre3-8.31/testdata/testoutput2 =================================================================== --- pcre3-8.31.orig/testdata/testoutput2 2016-03-24 13:06:38.205693475 -0400 +++ pcre3-8.31/testdata/testoutput2 2016-03-24 13:06:38.201693425 -0400 @@ -12427,4 +12427,7 @@ /[[:\\](?'abc')[a:]/ +"[[[.\xe8Nq\xffq\xff\xe0\x2|||::Nq\xffq\xff\xe0\x6\x2|||::[[[:[::::::[[[[[::::::::[:[[[:[:::[[[[[[[[[[[[:::::::::::::::::[[.\xe8Nq\xffq\xff\xe0\x2|||::Nq\xffq\xff\xe0\x6\x2|||::[[[:[::::::[[[[[::::::::[:[[[:[:::[[[[[[[[[[[[[[:::E[[[:[:[[:[:::[[:::E[[[:[:[[:'[:::::E[[[:[::::::[[[:[[[[[[[::E[[[:[::::::[[[:[[[[[[[[:[[::[::::[[:::::::[[:[[[[[[[:[[::[:[[:[~" +Failed: missing terminating ] for character class at offset 353 + /-- End of testinput2 --/ debian/patches/cve-2014-8964.patch0000644000000000000000000000405412554167774013434 0ustar Description: heap buffer overflow Heap buffer overflow if an assertion with a zero minimum repeat is used as the condition in a conditional group. Origin: upstream http://bugs.exim.org/show_bug.cgi?id=1546 Bug: http://bugs.exim.org/show_bug.cgi?id=1546 Author: Petr Písař Origin: vendor, https://git.centos.org/blob/rpms!pcre.git/b8498e2bb79b98480ea064df33df2fa391d5259e/SOURCES!pcre-8.32-Fix-zero-repeat-assertion-condition-bug.patch Bug-Redhat: https://bugzilla.redhat.com/show_bug.cgi?id=1166147 Bug-Ubuntu: https://bugs.launchpad.net/ubuntu/+source/pcre3/+bug/1396768 Last-Update: 2014-11-19 --- This patch header follows DEP-3: http://dep.debian.net/deps/dep3/ Index: pcre3-8.31/pcre_exec.c =================================================================== --- pcre3-8.31.orig/pcre_exec.c +++ pcre3-8.31/pcre_exec.c @@ -1441,7 +1441,9 @@ for (;;) if (md->end_offset_top > offset_top) offset_top = md->end_offset_top; /* Captures may have happened */ condition = TRUE; - ecode += 1 + LINK_SIZE + GET(ecode, LINK_SIZE + 2); + ecode += 1 + LINK_SIZE; + if (*ecode == OP_BRAZERO) ecode++; + ecode += GET(ecode, 1); while (*ecode == OP_ALT) ecode += GET(ecode, 1); } Index: pcre3-8.31/testdata/testinput2 =================================================================== --- pcre3-8.31.orig/testdata/testinput2 +++ pcre3-8.31/testdata/testinput2 @@ -3769,4 +3769,10 @@ assertion, and therefore fails the entir /((?=a(*COMMIT)b)ab|ac){0}(?:(?1)|a(c))/ ac +"((?=(?(?=(?(?=(?(?=())))*)))))" + a + +"(?(?=)?==)(((((((((?=)))))))))" + a + /-- End of testinput2 --/ Index: pcre3-8.31/testdata/testoutput2 =================================================================== --- pcre3-8.31.orig/testdata/testoutput2 +++ pcre3-8.31/testdata/testoutput2 @@ -12361,4 +12361,14 @@ assertion, and therefore fails the entir ac 0: ac +"((?=(?(?=(?(?=(?(?=())))*)))))" + a + 0: + 1: + 2: + +"(?(?=)?==)(((((((((?=)))))))))" + a +No match + /-- End of testinput2 --/ debian/patches/cve-2015-2326.patch0000644000000000000000000001043512554167774013417 0ustar Description: PCRE Library Heap overflow Vulnerability II PCRE library is prone to a vulnerability which leads to Heap overflow. Without enough bound checking inside pcre_compile2(), the heap memory could be overflowed via a crafted regular expression. Since PCRE library is widely used, this vulnerability should affect many applications. An attacker may exploit this issue to execute arbitrary code in the context of the user running the affected application Author: Philip Hazel Origin: upstream, http://vcs.pcre.org/pcre?view=revision&revision=1529 Bug: http://bugs.exim.org/show_bug.cgi?id=1592 Bug-Debian: https://security-tracker.debian.org/tracker/CVE-2015-2326 Last-Update: 2015-03-02 --- This patch header follows DEP-3: http://dep.debian.net/deps/dep3/ Index: pcre3-8.31/pcre_compile.c =================================================================== --- pcre3-8.31.orig/pcre_compile.c +++ pcre3-8.31/pcre_compile.c @@ -7040,12 +7040,15 @@ int length; int orig_bracount; int max_bracount; branch_chain bc; +size_t save_hwm_offset; bc.outer = bcptr; bc.current_branch = code; firstchar = reqchar = REQ_UNSET; +save_hwm_offset = cd->hwm - cd->start_workspace; + /* Accumulate the length for use in the pre-compile phase. Start with the length of the BRA and KET and any extra bytes that are required at the beginning. We accumulate in a local variable to save frequent testing of @@ -7233,7 +7236,7 @@ for (;;) { *code = OP_END; adjust_recurse(start_bracket, 1 + LINK_SIZE, - (options & PCRE_UTF8) != 0, cd, cd->hwm - cd->start_workspace); + (options & PCRE_UTF8) != 0, cd, save_hwm_offset); memmove(start_bracket + 1 + LINK_SIZE, start_bracket, IN_UCHARS(code - start_bracket)); *start_bracket = OP_ONCE; Index: pcre3-8.31/testdata/testinput11 =================================================================== --- pcre3-8.31.orig/testdata/testinput11 +++ pcre3-8.31/testdata/testinput11 @@ -134,4 +134,6 @@ is required for these tests. --/ /(((a\2)|(a*)\g<-1>))*a?/B +/((?+1)(\1))/B + /-- End of testinput11 --/ Index: pcre3-8.31/testdata/testinput2 =================================================================== --- pcre3-8.31.orig/testdata/testinput2 +++ pcre3-8.31/testdata/testinput2 @@ -3779,4 +3779,6 @@ assertion, and therefore fails the entir "((?2){0,1999}())?" +/((?+1)(\1))/BZ + /-- End of testinput2 --/ Index: pcre3-8.31/testdata/testoutput11-16 =================================================================== --- pcre3-8.31.orig/testdata/testoutput11-16 +++ pcre3-8.31/testdata/testoutput11-16 @@ -734,4 +734,19 @@ Memory allocation (code space): 14 41 End ------------------------------------------------------------------ +/((?+1)(\1))/B +------------------------------------------------------------------ + 0 20 Bra + 2 16 Once + 4 12 CBra 1 + 7 9 Recurse + 9 5 CBra 2 + 12 \1 + 14 5 Ket + 16 12 Ket + 18 16 Ket + 20 20 Ket + 22 End +------------------------------------------------------------------ + /-- End of testinput11 --/ Index: pcre3-8.31/testdata/testoutput11-8 =================================================================== --- pcre3-8.31.orig/testdata/testoutput11-8 +++ pcre3-8.31/testdata/testoutput11-8 @@ -734,4 +734,19 @@ Memory allocation (code space): 10 60 End ------------------------------------------------------------------ +/((?+1)(\1))/B +------------------------------------------------------------------ + 0 31 Bra + 3 25 Once + 6 19 CBra 1 + 11 14 Recurse + 14 8 CBra 2 + 19 \1 + 22 8 Ket + 25 19 Ket + 28 25 Ket + 31 31 Ket + 34 End +------------------------------------------------------------------ + /-- End of testinput11 --/ Index: pcre3-8.31/testdata/testoutput2 =================================================================== --- pcre3-8.31.orig/testdata/testoutput2 +++ pcre3-8.31/testdata/testoutput2 @@ -12397,4 +12397,19 @@ No match "((?2){0,1999}())?" +/((?+1)(\1))/BZ +------------------------------------------------------------------ + Bra + Once + CBra 1 + Recurse + CBra 2 + \1 + Ket + Ket + Ket + Ket + End +------------------------------------------------------------------ + /-- End of testinput2 --/ debian/patches/0001-Fix-compile-time-loop-for-recursive-reference-within.patch0000644000000000000000000000372012675227530024333 0ustar Description: Fix compile-time loop for recursive reference within a group with an indefinite repeat. Origin: backport, http://vcs.pcre.org/pcre?view=revision&revision=1498 Bug: https://bugs.exim.org/show_bug.cgi?id=1515 --- pcre_compile.c | 21 +++++++++------------ testdata/testinput1 | 6 ++++++ testdata/testoutput1 | 10 ++++++++++ 4 files changed, 30 insertions(+), 12 deletions(-) Index: pcre3-8.31/pcre_compile.c =================================================================== --- pcre3-8.31.orig/pcre_compile.c 2016-03-25 07:50:52.253054124 -0400 +++ pcre3-8.31/pcre_compile.c 2016-03-25 07:54:19.615322368 -0400 @@ -2361,6 +2361,7 @@ if (c == OP_RECURSE) { const pcre_uchar *scode; + const pcre_uchar *endgroup; BOOL empty_branch; /* Test for forward reference */ @@ -2374,6 +2375,10 @@ scode = cd->start_code + GET(code, 1); if (GET(scode, 1) == 0) return TRUE; /* Unclosed */ + endgroup = scode; + do endgroup += GET(endgroup, 1); while (*endgroup == OP_ALT); + if (code >= scode && code <= endgroup) continue; /* Simple recursion */ + /* Completed backwards reference */ do Index: pcre3-8.31/testdata/testinput1 =================================================================== --- pcre3-8.31.orig/testdata/testinput1 2016-03-25 07:50:52.253054124 -0400 +++ pcre3-8.31/testdata/testinput1 2016-03-25 07:50:52.245054036 -0400 @@ -4967,6 +4967,12 @@ /((?