From 800f832201267bcbf6a7e9b4b9dbc69f9029dcc0 Mon Sep 17 00:00:00 2001
From: Giuseppe D'Angelo <giuseppe.dangelo@kdab.com>
Date: Fri, 21 Nov 2014 15:30:01 +0100
Subject: [PATCH] Apply r1513 to our PCRE bundled copy

Fixes CVE-2014-8964.

Upstream diff: http://www.exim.org/viewvc/pcre?view=revision&revision=1513

Change-Id: I59dc1f4c290e29ab5f22ed68eaeba702f4232e0e
Reviewed-by: Oswald Buddenhagen <oswald.buddenhagen@theqtcompany.com>
Reviewed-by: Lars Knoll <lars.knoll@digia.com>
Reviewed-by: Richard J. Moore <rich@kde.org>
---
 src/3rdparty/pcre/patches/pcre-r1513.patch | 18 ++++++++++++++++++
 src/3rdparty/pcre/pcre_exec.c              |  7 +++++--
 2 files changed, 23 insertions(+), 2 deletions(-)
 create mode 100644 src/3rdparty/pcre/patches/pcre-r1513.patch

diff --git a/src/3rdparty/pcre/patches/pcre-r1513.patch b/src/3rdparty/pcre/patches/pcre-r1513.patch
new file mode 100644
index 00000000000..d84aa0cc616
--- /dev/null
+++ b/src/3rdparty/pcre/patches/pcre-r1513.patch
@@ -0,0 +1,18 @@
+Index: pcre_exec.c
+===================================================================
+--- pcre_exec.c	(revisione 1512)
++++ pcre_exec.c	(revisione 1513)
+@@ -1404,8 +1404,11 @@
+         condition = TRUE;
+ 
+         /* Advance ecode past the assertion to the start of the first branch,
+-        but adjust it so that the general choosing code below works. */
+-
++        but adjust it so that the general choosing code below works. If the 
++        assertion has a quantifier that allows zero repeats we must skip over 
++        the BRAZERO. This is a lunatic thing to do, but somebody did! */
++        
++        if (*ecode == OP_BRAZERO) ecode++; 
+         ecode += GET(ecode, 1);
+         while (*ecode == OP_ALT) ecode += GET(ecode, 1);
+         ecode += 1 + LINK_SIZE - PRIV(OP_lengths)[condcode];
diff --git a/src/3rdparty/pcre/pcre_exec.c b/src/3rdparty/pcre/pcre_exec.c
index b0101da351b..7755aaf13a9 100644
--- a/src/3rdparty/pcre/pcre_exec.c
+++ b/src/3rdparty/pcre/pcre_exec.c
@@ -1394,8 +1394,11 @@ for (;;)
         condition = TRUE;
 
         /* Advance ecode past the assertion to the start of the first branch,
-        but adjust it so that the general choosing code below works. */
-
+        but adjust it so that the general choosing code below works. If the 
+        assertion has a quantifier that allows zero repeats we must skip over 
+        the BRAZERO. This is a lunatic thing to do, but somebody did! */
+        
+        if (*ecode == OP_BRAZERO) ecode++; 
         ecode += GET(ecode, 1);
         while (*ecode == OP_ALT) ecode += GET(ecode, 1);
         ecode += 1 + LINK_SIZE - PRIV(OP_lengths)[condcode];
-- 
GitLab