Change-Id: I1c3d0fc937ee085327dd85de5422c0204ab21225
Reviewed-on: http://photon-jenkins.eng.vmware.com:8082/2178
Tested-by: gerrit-photon <photon-checkins@vmware.com>
Reviewed-by: Alexey Makhalov <amakhalov@vmware.com>
... | ... |
@@ -1,20 +1,18 @@ |
1 | 1 |
Summary: Programs for searching through files |
2 | 2 |
Name: grep |
3 |
-Version: 2.21 |
|
4 |
-Release: 3%{?dist} |
|
3 |
+Version: 3.0 |
|
4 |
+Release: 1%{?dist} |
|
5 | 5 |
License: GPLv3+ |
6 | 6 |
URL: http://www.gnu.org/software/grep |
7 | 7 |
Group: Applications/File |
8 | 8 |
Vendor: VMware, Inc. |
9 | 9 |
Distribution: Photon |
10 |
-Source0: http://ftp.gnu.org/gnu/grep/%{name}-%{version}.tar.xz |
|
11 |
-%define sha1 grep=c7e6525c5c5aaa1bc3c1774db1697f42b11c2d85 |
|
12 |
-Patch0: out-of-bound-heap-read-CVE-2015-1345.patch |
|
10 |
+Source0: http://ftp.gnu.org/gnu/grep/%{name}-%{version}.tar.xz |
|
11 |
+%define sha1 grep=7b742a6278f28ff056da799c62c1b9e417fe86ba |
|
13 | 12 |
%description |
14 | 13 |
The Grep package contains programs for searching through files. |
15 | 14 |
%prep |
16 | 15 |
%setup -q |
17 |
-%patch0 -p1 |
|
18 | 16 |
%build |
19 | 17 |
./configure \ |
20 | 18 |
--prefix=%{_prefix} \ |
... | ... |
@@ -32,6 +30,8 @@ make %{?_smp_mflags} check |
32 | 32 |
/bin/* |
33 | 33 |
%{_mandir}/*/* |
34 | 34 |
%changelog |
35 |
+* Fri Mar 24 2017 Dheeraj Shetty <dheerajs@vmware.com> 3.0-1 |
|
36 |
+- Upgrading grep to 3.0 version |
|
35 | 37 |
* Thu Oct 06 2016 ChangLee <changlee@vmware.com> 2.21-3 |
36 | 38 |
- Modified %check |
37 | 39 |
* Tue May 24 2016 Priyesh Padmavilasom <ppadmavilasom@vmware.com> 2.21-2 |
38 | 40 |
deleted file mode 100644 |
... | ... |
@@ -1,65 +0,0 @@ |
1 |
-From 83a95bd8c8561875b948cadd417c653dbe7ef2e2 Mon Sep 17 00:00:00 2001 |
|
2 |
-From: Yuliy Pisetsky <ypisetsky@fb.com> |
|
3 |
-Date: Thu, 01 Jan 2015 23:36:55 +0000 |
|
4 |
-Subject: grep -F: fix a heap buffer (read) overrun |
|
5 |
- |
|
6 |
-grep's read buffer is often filled to its full size, except when |
|
7 |
-reading the final buffer of a file. In that case, the number of |
|
8 |
-bytes read may be far less than the size of the buffer. However, for |
|
9 |
-certain unusual pattern/text combinations, grep -F would mistakenly |
|
10 |
-examine bytes in that uninitialized region of memory when searching |
|
11 |
-for a match. With carefully chosen inputs, one can cause grep -F to |
|
12 |
-read beyond the end of that buffer altogether. This problem arose via |
|
13 |
-commit v2.18-90-g73893ff with the introduction of a more efficient |
|
14 |
-heuristic using what is now the memchr_kwset function. The use of |
|
15 |
-that function in bmexec_trans could leave TP much larger than EP, |
|
16 |
-and the subsequent call to bm_delta2_search would mistakenly access |
|
17 |
-beyond end of the main input read buffer. |
|
18 |
- |
|
19 |
-* src/kwset.c (bmexec_trans): When TP reaches or exceeds EP, |
|
20 |
-do not call bm_delta2_search. |
|
21 |
-* THANKS.in: Update. |
|
22 |
- |
|
23 |
-Prior to this patch, this command would trigger a UMR: |
|
24 |
- |
|
25 |
- printf %0360db 0 | valgrind src/grep -F $(printf %019dXb 0) |
|
26 |
- |
|
27 |
- Use of uninitialised value of size 8 |
|
28 |
- at 0x4142BE: bmexec_trans (kwset.c:657) |
|
29 |
- by 0x4143CA: bmexec (kwset.c:678) |
|
30 |
- by 0x414973: kwsexec (kwset.c:848) |
|
31 |
- by 0x414DC4: Fexecute (kwsearch.c:128) |
|
32 |
- by 0x404E2E: grepbuf (grep.c:1238) |
|
33 |
- by 0x4054BF: grep (grep.c:1417) |
|
34 |
- by 0x405CEB: grepdesc (grep.c:1645) |
|
35 |
- by 0x405EC1: grep_command_line_arg (grep.c:1692) |
|
36 |
- by 0x4077D4: main (grep.c:2570) |
|
37 |
- |
|
38 |
-Thanks to Nima Aghdaii for testing and finding numerous |
|
39 |
-ways to break early iterations of this patch. |
|
40 |
-diff --git a/THANKS.in b/THANKS.in |
|
41 |
-index aeaf516..624478d 100644 |
|
42 |
-+++ b/THANKS.in |
|
43 |
-@@ -62,6 +62,7 @@ Michael Aichlmayr mikla@nx.com |
|
44 |
- Miles Bader miles@ccs.mt.nec.co.jp |
|
45 |
- Mirraz Mirraz mirraz1@rambler.ru |
|
46 |
- Nelson H. F. Beebe beebe@math.utah.edu |
|
47 |
-+Nima Aghdaii naghdaii@fb.com |
|
48 |
- Olaf Kirch okir@ns.lst.de |
|
49 |
- Paul Kimoto kimoto@spacenet.tn.cornell.edu |
|
50 |
- Péter Radics mitchnull@gmail.com |
|
51 |
-diff --git a/src/kwset.c b/src/kwset.c |
|
52 |
-index 4003c8d..376f7c3 100644 |
|
53 |
-+++ b/src/kwset.c |
|
54 |
-@@ -643,6 +643,8 @@ bmexec_trans (kwset_t kwset, char const *text, size_t size) |
|
55 |
- if (! tp) |
|
56 |
- return -1; |
|
57 |
- tp++; |
|
58 |
-+ if (ep <= tp) |
|
59 |
-+ break; |
|
60 |
- } |
|
61 |
- } |
|
62 |
- } |