(R1)a+|(?1)b))/ aaaabcde + +/((?(R)a|(?1)))*/ + aaa + +/((?(R)a|(?1)))+/ + aaa /a(*:any name)/K Index: pcre3-8.31/testdata/testoutput1 =================================================================== --- pcre3-8.31.orig/testdata/testoutput1 2016-03-25 07:50:52.253054124 -0400 +++ pcre3-8.31/testdata/testoutput1 2016-03-25 07:50:52.245054036 -0400 @@ -8271,6 +8271,16 @@ aaaabcde 0: aaaab 1: aaaab + +/((?(R)a|(?1)))*/ + aaa + 0: aaa + 1: a + +/((?(R)a|(?1)))+/ + aaa + 0: aaa + 1: a /a(*:any name)/K debian/patches/cve-2015-2325.patch0000644000000000000000000002630712554424025013404 0ustar ption: PCRE Library Heap Overflow Vulnerability PCRE library is prone to a heap overflow vulnerability. Due to insufficient bounds checking inside compile_branch(), the heap memory could be overflowed via a crafted regular expression. Since PCRE library is widely used, this vulnerability should affect many applications using it. An attacker may exploit this issue to execute arbitrary code in the context of the user running the affected application. Author: Philip Hazel Origin: backport, http://vcs.pcre.org/pcre?view=revision&revision=1495 Origin: backport, http://vcs.pcre.org/pcre?view=revision&revision=1528 Bug: https://bugs.exim.org/show_bug.cgi?id=1591 Bug-Debian: https://security-tracker.debian.org/tracker/CVE-2015-2325 Last-Update: 2015-07-24 --- This patch header follows DEP-3: http://dep.debian.net/deps/dep3/ Index: pcre3-8.31/pcre_compile.c =================================================================== --- pcre3-8.31.orig/pcre_compile.c +++ pcre3-8.31/pcre_compile.c @@ -2769,14 +2769,14 @@ Arguments: adjust the amount by which the group is to be moved utf TRUE in UTF-8 / UTF-16 mode cd contains pointers to tables etc. - save_hwm the hwm forward reference pointer at the start of the group + save_hwm_offset the hwm forward reference offset at the start of the group Returns: nothing */ static void adjust_recurse(pcre_uchar *group, int adjust, BOOL utf, compile_data *cd, - pcre_uchar *save_hwm) + size_t save_hwm_offset) { pcre_uchar *ptr = group; @@ -2788,7 +2788,8 @@ while ((ptr = (pcre_uchar *)find_recurse /* See if this recursion is on the forward reference list. If so, adjust the reference. */ - for (hc = save_hwm; hc < cd->hwm; hc += LINK_SIZE) + for (hc = (pcre_uchar *)cd->start_workspace + save_hwm_offset; hc < cd->hwm; + hc += LINK_SIZE) { offset = GET(hc, 0); if (cd->start_code + offset == ptr + 1) @@ -3455,7 +3456,7 @@ const pcre_uchar *tempptr; const pcre_uchar *nestptr = NULL; pcre_uchar *previous = NULL; pcre_uchar *previous_callout = NULL; -pcre_uchar *save_hwm = NULL; +size_t save_hwm_offset = 0; pcre_uint8 classbits[32]; /* We can fish out the UTF-8 setting once and for all into a BOOL, but we @@ -5161,7 +5162,7 @@ for (;; ptr++) if (repeat_max <= 1) /* Covers 0, 1, and unlimited */ { *code = OP_END; - adjust_recurse(previous, 1, utf, cd, save_hwm); + adjust_recurse(previous, 1, utf, cd, save_hwm_offset); memmove(previous + 1, previous, IN_UCHARS(len)); code++; if (repeat_max == 0) @@ -5185,7 +5186,7 @@ for (;; ptr++) { int offset; *code = OP_END; - adjust_recurse(previous, 2 + LINK_SIZE, utf, cd, save_hwm); + adjust_recurse(previous, 2 + LINK_SIZE, utf, cd, save_hwm_offset); memmove(previous + 2 + LINK_SIZE, previous, IN_UCHARS(len)); code += 2 + LINK_SIZE; *previous++ = OP_BRAZERO + repeat_type; @@ -5244,26 +5245,25 @@ for (;; ptr++) for (i = 1; i < repeat_min; i++) { pcre_uchar *hc; - pcre_uchar *this_hwm = cd->hwm; + size_t this_hwm_offset = cd->hwm - cd->start_workspace; memcpy(code, previous, IN_UCHARS(len)); while (cd->hwm > cd->start_workspace + cd->workspace_size - - WORK_SIZE_SAFETY_MARGIN - (this_hwm - save_hwm)) + WORK_SIZE_SAFETY_MARGIN - + (this_hwm_offset - save_hwm_offset)) { - int save_offset = save_hwm - cd->start_workspace; - int this_offset = this_hwm - cd->start_workspace; *errorcodeptr = expand_workspace(cd); if (*errorcodeptr != 0) goto FAILED; - save_hwm = (pcre_uchar *)cd->start_workspace + save_offset; - this_hwm = (pcre_uchar *)cd->start_workspace + this_offset; } - for (hc = save_hwm; hc < this_hwm; hc += LINK_SIZE) + for (hc = (pcre_uchar *)cd->start_workspace + save_hwm_offset; + hc < (pcre_uchar *)cd->start_workspace + this_hwm_offset; + hc += LINK_SIZE) { PUT(cd->hwm, 0, GET(hc, 0) + len); cd->hwm += LINK_SIZE; } - save_hwm = this_hwm; + save_hwm_offset = this_hwm_offset; code += len; } } @@ -5308,7 +5308,7 @@ for (;; ptr++) else for (i = repeat_max - 1; i >= 0; i--) { pcre_uchar *hc; - pcre_uchar *this_hwm = cd->hwm; + size_t this_hwm_offset = cd->hwm - cd->start_workspace; *code++ = OP_BRAZERO + repeat_type; @@ -5330,22 +5330,21 @@ for (;; ptr++) copying them. */ while (cd->hwm > cd->start_workspace + cd->workspace_size - - WORK_SIZE_SAFETY_MARGIN - (this_hwm - save_hwm)) + WORK_SIZE_SAFETY_MARGIN - + (this_hwm_offset - save_hwm_offset)) { - int save_offset = save_hwm - cd->start_workspace; - int this_offset = this_hwm - cd->start_workspace; *errorcodeptr = expand_workspace(cd); if (*errorcodeptr != 0) goto FAILED; - save_hwm = (pcre_uchar *)cd->start_workspace + save_offset; - this_hwm = (pcre_uchar *)cd->start_workspace + this_offset; } - for (hc = save_hwm; hc < this_hwm; hc += LINK_SIZE) + for (hc = (pcre_uchar *)cd->start_workspace + save_hwm_offset; + hc < (pcre_uchar *)cd->start_workspace + this_hwm_offset; + hc += LINK_SIZE) { PUT(cd->hwm, 0, GET(hc, 0) + len + ((i != 0)? 2+LINK_SIZE : 1)); cd->hwm += LINK_SIZE; } - save_hwm = this_hwm; + save_hwm_offset = this_hwm_offset; code += len; } @@ -5441,7 +5440,7 @@ for (;; ptr++) { int nlen = (int)(code - bracode); *code = OP_END; - adjust_recurse(bracode, 1 + LINK_SIZE, utf, cd, save_hwm); + adjust_recurse(bracode, 1 + LINK_SIZE, utf, cd, save_hwm_offset); memmove(bracode + 1 + LINK_SIZE, bracode, IN_UCHARS(nlen)); code += 1 + LINK_SIZE; nlen += 1 + LINK_SIZE; @@ -5557,7 +5556,7 @@ for (;; ptr++) default: *code = OP_END; - adjust_recurse(tempcode, 1 + LINK_SIZE, utf, cd, save_hwm); + adjust_recurse(tempcode, 1 + LINK_SIZE, utf, cd, save_hwm_offset); memmove(tempcode + 1 + LINK_SIZE, tempcode, IN_UCHARS(len)); code += 1 + LINK_SIZE; len += 1 + LINK_SIZE; @@ -5588,7 +5587,7 @@ for (;; ptr++) newoptions = options; skipbytes = 0; bravalue = OP_CBRA; - save_hwm = cd->hwm; + save_hwm_offset = cd->hwm - cd->start_workspace; reset_bracount = FALSE; /* First deal with various "verbs" that can be introduced by '*'. */ @@ -6744,7 +6743,7 @@ for (;; ptr++) if (-c == ESC_g) { const pcre_uchar *p; - save_hwm = cd->hwm; /* Normally this is set when '(' is read */ + save_hwm_offset = cd->hwm - cd->start_workspace; /* Normally this is set when '(' is read */ terminator = (*(++ptr) == CHAR_LESS_THAN_SIGN)? CHAR_GREATER_THAN_SIGN : CHAR_APOSTROPHE; @@ -7225,12 +7224,16 @@ for (;;) /* If it was a capturing subpattern, check to see if it contained any recursive back references. If so, we must wrap it in atomic brackets. - In any event, remove the block from the chain. */ + Because we are moving code along, we must ensure that any pending recursive + references are updated. In any event, remove the block from the chain. */ if (capnumber > 0) { if (cd->open_caps->flag) { + *code = OP_END; + adjust_recurse(start_bracket, 1 + LINK_SIZE, + (options & PCRE_UTF8) != 0, cd, cd->hwm - cd->start_workspace); memmove(start_bracket + 1 + LINK_SIZE, start_bracket, IN_UCHARS(code - start_bracket)); *start_bracket = OP_ONCE; Index: pcre3-8.31/testdata/testinput11 =================================================================== --- pcre3-8.31.orig/testdata/testinput11 +++ pcre3-8.31/testdata/testinput11 @@ -132,4 +132,6 @@ is required for these tests. --/ /abc(d|e)(*THEN)x(123(*THEN)4|567(b|q)(*THEN)xx)/B +/(((a\2)|(a*)\g<-1>))*a?