external/icu/ExternalProject_icu.mk | 5 +
external/icu/UnpackedTarball_icu.mk | 1
external/icu/b7d08bc04a4296982fcef8b6b8a354a9e4e7afca.patch.2 | 37 ++++++++++
3 files changed, 42 insertions(+), 1 deletion(-)
New commits:
commit 924c12b546b94c3f928cf5a026a68c49e432bc4a
Author: Michael Stahl <michael.st...@cib.de>
AuthorDate: Tue Mar 24 10:48:04 2020 +0100
Commit: Michael Stahl <michael.st...@cib.de>
CommitDate: Wed Mar 25 11:14:07 2020 +0100
icu: add patch to fix CVE-2020-10531
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/90971
Tested-by: Jenkins
Reviewed-by: Michael Stahl <michael.st...@cib.de>
(cherry picked from commit 002d1152dc418f7d624409e76cd9d4ac0b42c7f8)
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/90975
Reviewed-by: Thorsten Behrens <thorsten.behr...@cib.de>
(cherry picked from commit 63b573faf984875cda7a879e696ea75fae81df57)
Change-Id: I0aca4af1bd79f28bf1c920a4d05e80948106aaac
diff --git a/external/icu/ExternalProject_icu.mk
b/external/icu/ExternalProject_icu.mk
index 1a9c5ff90602..6f99976871ad 100644
--- a/external/icu/ExternalProject_icu.mk
+++ b/external/icu/ExternalProject_icu.mk
@@ -13,7 +13,10 @@ $(eval $(call gb_ExternalProject_register_targets,icu,\
build \
))
-icu_CPPFLAGS:="-DHAVE_GCC_ATOMICS=$(if $(filter
TRUE,$(GCC_HAVE_BUILTIN_ATOMIC)),1,0)"
+# -I to find o3tl headers
+icu_CPPFLAGS:=" \
+ -DHAVE_GCC_ATOMICS=$(if $(filter TRUE,$(GCC_HAVE_BUILTIN_ATOMIC)),1,0) \
+ -I$(SRCDIR)/include"
ifeq ($(OS),WNT)
diff --git a/external/icu/UnpackedTarball_icu.mk
b/external/icu/UnpackedTarball_icu.mk
index 499650976a55..ef195a13686c 100644
--- a/external/icu/UnpackedTarball_icu.mk
+++ b/external/icu/UnpackedTarball_icu.mk
@@ -35,6 +35,7 @@ $(eval $(call gb_UnpackedTarball_add_patches,icu,\
$(if $(filter-out
ANDROID,$(OS)),external/icu/icu4c-icudata-stdlibs.patch.1) \
external/icu/icu4c-khmerbreakengine.patch.1 \
external/icu/icu4c-59-werror-shadow.patch.1 \
+ external/icu/b7d08bc04a4296982fcef8b6b8a354a9e4e7afca.patch.2 \
))
$(eval $(call
gb_UnpackedTarball_add_file,icu,source/data/brkitr/khmerdict.dict,external/icu/khmerdict.dict))
diff --git a/external/icu/b7d08bc04a4296982fcef8b6b8a354a9e4e7afca.patch.2
b/external/icu/b7d08bc04a4296982fcef8b6b8a354a9e4e7afca.patch.2
new file mode 100644
index 000000000000..d3b34db670c5
--- /dev/null
+++ b/external/icu/b7d08bc04a4296982fcef8b6b8a354a9e4e7afca.patch.2
@@ -0,0 +1,37 @@
+From b7d08bc04a4296982fcef8b6b8a354a9e4e7afca Mon Sep 17 00:00:00 2001
+From: Frank Tang <ft...@chromium.org>
+Date: Sat, 1 Feb 2020 02:39:04 +0000
+Subject: [PATCH] ICU-20958 Prevent SEGV_MAPERR in append
+
+See #971
+---
+ icu4c/source/common/unistr.cpp | 6 ++-
+ icu4c/source/test/intltest/ustrtest.cpp | 62 +++++++++++++++++++++++++
+ icu4c/source/test/intltest/ustrtest.h | 1 +
+ 3 files changed, 68 insertions(+), 1 deletion(-)
+
+diff --git a/icu4c/source/common/unistr.cpp b/icu4c/source/common/unistr.cpp
+index 901bb3358ba..077b4d6ef20 100644
+--- a/icu4c/source/common/unistr.cpp
++++ b/icu4c/source/common/unistr.cpp
+@@ -31,6 +31,7 @@
+ #include "ustr_imp.h"
+ #include "umutex.h"
+ #include "uassert.h"
++#include <o3tl/safeint.hxx>
+
+ #if 0
+
+@@ -1563,7 +1563,11 @@ UnicodeString::doAppend(const UChar *srcChars, int32_t
srcStart, int32_t srcLeng
+ }
+
+ int32_t oldLength = length();
+- int32_t newLength = oldLength + srcLength;
++ int32_t newLength;
++ if (o3tl::checked_add(oldLength, srcLength, newLength)) {
++ setToBogus();
++ return *this;
++ }
+ // optimize append() onto a large-enough, owned string
+ if((newLength <= getCapacity() && isBufferWritable()) ||
+ cloneArrayIfNeeded(newLength, getGrowCapacity(newLength))) {
_______________________________________________
Libreoffice-commits mailing list
libreoffice-comm...@lists.freedesktop.org
https://lists.freedesktop.org/mailman/listinfo/libreoffice-commits
