grep: Fix CVE-2015-1345 heap buffer overrun

Signed-off-by: Julen Landa Alustiza <julen@zokormazo.info>

diff --git a/utils/grep/Makefile b/utils/grep/Makefile
index 42a4ef64fea5419b785d2f871faee909a97d1964..c4703bc56915772bf85814ac28c201edab07ca04 100644 (file)
--- a/utils/grep/Makefile
+++ b/utils/grep/Makefile
@@ -9,7 +9,7 @@ include $(TOPDIR)/rules.mk
 
 PKG_NAME:=grep
 PKG_VERSION:=2.21
-PKG_RELEASE:=1
+PKG_RELEASE:=2
 
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz
 PKG_SOURCE_URL:=@GNU/grep

diff --git a/utils/grep/patches/0001-grep-F-fix-a-heap-buffer-read-overrun.patch b/utils/grep/patches/0001-grep-F-fix-a-heap-buffer-read-overrun.patch
new file mode 100644 (file)
index 0000000..df70359
--- /dev/null
+++ b/utils/grep/patches/0001-grep-F-fix-a-heap-buffer-read-overrun.patch
@@ -0,0 +1,15 @@
+diff --git a/src/kwset.c b/src/kwset.c
+index 4003c8d..376f7c3 100644
+--- a/src/kwset.c
++++ b/src/kwset.c
+@@ -643,6 +643,8 @@ bmexec_trans (kwset_t kwset, char const *text, size_t size)
+                     if (! tp)
+                       return -1;
+                     tp++;
++                    if (ep <= tp)
++                      break;
+                   }
+               }
+           }
+--
+cgit v0.9.0.2