/B + /-- End of testinput11 --/ Index: pcre3-8.31/testdata/testinput2 =================================================================== --- pcre3-8.31.orig/testdata/testinput2 +++ pcre3-8.31/testdata/testinput2 @@ -3775,4 +3775,8 @@ assertion, and therefore fails the entir "(?(?=)?==)(((((((((?=)))))))))" a +/(((a\2)|(a*)\g<-1>))*a?/BZ + +"((?2){0,1999}())?" + /-- End of testinput2 --/ Index: pcre3-8.31/testdata/testoutput11-16 =================================================================== --- pcre3-8.31.orig/testdata/testoutput11-16 +++ pcre3-8.31/testdata/testoutput11-16 @@ -710,4 +710,28 @@ Memory allocation (code space): 14 62 End ------------------------------------------------------------------ +/(((a\2)|(a*)\g<-1>))*a?/B +------------------------------------------------------------------ + 0 39 Bra + 2 Brazero + 3 32 SCBra 1 + 6 27 Once + 8 12 CBra 2 + 11 7 CBra 3 + 14 a + 16 \2 + 18 7 Ket + 20 11 Alt + 22 5 CBra 4 + 25 a* + 27 5 Ket + 29 22 Recurse + 31 23 Ket + 33 27 Ket + 35 32 KetRmax + 37 a? + 39 39 Ket + 41 End +------------------------------------------------------------------ + /-- End of testinput11 --/ Index: pcre3-8.31/testdata/testoutput11-8 =================================================================== --- pcre3-8.31.orig/testdata/testoutput11-8 +++ pcre3-8.31/testdata/testoutput11-8 @@ -710,4 +710,28 @@ Memory allocation (code space): 10 76 End ------------------------------------------------------------------ +/(((a\2)|(a*)\g<-1>))*a?/B +------------------------------------------------------------------ + 0 57 Bra + 3 Brazero + 4 48 SCBra 1 + 9 40 Once + 12 18 CBra 2 + 17 10 CBra 3 + 22 a + 24 \2 + 27 10 Ket + 30 16 Alt + 33 7 CBra 4 + 38 a* + 40 7 Ket + 43 33 Recurse + 46 34 Ket + 49 40 Ket + 52 48 KetRmax + 55 a? + 57 57 Ket + 60 End +------------------------------------------------------------------ + /-- End of testinput11 --/ Index: pcre3-8.31/testdata/testoutput2 =================================================================== --- pcre3-8.31.orig/testdata/testoutput2 +++ pcre3-8.31/testdata/testoutput2 @@ -12371,4 +12371,30 @@ assertion, and therefore fails the entir a No match +/(((a\2)|(a*)\g<-1>))*a?/BZ +------------------------------------------------------------------ + Bra + Brazero + SCBra 1 + Once + CBra 2 + CBra 3 + a + \2 + Ket + Alt + CBra 4 + a* + Ket + Recurse + Ket + Ket + KetRmax + a? + Ket + End +------------------------------------------------------------------ + +"((?2){0,1999}())?" + /-- End of testinput2 --/ debian/patches/0001-Fix-empty-matching-possessive-zero-repeat-groups.patch0000664000000000000000000001304412703722433023646 0ustar Description: Fix empty-matching possessive zero-repeat groups bug. Origin: backport, http://vcs.pcre.org/pcre?view=revision&revision=1478 Bug-Ubuntu: https://bugs.launchpad.net/bugs/1456195 --- pcre_exec.c | 37 ++++++++++++++++++++++++------------- testdata/testinput1 | 9 +++++++++ testdata/testinput8 | 6 ++++++ testdata/testoutput1 | 12 ++++++++++++ testdata/testoutput8 | 8 ++++++++ 5 files changed, 59 insertions(+), 13 deletions(-) Index: pcre3-8.31/pcre_exec.c =================================================================== --- pcre3-8.31.orig/pcre_exec.c 2016-04-13 10:34:37.884343090 +0200 +++ pcre3-8.31/pcre_exec.c 2016-04-13 10:34:37.880343069 +0200 @@ -1139,10 +1139,15 @@ if (rrc == MATCH_KETRPOS) { offset_top = md->end_offset_top; - eptr = md->end_match_ptr; ecode = md->start_code + code_offset; save_capture_last = md->capture_last; matched_once = TRUE; + if (eptr == md->end_match_ptr) /* Matched an empty string */ + { + do ecode += GET(ecode, 1); while (*ecode == OP_ALT); + break; + } + eptr = md->end_match_ptr; continue; } @@ -1211,9 +1216,14 @@ if (rrc == MATCH_KETRPOS) { offset_top = md->end_offset_top; - eptr = md->end_match_ptr; ecode = md->start_code + code_offset; matched_once = TRUE; + if (eptr == md->end_match_ptr) /* Matched an empty string */ + { + do ecode += GET(ecode, 1); while (*ecode == OP_ALT); + break; + } + eptr = md->end_match_ptr; continue; } @@ -1969,6 +1979,18 @@ } } + /* OP_KETRPOS is a possessive repeating ket. Remember the current position, + and return the MATCH_KETRPOS. This makes it possible to do the repeats one + at a time from the outer level, thus saving stack. This must precede the + empty string test - in this case that test is done at the outer level. */ + + if (*ecode == OP_KETRPOS) + { + md->end_match_ptr = eptr; + md->end_offset_top = offset_top; + RRETURN(MATCH_KETRPOS); + } + /* For an ordinary non-repeating ket, just continue at this level. This also happens for a repeating ket if no characters were matched in the group. This is the forcible breaking of infinite loops as implemented in @@ -1991,17 +2013,6 @@ break; } - /* OP_KETRPOS is a possessive repeating ket. Remember the current position, - and return the MATCH_KETRPOS. This makes it possible to do the repeats one - at a time from the outer level, thus saving stack. */ - - if (*ecode == OP_KETRPOS) - { - md->end_match_ptr = eptr; - md->end_offset_top = offset_top; - RRETURN(MATCH_KETRPOS); - } - /* The normal repeating kets try the rest of the pattern or restart from the preceding bracket, in the appropriate order. In the second case, we can use tail recursion to avoid using another stack frame, unless we have an Index: pcre3-8.31/testdata/testinput1 =================================================================== --- pcre3-8.31.orig/testdata/testinput1 2016-04-13 10:10:24.000000000 +0200 +++ pcre3-8.31/testdata/testinput1 2016-04-13 10:37:39.605259086 +0200 @@ -5271,4 +5271,13 @@ "(?|(\k'Pm')|(?'Pm'))" abcd +'\A(?:[^\"]++|\"(?:[^\"]*+|\"\")*+\")++' + NON QUOTED \"QUOT\"\"ED\" AFTER \"NOT MATCHED + +'\A(?:[^\"]++|\"(?:[^\"]++|\"\")*+\")++' + NON QUOTED \"QUOT\"\"ED\" AFTER \"NOT MATCHED + +'\A(?:[^\"]++|\"(?:[^\"]++|\"\")++\")++' + NON QUOTED \"QUOT\"\"ED\" AFTER \"NOT MATCHED + /-- End of testinput1 --/ Index: pcre3-8.31/testdata/testinput8 =================================================================== --- pcre3-8.31.orig/testdata/testinput8 2012-06-17 21:06:55.000000000 +0200 +++ pcre3-8.31/testdata/testinput8 2016-04-13 10:37:39.605259086 +0200 @@ -4798,4 +4798,10 @@ xxxxxxxxabcd xx\xa0xxxxxabcd +'\A(?:[^\"]++|\"(?:[^\"]*+|\"\")*+\")++' + NON QUOTED \"QUOT\"\"ED\" AFTER \"NOT MATCHED + +'\A(?:[^\"]++|\"(?:[^\"]++|\"\")*+\")++' + NON QUOTED \"QUOT\"\"ED\" AFTER \"NOT MATCHED + /-- End of testinput8 --/ Index: pcre3-8.31/testdata/testoutput1 =================================================================== --- pcre3-8.31.orig/testdata/testoutput1 2016-04-13 10:10:24.000000000 +0200 +++ pcre3-8.31/testdata/testoutput1 2016-04-13 10:57:45.015418890 +0200 @@ -8746,4 +8746,16 @@ "(?