diff --git a/0001-CVE-2019-12290.patch b/0001-CVE-2019-12290.patch deleted file mode 100644 index 2cc1e105cbceb64b3b2c21807eb6c22474395351..0000000000000000000000000000000000000000 --- a/0001-CVE-2019-12290.patch +++ /dev/null @@ -1,364 +0,0 @@ -From 2e3328229470730f9c81ea439afe3a9cb1504276 Mon Sep 17 00:00:00 2001 -From: =?UTF-8?q?Tim=20R=C3=BChsen?= -Date: Tue, 9 Apr 2019 16:58:18 +0200 -Subject: [PATCH] Perform A-Label roundtrip for lookup functions by default - -This adds another check to avoid unexpected results. -It was a longstanding FIXME. - -Thanks to Jonathan Birch of Microsoft Corporation, -Florian Weimer (GNU glibc) and Nikos Mavrogiannopoulos (GnuTLS) -for investigation, discussion and testing. ---- - lib/error.c | 2 ++ - lib/idn2.h.in | 12 ++++--- - lib/lookup.c | 105 +++++++++++++++++++++++++++++++++++++++++----------------- - src/blurbs.h | 4 +-- - src/idn2.c | 32 ++++++++++-------- - src/idn2.ggo | 1 + - 6 files changed, 105 insertions(+), 51 deletions(-) - -diff --git a/lib/error.c b/lib/error.c -index 0304044..8483f30 100644 ---- a/lib/error.c -+++ b/lib/error.c -@@ -77,6 +77,7 @@ idn2_strerror (int rc) - case IDN2_DOT_IN_LABEL: return _("domain label has forbidden dot (TR46)"); - case IDN2_INVALID_TRANSITIONAL: return _("domain label has character forbidden in transitional mode (TR46)"); - case IDN2_INVALID_NONTRANSITIONAL: return _("domain label has character forbidden in non-transitional mode (TR46)"); -+ case IDN2_ALABEL_ROUNDTRIP_FAILED: return _("Alabel roundtrip failed"); - default: return _("Unknown error"); - } - } -@@ -129,6 +130,7 @@ idn2_strerror_name (int rc) - case IDN2_DOT_IN_LABEL: return ERR2STR (IDN2_DOT_IN_LABEL); - case IDN2_INVALID_TRANSITIONAL: return ERR2STR (IDN2_INVALID_TRANSITIONAL); - case IDN2_INVALID_NONTRANSITIONAL: return ERR2STR (IDN2_INVALID_NONTRANSITIONAL); -+ case IDN2_ALABEL_ROUNDTRIP_FAILED: return ERR2STR (IDN2_ALABEL_ROUNDTRIP_FAILED); - default: return "IDN2_UNKNOWN"; - } - } -diff --git a/lib/idn2.h.in b/lib/idn2.h.in -index bae7e2e..b979bda 100644 ---- a/lib/idn2.h.in -+++ b/lib/idn2.h.in -@@ -150,10 +150,11 @@ extern "C" - /** - * idn2_flags: - * @IDN2_NFC_INPUT: Normalize input string using normalization form C. -- * @IDN2_ALABEL_ROUNDTRIP: Perform optional IDNA2008 lookup roundtrip check (not implemented yet). -- * @IDN2_NO_TR46: Disable Unicode TR46 processing (default). -+ * @IDN2_ALABEL_ROUNDTRIP: Perform optional IDNA2008 lookup roundtrip check (default). -+ * @IDN2_NO_ALABEL_ROUNDTRIP: Disable ALabel lookup roundtrip check. -+ * @IDN2_NO_TR46: Disable Unicode TR46 processing. - * @IDN2_TRANSITIONAL: Perform Unicode TR46 transitional processing. -- * @IDN2_NONTRANSITIONAL: Perform Unicode TR46 non-transitional processing. -+ * @IDN2_NONTRANSITIONAL: Perform Unicode TR46 non-transitional processing (default). - * @IDN2_ALLOW_UNASSIGNED: Libidn compatibility flag, unused. - * @IDN2_USE_STD3_ASCII_RULES: Use STD3 ASCII rules. - * This is a #TR46 only flag, and will be ignored