|(\k'Pm')|(?'Pm'))" Failed: reference to non-existent subpattern at offset 20 +'\A(?:[^\"]++|\"(?:[^\"]*+|\"\")*+\")++' + NON QUOTED \"QUOT\"\"ED\" AFTER \"NOT MATCHED + 0: NON QUOTED "QUOT""ED" AFTER + +'\A(?:[^\"]++|\"(?:[^\"]++|\"\")*+\")++' + NON QUOTED \"QUOT\"\"ED\" AFTER \"NOT MATCHED + 0: NON QUOTED "QUOT""ED" AFTER + +'\A(?:[^\"]++|\"(?:[^\"]++|\"\")++\")++' + NON QUOTED \"QUOT\"\"ED\" AFTER \"NOT MATCHED + 0: NON QUOTED "QUOT""ED" AFTER + /-- End of testinput1 --/ Index: pcre3-8.31/testdata/testoutput8 =================================================================== --- pcre3-8.31.orig/testdata/testoutput8 2012-06-17 21:07:04.000000000 +0200 +++ pcre3-8.31/testdata/testoutput8 2016-04-13 10:37:39.609259106 +0200 @@ -8016,4 +8016,12 @@ 0: xx\xa0xxxxxabcd 1: xx\xa0xxxxxabc +'\A(?:[^\"]++|\"(?:[^\"]*+|\"\")*+\")++' + NON QUOTED \"QUOT\"\"ED\" AFTER \"NOT MATCHED + 0: NON QUOTED "QUOT""ED" AFTER + +'\A(?:[^\"]++|\"(?:[^\"]++|\"\")*+\")++' + NON QUOTED \"QUOT\"\"ED\" AFTER \"NOT MATCHED + 0: NON QUOTED "QUOT""ED" AFTER + /-- End of testinput8 --/ debian/patches/0001-Fix-bug-for-classes-containing-sequences.patch0000644000000000000000000000562512675017116022072 0ustar Description: Fix bug for classes containing \\ sequences. . Addresses CVE-2015-8390. Origin: upstream, http://vcs.pcre.org/pcre?view=revision&revision=1578 Forwarded: not-needed Author: Salvatore Bonaccorso Last-Update: 2015-12-29 Applied-Upstream: 8.38 --- pcre_compile.c | 14 ++++++++------ testdata/testinput2 | 2 ++ testdata/testoutput2 | 2 ++ 4 files changed, 16 insertions(+), 6 deletions(-) Index: pcre3-8.31/pcre_compile.c =================================================================== --- pcre3-8.31.orig/pcre_compile.c 2016-03-24 13:04:06.659791907 -0400 +++ pcre3-8.31/pcre_compile.c 2016-03-24 13:05:08.716570501 -0400 @@ -2659,11 +2659,11 @@ The problem in trying to be exactly like Perl is in the handling of escapes. We have to be sure that [abc[:x\]pqr] is *not* treated as containing a POSIX class, but [abc[:x\]pqr:]] is (so that an error can be generated). The code -below handles the special case of \], but does not try to do any other escape -processing. This makes it different from Perl for cases such as [:l\ower:] -where Perl recognizes it as the POSIX class "lower" but PCRE does not recognize -"l\ower". This is a lesser evil that not diagnosing bad classes when Perl does, -I think. +below handles the special cases \\ and \], but does not try to do any other +escape processing. This makes it different from Perl for cases such as +[:l\ower:] where Perl recognizes it as the POSIX class "lower" but PCRE does +not recognize "l\ower". This is a lesser evil than not diagnosing bad classes +when Perl does, I think. A user pointed out that PCRE was rejecting [:a[:digit:]] whereas Perl was not. It seems that the appearance of a nested POSIX class supersedes an apparent @@ -2690,7 +2690,9 @@ terminator = *(++ptr); /* compiler warns about "non-constant" initializer. */ for (++ptr; *ptr != 0; ptr++) { - if (*ptr == CHAR_BACKSLASH && ptr[1] == CHAR_RIGHT_SQUARE_BRACKET) + if (*ptr == CHAR_BACKSLASH && + (ptr[1] == CHAR_RIGHT_SQUARE_BRACKET || + ptr[1] == CHAR_BACKSLASH)) ptr++; else if (*ptr == CHAR_RIGHT_SQUARE_BRACKET) return FALSE; else Index: pcre3-8.31/testdata/testinput2 =================================================================== --- pcre3-8.31.orig/testdata/testinput2 2016-03-24 13:04:06.659791907 -0400 +++ pcre3-8.31/testdata/testinput2 2016-03-24 13:04:06.655791856 -0400 @@ -3791,4 +3791,6 @@ /(?<=|(\,\$(?73591620449005828816)\xa8.{7}){6}\x09)/ +/[[:\\](?'abc')[a:]/ + /-- End of testinput2 --/ Index: pcre3-8.31/testdata/testoutput2 =================================================================== --- pcre3-8.31.orig/testdata/testoutput2 2016-03-24 13:04:06.659791907 -0400 +++ pcre3-8.31/testdata/testoutput2 2016-03-24 13:04:06.655791856 -0400 @@ -12425,4 +12425,6 @@ /(?<=|(\,\$(?73591620449005828816)\xa8.{7}){6}\x09)/ Failed: number is too big at offset 32 +/[[:\\](?'abc')[a:]/ + /-- End of testinput2 --/ debian/patches/0001-Fix-buffer-overflow-for-lookbehind-within-mutually-r.patch0000644000000000000000000000365112675016623024400 0ustar Description: Fix buffer overflow for lookbehind within mutually recursive subroutines. . Addresses CVE-2015-8386. Origin: upstream, http://vcs.pcre.org/pcre?view=revision&revision=1560 Forwarded: not-needed Author: Salvatore Bonaccorso Last-Update: 2015-12-28 Applied-Upstream: 8.38 --- pcre_compile.c | 2 +- testdata/testinput2 | 3 +++ testdata/testoutput2 | 3 +++ 4 files changed, 11 insertions(+), 2 deletions(-) Index: pcre3-8.31/pcre_compile.c =================================================================== --- pcre3-8.31.orig/pcre_compile.c 2016-03-24 13:02:07.342295223 -0400 +++ pcre3-8.31/pcre_compile.c 2016-03-24 13:02:07.338295173 -0400 @@ -1786,7 +1786,7 @@ case OP_ASSERTBACK: case OP_ASSERTBACK_NOT: do cc += GET(cc, 1); while (*cc == OP_ALT); - cc += PRIV(OP_lengths)[*cc]; + cc += 1 + LINK_SIZE; break; /* Skip over things that don't match chars */ Index: pcre3-8.31/testdata/testinput2 =================================================================== --- pcre3-8.31.orig/testdata/testinput2 2016-03-24 13:02:07.342295223 -0400 +++ pcre3-8.31/testdata/testinput2 2016-03-24 13:02:07.338295173 -0400 @@ -3786,4 +3786,7 @@ // \O1 +".*?\h.+.\.+\R*?\xd(?i)(?=!(?=b`b`b`\`b\xa9b!)`\a`bbbbbbbbbbbbb`bbbbbbbbbbbb*R\x85bbbbbbb\C?{((?2)(?))(( +\H){8(?<=(?1){29}\xa8bbbb\x16\xd\xc6^($(? Description: Include old interface to RE::Init() for PCRE 6.x compatibility Index: pcre-8.30/pcrecpp.cc =================================================================== --- pcre-8.30.orig/pcrecpp.cc 2012-01-15 19:00:31.000000000 +0100 +++ pcre-8.30/pcrecpp.cc 2012-03-23 11:05:02.219693149 +0100 @@ -80,6 +80,12 @@ // If the user doesn't ask for any options, we just use this one static RE_Options default_options; +// PCRE6.x compatible API +void RE::Init(const char *c_pat, const RE_Options* options) { + const string cxx_pat(c_pat); + Init(cxx_pat, options); +} + void RE::Init(const string& pat, const RE_Options* options) { pattern_ = pat; if (options == NULL) { Index: pcre-8.30/pcrecpp.h =================================================================== --- pcre-8.30.orig/pcrecpp.h 2010-01-02 17:25:49.000000000 +0100 +++ pcre-8.30/pcrecpp.h 2012-03-23 11:05:02.223026534 +0100 @@ -658,6 +658,8 @@ private: void Init(const string& pattern, const RE_Options* options); + // Old version from PCRE 6.x, for compatibility + void Init(const char *pattern, const RE_Options* options); void Cleanup(); // Match against "text", filling in "vec" (up to "vecsize" * 2/3) with Index: pcre-8.30/pcretest.c =================================================================== --- pcre-8.30.orig/pcretest.c 2012-02-04 15:35:53.000000000 +0100 +++ pcre-8.30/pcretest.c 2012-03-23 11:05:02.233026691 +0100 @@ -2152,7 +2152,7 @@ { FILE *infile = stdin; const char *version; -int options = 0; +long int options = 0; int study_options = 0; int default_find_match_limit = FALSE; int op = 1; debian/patches/0001-Make-pcregrep-q-override-l-and-c-for-compatibility-w.patch0000644000000000000000000000304012675021752024065 0ustar . Addresses CVE-2015-8393. Origin: upstream, http://vcs.pcre.org/pcre?view=revision&revision=1586 Forwarded: not-needed Author: Salvatore Bonaccorso Last-Update: 2015-12-29 Applied-Upstream: 8.38 --- RunGrepTest | 8 ++++++++ pcregrep.c | 12 ++++++------ testdata/grepoutput | 4 ++++ 4 files changed, 21 insertions(+), 6 deletions(-) Index: pcre3-8.31/pcregrep.c =================================================================== --- pcre3-8.31.orig/pcregrep.c 2016-03-24 13:07:47.806567039 -0400 +++ pcre3-8.31/pcregrep.c 2016-03-24 13:08:09.502839379 -0400 @@ -1227,9 +1227,13 @@ if (filenames == FN_NOMATCH_ONLY) return 1; + /* If all we want is a yes/no answer, stop now. */ + + if (quiet) return 0; + /* Just count if just counting is wanted. */ - if (count_only) count++; + else if (count_only) count++; /* When handling a binary file and binary-files==binary, the "binary" variable will be set true (it's false in all other cases). In this @@ -1250,10 +1254,6 @@ return 0; } - /* Likewise, if all we want is a yes/no answer. */ - - else if (quiet) return 0; - /* The --only-matching option prints just the substring that matched, or a captured portion of it, as long as this string is not empty, and the --file-offsets and --line-offsets options output offsets for the matching @@ -1567,7 +1567,7 @@ /* Print the match count if wanted */ -if (count_only) +if (count_only && !quiet) { if (count > 0 || !omit_zero_count) { debian/patches/pcre_info.patch0000644000000000000000000001656412024423620013611 0ustar From: Mark Baker Description: Restore obsolete pcre_info() API for compatiblity Index: pcre-8.30/Makefile.am =================================================================== --- pcre-8.30.orig/Makefile.am 2012-03-23 22:33:00.000000000 +0000 +++ pcre-8.30/Makefile.am 2012-03-23 22:38:00.000000000 +0000 @@ -187,6 +187,7 @@ pcre_fullinfo.c \ pcre_get.c \ pcre_globals.c \ + pcre_info.c \ pcre_internal.h \ pcre_jit_compile.c \ pcre_maketables.c \ @@ -448,7 +449,7 @@ # nice DLL for Windows use". (It is used by the pcre.dll target.) DLL_OBJS= pcre_byte_order.o pcre_compile.o pcre_config.o \ pcre_dfa_exec.o pcre_exec.o pcre_fullinfo.o pcre_get.o \ - pcre_globals.o pcre_jit_compile.o pcre_maketables.o \ + pcre_globals.o pcre_info.o pcre_jit_compile.o pcre_maketables.o \ pcre_newline.o pcre_ord2utf8.o pcre_refcount.o \ pcre_study.o pcre_tables.o pcre_ucd.o \ pcre_valid_utf8.o pcre_version.o pcre_chartables.o \ Index: pcre-8.30/Makefile.in =================================================================== --- pcre-8.30.orig/Makefile.in 2012-03-23 22:33:00.000000000 +0000 +++ pcre-8.30/Makefile.in 2012-03-23 22:38:00.000000000 +0000 @@ -136,7 +136,7 @@ libpcre_la_LIBADD = am__libpcre_la_SOURCES_DIST = pcre_byte_order.c pcre_compile.c \ pcre_config.c pcre_dfa_exec.c pcre_exec.c pcre_fullinfo.c \ - pcre_get.c pcre_globals.c pcre_internal.h pcre_jit_compile.c \ + pcre_get.c pcre_globals.c pcre_info.c pcre_internal.h pcre_jit_compile.c \ pcre_maketables.c pcre_newline.c pcre_ord2utf8.c \ pcre_refcount.c pcre_string_utils.c pcre_study.c pcre_tables.c \ pcre_ucd.c pcre_valid_utf8.c pcre_version.c pcre_xclass.c \ @@ -145,6 +145,7 @@ @WITH_PCRE8_TRUE@ pcre_compile.lo pcre_config.lo \ @WITH_PCRE8_TRUE@ pcre_dfa_exec.lo pcre_exec.lo \ @WITH_PCRE8_TRUE@ pcre_fullinfo.lo pcre_get.lo pcre_globals.lo \ +@WITH_PCRE8_TRUE@ pcre_info.lo \ @WITH_PCRE8_TRUE@ pcre_jit_compile.lo pcre_maketables.lo \ @WITH_PCRE8_TRUE@ pcre_newline.lo pcre_ord2utf8.lo \ @WITH_PCRE8_TRUE@ pcre_refcount.lo pcre_string_utils.lo \ @@ -642,6 +643,7 @@ @WITH_PCRE8_TRUE@ pcre_fullinfo.c \ @WITH_PCRE8_TRUE@ pcre_get.c \ @WITH_PCRE8_TRUE@ pcre_globals.c \ +@WITH_PCRE8_TRUE@ pcre_info.c \ @WITH_PCRE8_TRUE@ pcre_internal.h \ @WITH_PCRE8_TRUE@ pcre_jit_compile.c \ @WITH_PCRE8_TRUE@ pcre_maketables.c \ @@ -720,7 +722,7 @@ # nice DLL for Windows use". (It is used by the pcre.dll target.) DLL_OBJS = pcre_byte_order.o pcre_compile.o pcre_config.o \ pcre_dfa_exec.o pcre_exec.o pcre_fullinfo.o pcre_get.o \ - pcre_globals.o pcre_jit_compile.o pcre_maketables.o \ + pcre_globals.o pcre_info.o pcre_jit_compile.o pcre_maketables.o \ pcre_newline.o pcre_ord2utf8.o pcre_refcount.o \ pcre_study.o pcre_tables.o pcre_ucd.o \ pcre_valid_utf8.o pcre_version.o pcre_chartables.o \ @@ -1039,6 +1041,7 @@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/pcre_fullinfo.Plo@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/pcre_get.Plo@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/pcre_globals.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/pcre_info.Plo@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/pcre_jit_compile.Plo@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/pcre_jit_test.Po@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/pcre_maketables.Plo@am__quote@ Index: pcre-8.30/pcre_info.c =================================================================== --- /dev/null 1970-01-01 00:00:00.000000000 +0000 +++ pcre-8.30/pcre_info.c 2012-03-23 23:54:06.000000000 +0000 @@ -0,0 +1,90 @@ +/************************************************* +* Perl-Compatible Regular Expressions * +*************************************************/ + +/* PCRE is a library of functions to support regular expressions whose syntax +and semantics are as close as possible to those of the Perl 5 language. + + Written by Philip Hazel + Copyright (c) 1997-2009 University of Cambridge + +----------------------------------------------------------------------------- +Redistribution and use in source and binary forms, with or without +modification, are permitted provided that the following conditions are met: + + * Redistributions of source code must retain the above copyright notice, + this list of conditions and the following disclaimer. + + * Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + + * Neither the name of the University of Cambridge nor the names of its + contributors may be used to endorse or promote products derived from + this software without specific prior written permission. + +THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" +AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE +IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE +ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE +LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR +CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF +SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS +INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN +CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) +ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE +POSSIBILITY OF SUCH DAMAGE. +----------------------------------------------------------------------------- +*/ + + +/* This module contains the external function pcre_info(), which gives some +information about a compiled pattern. However, use of this function is now +deprecated, as it has been superseded by pcre_fullinfo(). */ + + +#ifdef HAVE_CONFIG_H +#include "config.h" +#endif + +#include "pcre_internal.h" + + +/************************************************* +* (Obsolete) Return info about compiled pattern * +*************************************************/ + +/* This is the original "info" function. It picks potentially useful data out +of the private structure, but its interface was too rigid. It remains for +backwards compatibility. The public options are passed back in an int - though +the re->options field has been expanded to a long int, all the public options +at the low end of it, and so even on 16-bit systems this will still be OK. +Therefore, I haven't changed the API for pcre_info(). + +Arguments: + argument_re points to compiled code + optptr where to pass back the options + first_byte where to pass back the first character, + or -1 if multiline and all branches start ^, + or -2 otherwise + +Returns: number of capturing subpatterns + or negative values on error +*/ + +PCRE_EXP_DEFN int PCRE_CALL_CONVENTION +pcre_info(const pcre *argument_re, int *optptr, int *first_byte) +{ +const real_pcre *re = (const real_pcre *)argument_re; +if (re == NULL) return PCRE_ERROR_NULL; +if (re->magic_number != MAGIC_NUMBER) + return PCRE_ERROR_BADMAGIC; + +if (optptr != NULL) *optptr = (int)(re->options & PUBLIC_COMPILE_OPTIONS); +if (first_byte != NULL) + *first_byte = ((re->flags & PCRE_FIRSTSET) != 0)? re->first_char : + ((re->flags & PCRE_STARTLINE) != 0)? -1 : -2; +return re->top_bracket; +} + +/* End of pcre_info.c */ debian/patches/0001-Add-missing-integer-overflow-checks.patch0000644000000000000000000000635512675227465021136 0ustar Description: Add missing integer overflow checks. Origin: backport, http://vcs.pcre.org/pcre?view=revision&revision=1589 --- pcre_compile.c | 11 +++++++++++ testdata/testinput2 | 4 ++++ testdata/testoutput2 | 6 ++++++ 4 files changed, 25 insertions(+) Index: pcre3-8.31/pcre_compile.c =================================================================== --- pcre3-8.31.orig/pcre_compile.c 2016-03-25 07:39:54.090016255 -0400 +++ pcre3-8.31/pcre_compile.c 2016-03-25 07:40:42.062528143 -0400 @@ -5803,7 +5803,20 @@ while (MAX_255(*ptr) && (cd->ctypes[*ptr] & ctype_word) != 0) { if (recno >= 0) - recno = (IS_DIGIT(*ptr))? recno * 10 + *ptr - CHAR_0 : -1; + { + if (IS_DIGIT(*ptr)) + { + if (recno > INT_MAX / 10 - 1) /* Integer overflow */ + { + while (IS_DIGIT(*ptr)) ptr++; + *errorcodeptr = ERR61; + goto FAILED; + } + recno = recno * 10 + *ptr - CHAR_0; + } + else + recno = -1; + } ptr++; } namelen = (int)(ptr - name); @@ -5898,6 +5911,11 @@ *errorcodeptr = ERR15; goto FAILED; } + if (recno > INT_MAX / 10 - 1) /* Integer overflow */ + { + *errorcodeptr = ERR61; + goto FAILED; + } recno = recno * 10 + name[i] - CHAR_0; } if (recno == 0) recno = RREF_ANY; Index: pcre3-8.31/testdata/testinput2 =================================================================== --- pcre3-8.31.orig/testdata/testinput2 2016-03-25 07:39:54.090016255 -0400 +++ pcre3-8.31/testdata/testinput2 2016-03-25 07:39:54.086016211 -0400 @@ -3795,4 +3795,8 @@ "[[[.\xe8Nq\xffq\xff\xe0\x2|||::Nq\xffq\xff\xe0\x6\x2|||::[[[:[::::::[[[[[::::::::[:[[[:[:::[[[[[[[[[[[[:::::::::::::::::[[.\xe8Nq\xffq\xff\xe0\x2|||::Nq\xffq\xff\xe0\x6\x2|||::[[[:[::::::[[[[[::::::::[:[[[:[:::[[[[[[[[[[[[[[:::E[[[:[:[[:[:::[[:::E[[[:[:[[:'[:::::E[[[:[::::::[[[:[[[[[[[::E[[[:[::::::[[[:[[[[[[[[:[[::[::::[[:::::::[[:[[[[[[[:[[::[:[[:[~" +/((?(R8000000000)))/ + +/(?(8000000000/ + /-- End of testinput2 --/ Index: pcre3-8.31/testdata/testoutput2 =================================================================== --- pcre3-8.31.orig/testdata/testoutput2 2016-03-25 07:39:54.090016255 -0400 +++ pcre3-8.31/testdata/testoutput2 2016-03-25 07:39:54.086016211 -0400 @@ -12430,4 +12430,10 @@ "[[[.\xe8Nq\xffq\xff\xe0\x2|||::Nq\xffq\xff\xe0\x6\x2|||::[[[:[::::::[[[[[::::::::[:[[[:[:::[[[[[[[[[[[[:::::::::::::::::[[.\xe8Nq\xffq\xff\xe0\x2|||::Nq\xffq\xff\xe0\x6\x2|||::[[[:[::::::[[[[[::::::::[:[[[:[:::[[[[[[[[[[[[[[:::E[[[:[:[[:[:::[[:::E[[[:[:[[:'[:::::E[[[:[::::::[[[:[[[[[[[::E[[[:[::::::[[[:[[[[[[[[:[[::[::::[[:::::::[[:[[[[[[[:[[::[:[[:[~" Failed: missing terminating ] for character class at offset 353 +/((?(R8000000000)))/ +Failed: number is too big at offset 16 + +/(?(8000000000/ +Failed: number is too big at offset 13 + /-- End of testinput2 --/ debian/patches/apply-upstream-revision-1631-closes-81590000644000000000000000000001363212675020360017647 0ustar Description: Apply upstream revision 1631 (Closes: #815921) This is an upstream patch to fix workspace overflow for (*ACCEPT) with deeply nested parentheses Author: Matthew Vernon X-Dgit-Generated: 2:8.38-2 50aa7778a6bb8b81a9e03e8744f797362183772e --- Index: pcre3-8.31/pcreposix.c =================================================================== --- pcre3-8.31.orig/pcreposix.c 2016-03-24 13:13:40.286993129 -0400 +++ pcre3-8.31/pcreposix.c 2016-03-24 13:14:25.491561003 -0400 @@ -161,7 +161,8 @@ REG_BADPAT, /* invalid UTF-16 string (should not occur) */ /* 75 */ REG_BADPAT, /* overlong MARK name */ - REG_BADPAT /* character value in \u.... sequence is too large */ + REG_BADPAT, /* character value in \u.... sequence is too large */ + REG_BADPAT /* pattern too complicated */ }; /* Table of texts corresponding to POSIX error codes */ Index: pcre3-8.31/pcre_compile.c =================================================================== --- pcre3-8.31.orig/pcre_compile.c 2016-03-24 13:13:40.286993129 -0400 +++ pcre3-8.31/pcre_compile.c 2016-03-24 13:15:00.135996257 -0400 @@ -492,6 +492,7 @@ /* 75 */ "name is too long in (*MARK), (*PRUNE), (*SKIP), or (*THEN)\0" "character value in \\u.... sequence is too large\0" + "regular expression is too complicated\0" ; /* Table to identify digits and hex digits. This is used when compiling @@ -3551,7 +3552,8 @@ if (code > cd->start_workspace + cd->workspace_size - WORK_SIZE_SAFETY_MARGIN) /* Check for overrun */ { - *errorcodeptr = ERR52; + *errorcodeptr = (code >= cd->start_workspace + cd->workspace_size)? + ERR52 : ERR77; goto FAILED; } @@ -5644,8 +5646,21 @@ cd->had_accept = TRUE; for (oc = cd->open_caps; oc != NULL; oc = oc->next) { - *code++ = OP_CLOSE; - PUT2INC(code, 0, oc->number); + if (lengthptr != NULL) + { +#ifdef COMPILE_PCRE8 + *lengthptr += 1 + IMM2_SIZE; +#elif defined COMPILE_PCRE16 + *lengthptr += 2 + IMM2_SIZE; +#elif defined COMPILE_PCRE32 + *lengthptr += 4 + IMM2_SIZE; +#endif + } + else + { + *code++ = OP_CLOSE; + PUT2INC(code, 0, oc->number); + } } *code++ = (cd->assert_depth > 0)? OP_ASSERT_ACCEPT : OP_ACCEPT; Index: pcre3-8.31/pcre_internal.h =================================================================== --- pcre3-8.31.orig/pcre_internal.h 2016-03-24 13:13:40.286993129 -0400 +++ pcre3-8.31/pcre_internal.h 2016-03-24 13:15:20.660254126 -0400 @@ -1945,7 +1945,7 @@ ERR40, ERR41, ERR42, ERR43, ERR44, ERR45, ERR46, ERR47, ERR48, ERR49, ERR50, ERR51, ERR52, ERR53, ERR54, ERR55, ERR56, ERR57, ERR58, ERR59, ERR60, ERR61, ERR62, ERR63, ERR64, ERR65, ERR66, ERR67, ERR68, ERR69, - ERR70, ERR71, ERR72, ERR73, ERR74, ERR75, ERR76, ERRCOUNT }; + ERR70, ERR71, ERR72, ERR73, ERR74, ERR75, ERR76, ERR77, ERRCOUNT }; /* JIT compiling modes. The function list is indexed by them. */ enum { JIT_COMPILE, JIT_PARTIAL_SOFT_COMPILE, JIT_PARTIAL_HARD_COMPILE, Index: pcre3-8.31/testdata/testoutput11-8 =================================================================== --- pcre3-8.31.orig/testdata/testoutput11-8 2016-03-24 13:13:40.286993129 -0400 +++ pcre3-8.31/testdata/testoutput11-8 2016-03-24 13:13:40.282993080 -0400 @@ -749,4 +749,7 @@ 34 End ------------------------------------------------------------------ +/([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00](*ACCEPT)/ +Failed: missing ) at offset 509 + /-- End of testinput11 --/ Index: pcre3-8.31/testdata/testoutput11-16 =================================================================== --- pcre3-8.31.orig/testdata/testoutput11-16 2016-03-24 13:13:40.286993129 -0400 +++ pcre3-8.31/testdata/testoutput11-16 2016-03-24 13:13:40.282993080 -0400 @@ -749,4 +749,7 @@ 22 End ------------------------------------------------------------------ +/([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00](*ACCEPT)/ +Failed: regular expression is too complicated at offset 490 + /-- End of testinput11 --/ Index: pcre3-8.31/testdata/testinput11 =================================================================== --- pcre3-8.31.orig/testdata/testinput11 2016-03-24 13:13:40.286993129 -0400 +++ pcre3-8.31/testdata/testinput11 2016-03-24 13:13:40.282993080 -0400 @@ -136,4 +136,6 @@ /((?+1)(\1))/B +/([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00](*ACCEPT)/ + /-- End of testinput11 --/ debian/patches/0001-Fix-overflow-when-ovector-has-size-1.patch0000644000000000000000000000360312675015703021110 0ustar Description: Fix overflow when ovector has size 1. . Addresses CVE-2015-8380. Origin: upstream, http://vcs.pcre.org/pcre?view=revision&revision=1565 Bug: https://bugs.exim.org/show_bug.cgi?id=1637 Bug-Debian: https://bugs.debian.org/806467 Forwarded: not-needed Author: Salvatore Bonaccorso Last-Update: 2015-12-29 Applied-Upstream: 8.38 --- pcre_exec.c | 3 ++- testdata/testinput2 | 3 +++ testdata/testoutput2 | 4 ++++ 4 files changed, 12 insertions(+), 1 deletion(-) Index: pcre3-8.31/pcre_exec.c =================================================================== --- pcre3-8.31.orig/pcre_exec.c 2016-03-24 12:54:19.089284185 -0400 +++ pcre3-8.31/pcre_exec.c 2016-03-24 12:54:19.085284141 -0400 @@ -6664,7 +6664,8 @@ register int *iend = iptr - re->top_bracket; if (iend < md->offset_vector + 2) iend = md->offset_vector + 2; while (--iptr >= iend) *iptr = -1; - md->offset_vector[0] = md->offset_vector[1] = -1; + if (offsetcount > 0) md->offset_vector[0] = -1; + if (offsetcount > 1) md->offset_vector[1] = -1; } /* Set up the first character to match, if available. The first_char value is Index: pcre3-8.31/testdata/testinput2 =================================================================== --- pcre3-8.31.orig/testdata/testinput2 2016-03-24 12:54:19.089284185 -0400 +++ pcre3-8.31/testdata/testinput2 2016-03-24 12:54:19.085284141 -0400 @@ -3783,4 +3783,7 @@ /(?=di(?<=(?1))|(?=(.))))/ +// +\O1 + /-- End of testinput2 --/ Index: pcre3-8.31/testdata/testoutput2 =================================================================== --- pcre3-8.31.orig/testdata/testoutput2 2016-03-24 12:54:19.089284185 -0400 +++ pcre3-8.31/testdata/testoutput2 2016-03-24 12:54:19.085284141 -0400 @@ -12415,4 +12415,8 @@ /(?=di(?<=(?1))|(?=(.))))/ Failed: unmatched parentheses at offset 23 +// +\O1 +Matched, but too many substrings + /-- End of testinput2 --/ debian/patches/bug12870000644000000000000000000000160612024426233011640 0ustar Origin: http://bugs.exim.org/attachment.cgi?id=586 Bug: http://bugs.exim.org/show_bug.cgi?id=1287 Bug-Debian: http://bugs.debian.org/686495 Description: Fix for upstream bug 1287 - wrong value in re_nsub This is due to a wrong cast. Bug fix from upstream bugzilla. Index: pcre3-8.31/pcreposix.c =================================================================== --- pcre3-8.31.orig/pcreposix.c 2012-06-20 16:08:49.000000000 +0100 +++ pcre3-8.31/pcreposix.c 2012-09-13 19:53:34.000000000 +0100 @@ -259,6 +259,7 @@ int erroffset; int errorcode; int options = 0; +int re_nsub = 0; if ((cflags & REG_ICASE) != 0) options |= PCRE_CASELESS; if ((cflags & REG_NEWLINE) != 0) options |= PCRE_MULTILINE; @@ -282,7 +283,8 @@ } (void)pcre_fullinfo((const pcre *)preg->re_pcre, NULL, PCRE_INFO_CAPTURECOUNT, - &(preg->re_nsub)); + &re_nsub); +preg->re_nsub = (size_t)re_nsub; return 0; } debian/patches/0001-Fix-named-forward-reference-to-duplicate-group-numbe.patch0000644000000000000000000000511212675231265024260 0ustar Description: Fix named forward reference to duplicate group number overflow bug. Origin: backport, http://vcs.pcre.org/pcre?view=revision&revision=1559 --- pcre_compile.c | 26 +++++++++++++++++--------- testdata/testinput1 | 3 +++ testdata/testoutput1 | 5 +++++ 4 files changed, 30 insertions(+), 9 deletions(-) Index: pcre3-8.31/pcre_compile.c =================================================================== --- pcre3-8.31.orig/pcre_compile.c 2016-03-25 08:44:08.928700312 -0400 +++ pcre3-8.31/pcre_compile.c 2016-03-25 08:44:08.924700267 -0400 @@ -6239,6 +6239,14 @@ goto FAILED; } + /* If this is a forward reference and we are within a (?|...) group, + the reference may end up as the number of a group which we are + currently inside, that is, it could be a recursive reference. In the + real compile this will be picked up and the reference wrapped with + OP_ONCE to make it atomic, so we must space in case this occurs. */ + + *lengthptr += 2 + 2*LINK_SIZE; + /* The name table does not exist in the first pass, so we cannot do a simple search as in the code below. Instead, we have to scan the pattern to find the number. It is important that we scan it only as Index: pcre3-8.31/testdata/testinput1 =================================================================== --- pcre3-8.31.orig/testdata/testinput1 2016-03-25 08:44:08.928700312 -0400 +++ pcre3-8.31/testdata/testinput1 2016-03-25 08:44:08.924700267 -0400 @@ -5268,4 +5268,7 @@ /((?>a?)*)*c/ aac +"(?|(\k'Pm')|(?'Pm'))" + abcd + /-- End of testinput1 --/ Index: pcre3-8.31/testdata/testoutput1 =================================================================== --- pcre3-8.31.orig/testdata/testoutput1 2016-03-25 08:44:08.928700312 -0400 +++ pcre3-8.31/testdata/testoutput1 2016-03-25 08:44:08.924700267 -0400 @@ -8743,4 +8743,7 @@ 0: aac 1: +"(?|(\k'Pm')|(?'Pm'))" +Failed: reference to non-existent subpattern at offset 20 + /-- End of testinput1 --/ Index: pcre3-8.31/testdata/testoutput11-8 =================================================================== --- pcre3-8.31.orig/testdata/testoutput11-8 2016-03-25 08:44:08.928700312 -0400 +++ pcre3-8.31/testdata/testoutput11-8 2016-03-25 08:44:34.472996580 -0400 @@ -232,7 +232,7 @@ ------------------------------------------------------------------ /(?Pa)...(?P=a)bbb(?P>a)d/BM -Memory allocation (code space): 34 +Memory allocation (code space): 46 ------------------------------------------------------------------ 0 30 Bra 3 7 CBra 1 debian/patches/pcregrep.1-patch0000644000000000000000000000166512024423620013606 0ustar From: Mark Baker Description: Mention zpcregrep wrapper script in pcregrep man page. Index: pcre-8.30/doc/pcregrep.1 =================================================================== --- pcre-8.30.orig/doc/pcregrep.1 2011-09-11 16:28:04.000000000 +0200 +++ pcre-8.30/doc/pcregrep.1 2012-03-23 11:05:02.276360705 +0100 @@ -3,6 +3,7 @@ pcregrep - a grep with Perl-compatible regular expressions. .SH SYNOPSIS .B pcregrep [options] [long options] [pattern] [path1 path2 ...] +.B zpcregrep [options] [long options] [pattern] [file1 file2 ...] . .SH DESCRIPTION .rs @@ -82,6 +83,9 @@ If the \fBLC_ALL\fP or \fBLC_CTYPE\fP environment variable is set, \fBpcregrep\fP uses the value to set a locale when calling the PCRE library. The \fB--locale\fP option can be used to override this. +.P +\fBzpcregrep\fR is a wrapper script that allows pcregrep to work on +gzip compressed files. . . .SH "SUPPORT FOR COMPRESSED FILES" debian/patches/794589-information-disclosure.patch0000644000000000000000000000243512675016104017132 0ustar Description: CVE-2015-8382: pcre_exec does not fill offsets for certain regexps Origin: upstream, http://vcs.pcre.org/pcre/code/trunk/pcre_exec.c?r1=1502&r2=1510 Bug: https://bugs.exim.org/show_bug.cgi?id=1537 Bug-Debian: https://bugs.debian.org/794589 Forwarded: not-needed Last-Update: 2015-09-10 Applied-Upstream: 8.37 Index: pcre3-8.31/pcre_exec.c =================================================================== --- pcre3-8.31.orig/pcre_exec.c 2016-03-24 12:56:32.606701512 -0400 +++ pcre3-8.31/pcre_exec.c 2016-03-24 12:56:32.602701471 -0400 @@ -1511,7 +1511,18 @@ md->offset_vector[offset] = md->offset_vector[md->offset_end - number]; md->offset_vector[offset+1] = (int)(eptr - md->start_subject); - if (offset_top <= offset) offset_top = offset + 2; + + /* If this group is at or above the current highwater mark, ensure that + any groups between the current high water mark and this group are marked + unset and then update the high water mark. */ + + if (offset >= offset_top) + { + register int *iptr = md->offset_vector + offset_top; + register int *iend = md->offset_vector + offset; + while (iptr < iend) *iptr++ = -1; + offset_top = offset + 2; + } } ecode += 1 + IMM2_SIZE; break; debian/patches/series0000644000000000000000000000147112703722433012040 0ustar PCRE6_compatible_API.patch pcreposix.patch pcre_info.patch pcregrep.1-patch soname.patch bug1287 cve-2014-8964.patch cve-2015-2325.patch cve-2015-2326.patch cve-2015-5073.patch 0001-Fix-overflow-when-ovector-has-size-1.patch 794589-information-disclosure.patch 0001-Fix-buffer-overflow-for-lookbehind-within-mutually-r.patch 0001-Add-integer-overflow-check-to-n-code.patch 0001-Fix-bug-for-classes-containing-sequences.patch 0001-Fix-run-for-ever-bug-for-deeply-nested-sequences.patch 0001-Make-pcregrep-q-override-l-and-c-for-compatibility-w.patch 0001-Add-missing-integer-overflow-checks.patch apply-upstream-revision-1631-closes-8159 0001-Fix-compile-time-loop-for-recursive-reference-within.patch 0001-Fix-named-forward-reference-to-duplicate-group-numbe.patch 0001-Fix-empty-matching-possessive-zero-repeat-groups.patch debian/README.Versioning.libtool0000644000000000000000000000145212024423620013630 0ustar Debian release of PCRE 4.5 had PCRE_LIB_VERSION=13:0:10 PCRE_POSIXLIB_VERSION=13:0:10 which corresponds to latest debian-revision (soname libpcre.so.3, installed as libpcre.so.3.9.0) and followed the instructions about version numbering in the libtool manual: | 3. If the library source code has changed at all since the last | update, then increment REVISION (`C:R:A' becomes `C:r+1:A'). 13:1:10 4. If any interfaces have been added, removed, or changed since the last update, increment CURRENT, and set REVISION to 0. 14:0:10 5. If any interfaces have been added since the last public release, then increment AGE. 14:0:11 6. If any interfaces have been removed since the last public release, then set AGE to 0. n/a Therefore I'm using 14:0:11 for this release of PCRE 5.0 debian/control0000644000000000000000000000647312554171166010613 0ustar Source: pcre3 Section: libs Priority: optional Maintainer: Ubuntu Developers XSBC-Original-Maintainer: Mark Baker Standards-Version: 3.9.3 Build-Depends: debhelper (>= 5.0.22), dpkg-dev (>= 1.16.0), dh-autoreconf Package: libpcre3 Section: libs Architecture: any Priority: important Depends: ${shlibs:Depends}, ${misc:Depends} Conflicts: libpcre3-dev (<= 4.3-3) Breaks: libpcre-ocaml (<< 6.0.1~), approx (<< 4.4-1~), cmigrep (<< 1.5-7~), ocsigen (<< 1.3.3-1~), cduce (<< 0.5.3-2~), galax (<< 1.1-7~), liquidsoap (<< 0.9.2-3~) Multi-Arch: same Pre-Depends: multiarch-support Description: Perl 5 Compatible Regular Expression Library - runtime files This is a library of functions to support regular expressions whose syntax and semantics are as close as possible to those of the Perl 5 language. . This package contains the runtime libraries. Package: libpcre3-udeb Section: debian-installer Package-Type: udeb Architecture: any Priority: important Depends: ${shlibs:Depends}, ${misc:Depends} Conflicts: libpcre3-dev (<= 4.3-3) Description: Perl 5 Compatible Regular Expression Library - runtime files (udeb) This is a library of functions to support regular expressions whose syntax and semantics are as close as possible to those of the Perl 5 language. . This package contains the runtime libraries for the Debian Installer (udeb). Package: libpcrecpp0 Section: libs Architecture: any Priority: optional Depends: ${shlibs:Depends}, ${misc:Depends} Conflicts: libpcre3 (<< 6.4-1.1) Replaces: libpcre3 (<< 6.4-1.1) Multi-Arch: same Pre-Depends: multiarch-support Description: Perl 5 Compatible Regular Expression Library - C++ runtime files This is a C++ library of functions to support regular expressions whose syntax and semantics are as close as possible to those of the Perl 5 language. . This package contains the C++ runtime library. Package: libpcre3-dev Section: libdevel Architecture: any Multi-Arch: same Depends: libc6-dev, libpcre3 (= ${binary:Version}), libpcrecpp0 (= ${binary:Version}), ${misc:Depends} Conflicts: libpcre1-dev, libpcre2-dev Description: Perl 5 Compatible Regular Expression Library - development files This is a library of functions to support regular expressions whose syntax and semantics are as close as possible to those of the Perl 5 language. . This package contains the development files, including headers, static libraries, and documentation. Package: libpcre3-dbg Section: debug Priority: extra Architecture: any Depends: libpcre3 (= ${binary:Version}), libpcrecpp0 (= ${binary:Version}), ${misc:Depends} Multi-Arch: same Description: Perl 5 Compatible Regular Expression Library - debug symbols This is a library of functions to support regular expressions whose syntax and semantics are as close as possible to those of the Perl 5 language. . This package contains the debug symbols, Package: pcregrep Section: utils Architecture: any Depends: ${shlibs:Depends}, ${misc:Depends} Replaces: pgrep (<<4.5) Description: grep utility that uses perl 5 compatible regexes. Perl-style regexps have many useful features that the standard POSIX ones don't; this is basically the same as grep but with the different regexp syntax. . The other reason for the existence of pcregrep is that its source code is an example of programming with libpcre. debian/pcre-config.10000644000000000000000000000326312024423620011443 0ustar .TH PCRE-CONFIG 1 .SH NAME pcre-config \- program to return PCRE configuration .SH SYNOPSIS .B pcre-config .RB [ --prefix ] .RB [ --exec-prefix ] .RB [ --version ] .RB [ --libs ] .RB [ --libs-posix ] .RB [ --cflags ] .RB [ --cflags-posix ] .SH DESCRIPTION \fBpcre-config\fR returns the configuration of the installed PCRE libraries: the options required to compile a program to use them. .SH OPTIONS .TP 10 \fB--prefix\fR Writes the directory prefix used in the PCRE installation for architecture independent files (e.g. \fI/usr\fR) to standard output. .TP \fB--exec-prefix\fR Writes the directory prefix used in the PCRE installation for architecture dependent files (normally the same as \fB--prefix\fR) to standard output. .TP \fB--version\fR Writes the version of PCRE installed to standard output. .TP \fB--libs\fR Writes to standard output the command line options required to link with PCRE (e.g. \fI-lpcre\fR). .TP \fB--libs-posix\fR Writes to standard output the command line options required to link with the PCRE POSIX emulation library (e.g. \fI-lpcreposix -lpcre\fR). .TP \fB--cflags\fR Writes to standard output the command line options required to compile files that use PCRE (this often includes some \fI-I\fR options, but is blank on debian systems). .TP \fB--cflags-posix\fR Writes to standard output the command line options required to compile files that use the PCRE POSIX emulation library (this often includes some -I options, but is blank on debian systems). Suppress printing of filenames when searching multiple files. .TP .SH AUTHOR This manual page was written by Mark Baker , for the Debian GNU/Linux system (but may be used by others). .SH SEE ALSO \fBpcre(3) debian/zpcregrep0000644000000000000000000000004312024423620011102 0ustar #!/bin/sh GREP=pcregrep zgrep "$@" debian/pcregrep.files0000644000000000000000000000006012024423620012010 0ustar usr/bin/pcregrep usr/share/man/man1/pcregrep.1 debian/copyright0000644000000000000000000000531512024423620011120 0ustar This is Debian GNU/Linux's prepackaged version of the PCRE regular expression library and associated pgrep utility. This package was put together by me, Mark Baker from the original sources obtained from ftp.csx.cam.ac.uk:/pub/software/programming/pcre. PCRE LICENCE ------------ PCRE is a library of functions to support regular expressions whose syntax and semantics are as close as possible to those of the Perl 5 language. Release 7 of PCRE is distributed under the terms of the "BSD" licence, as specified below. The documentation for PCRE, supplied in the "doc" directory, is distributed under the same terms as the software itself. The basic library functions are written in C and are freestanding. Also included in the distribution is a set of C++ wrapper functions. THE BASIC LIBRARY FUNCTIONS --------------------------- Written by: Philip Hazel Email local part: ph10 Email domain: cam.ac.uk University of Cambridge Computing Service, Cambridge, England. Copyright (c) 1997-2007 University of Cambridge All rights reserved. THE C++ WRAPPER FUNCTIONS ------------------------- Contributed by: Google Inc. Copyright (c) 2007, Google Inc. All rights reserved. THE "BSD" LICENCE ----------------- Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: * Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. * Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. * Neither the name of the University of Cambridge nor the name of Google Inc. nor the names of their contributors may be used to endorse or promote products derived from this software without specific prior written permission. THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. End debian/libpcrecpp0.docs0000644000000000000000000000002512024423620012233 0ustar README AUTHORS NEWS debian/source/0000755000000000000000000000000012024423620010461 5ustar debian/source/format0000644000000000000000000000001412024423620011667 0ustar 3.0 (quilt) debian/source/options0000644000000000000000000000005312024423620012075 0ustar compression = "gzip" compression-level = 9 debian/watch0000644000000000000000000000011712024423617010217 0ustar version=3 ftp://ftp.csx.cam.ac.uk/pub/software/programming/pcre/pcre-(.*)\.zip debian/libpcre3-dev.manpages0000644000000000000000000000002612024423620013153 0ustar debian/pcre-config.1 debian/README.Debian0000644000000000000000000000066412024423620011230 0ustar libpcre for debian ------------------ Upstream's library version is much lower than Debian's - PCRE_LIB_VERSION=0:1:0 instead of 13:0:10 (soname libpcre.so.0 instead of libpcre.so.3) The other change I made is to prefix the names of the functions in libpcreposix with "pcreposix_". This is required so they don't clash with the ones in libc. Suitable #defines have been added to pcreposix.h so that the unprefixed names can be used. debian/libpcre3-dev.examples0000644000000000000000000000001312024423617013200 0ustar pcredemo.c debian/pcregrep.install0000644000000000000000000000014112024423617012362 0ustar debian/tmp/usr/bin/pcregrep debian/tmp/usr/share/man/man1/pcregrep.1 debian/zpcregrep /usr/bin/