when set without either -@@ -170,7 +171,8 @@ extern "C" - IDN2_NONTRANSITIONAL = 8, - IDN2_ALLOW_UNASSIGNED = 16, - IDN2_USE_STD3_ASCII_RULES = 32, -- IDN2_NO_TR46 = 64 -+ IDN2_NO_TR46 = 64, -+ IDN2_NO_ALABEL_ROUNDTRIP = 128 - } idn2_flags; - - /* IDNA2008 with UTF-8 encoded inputs. */ -@@ -221,6 +223,7 @@ extern "C" - * @IDN2_DOT_IN_LABEL: Label has forbidden dot (TR46). - * @IDN2_INVALID_TRANSITIONAL: Label has character forbidden in transitional mode (TR46). - * @IDN2_INVALID_NONTRANSITIONAL: Label has character forbidden in non-transitional mode (TR46). -+ * @IDN2_ALABEL_ROUNDTRIP_FAILED: ALabel -> Ulabel -> ALabel result differs from input. - * - * Return codes for IDN2 functions. All return codes are negative - * except for the successful code IDN2_OK which are guaranteed to be -@@ -259,6 +262,7 @@ extern "C" - IDN2_DOT_IN_LABEL = -311, - IDN2_INVALID_TRANSITIONAL = -312, - IDN2_INVALID_NONTRANSITIONAL = -313, -+ IDN2_ALABEL_ROUNDTRIP_FAILED = -314, - } idn2_rc; - - /* Auxilliary functions. */ -diff --git a/lib/lookup.c b/lib/lookup.c -index 1d922a5..5e814e0 100644 ---- a/lib/lookup.c -+++ b/lib/lookup.c -@@ -51,6 +51,9 @@ static int set_default_flags(int *flags) - if (((*flags) & (IDN2_TRANSITIONAL|IDN2_NONTRANSITIONAL)) && ((*flags) & IDN2_NO_TR46)) - return IDN2_INVALID_FLAGS; - -+ if (((*flags) & IDN2_ALABEL_ROUNDTRIP) && ((*flags) & IDN2_NO_ALABEL_ROUNDTRIP)) -+ return IDN2_INVALID_FLAGS; -+ - if (!((*flags) & (IDN2_NO_TR46|IDN2_TRANSITIONAL))) - *flags |= IDN2_NONTRANSITIONAL; - -@@ -63,23 +66,39 @@ label (const uint8_t * src, size_t srclen, uint8_t * dst, size_t * dstlen, - { - size_t plen; - uint32_t *p; -- int rc; -- size_t tmpl; -- -- if (_idn2_ascii_p (src, srclen)) -- { -- if (flags & IDN2_ALABEL_ROUNDTRIP) -- /* FIXME implement this MAY: -- -- If the input to this procedure appears to be an A-label -- (i.e., it starts in "xn--", interpreted -- case-insensitively), the lookup application MAY attempt to -- convert it to a U-label, first ensuring that the A-label is -- entirely in lowercase (converting it to lowercase if -- necessary), and apply the tests of Section 5.4 and the -- conversion of Section 5.5 to that form. */ -- return IDN2_INVALID_FLAGS; -+ const uint8_t *src_org = NULL; -+ uint8_t *src_allocated = NULL; -+ int rc, check_roundtrip = 0; -+ size_t tmpl, srclen_org = 0; -+ uint32_t label_u32[IDN2_LABEL_MAX_LENGTH]; -+ size_t label32_len = IDN2_LABEL_MAX_LENGTH; -+ -+ if (_idn2_ascii_p (src, srclen)) { -+ if (!(flags & IDN2_NO_ALABEL_ROUNDTRIP) && srclen >= 4 && memcmp (src, "xn--", 4) == 0) { -+ /* -+ If the input to this procedure appears to be an A-label -+ (i.e., it starts in "xn--", interpreted -+ case-insensitively), the lookup application MAY attempt to -+ convert it to a U-label, first ensuring that the A-label is -+ entirely in lowercase (converting it to lowercase if -+ necessary), and apply the tests of Section 5.4 and the -+ conversion of Section 5.5 to that form. */ -+ rc = _idn2_punycode_decode (srclen - 4, (char *) src + 4, &label32_len, label_u32); -+ if (rc) -+ return rc; - -+ check_roundtrip = 1; -+ src_org = src; -+ srclen_org = srclen; -+ -+ srclen = IDN2_LABEL_MAX_LENGTH; -+ src = src_allocated = u32_to_u8 (label_u32, label32_len, NULL, &srclen); -+ if (!src) { -+ if (errno == ENOMEM) -+ return IDN2_MALLOC; -+ return IDN2_ENCODING_ERROR; -+ } -+ } else { - if (srclen > IDN2_LABEL_MAX_LENGTH) - return IDN2_TOO_BIG_LABEL; - if (srclen > *dstlen) -@@ -89,10 +108,11 @@ label (const uint8_t * src, size_t srclen, uint8_t * dst, size_t * dstlen, - *dstlen = srclen; - return IDN2_OK; - } -+ } - - rc = _idn2_u8_to_u32_nfc (src, srclen, &p, &plen, flags & IDN2_NFC_INPUT); - if (rc != IDN2_OK) -- return rc; -+ goto out; - - if (!(flags & IDN2_TRANSITIONAL)) - { -@@ -110,8 +130,8 @@ label (const uint8_t * src, size_t srclen, uint8_t * dst, size_t * dstlen, - - if (rc != IDN2_OK) - { -- free(p); -- return rc; -+ free (p); -+ goto out; - } - } - -@@ -124,11 +144,25 @@ label (const uint8_t * src, size_t srclen, uint8_t * dst, size_t * dstlen, - rc = _idn2_punycode_encode (plen, p, &tmpl, (char *) dst + 4); - free (p); - if (rc != IDN2_OK) -- return rc; -+ goto out; -+ - - *dstlen = 4 + tmpl; - -- return IDN2_OK; -+ if (check_roundtrip) -+ { -+ if (srclen_org != *dstlen || memcmp (src_org, dst, srclen_org)) -+ { -+ rc = IDN2_ALABEL_ROUNDTRIP_FAILED; -+ goto out; -+ } -+ } -+ -+ rc = IDN2_OK; -+ -+out: -+ free (src_allocated); -+ return rc; - } - - #define TR46_TRANSITIONAL_CHECK \ -@@ -371,13 +405,17 @@ _tr46 (const uint8_t * domain_u8, uint8_t ** out, int flags) - * Pass %IDN2_NFC_INPUT in @flags to convert input to NFC form before - * further processing. %IDN2_TRANSITIONAL and %IDN2_NONTRANSITIONAL - * do already imply %IDN2_NFC_INPUT. -+ * - * Pass %IDN2_ALABEL_ROUNDTRIP in @flags to - * convert any input A-labels to U-labels and perform additional -- * testing (not implemented yet). -+ * testing. This is default since version 2.2. -+ * To switch this behavior off, pass IDN2_NO_ALABEL_ROUNDTRIP -+ * - * Pass %IDN2_TRANSITIONAL to enable Unicode TR46 - * transitional processing, and %IDN2_NONTRANSITIONAL to enable -- * Unicode TR46 non-transitional processing. Multiple flags may be -- * specified by binary or:ing them together. -+ * Unicode TR46 non-transitional processing. -+ * -+ * Multiple flags may be specified by binary or:ing them together. - * - * After version 2.0.3: %IDN2_USE_STD3_ASCII_RULES disabled by default. - * Previously we were eliminating non-STD3 characters from domain strings -@@ -495,14 +533,19 @@ idn2_lookup_u8 (const uint8_t * src, uint8_t ** lookupname, int flags) - * to be encoded in the locale's default coding system, and will be - * transcoded to UTF-8 and NFC normalized by this function. - * -- * Pass %IDN2_ALABEL_ROUNDTRIP in @flags to convert any input A-labels -- * to U-labels and perform additional testing. Pass -- * %IDN2_TRANSITIONAL to enable Unicode TR46 transitional processing, -+ * Pass %IDN2_ALABEL_ROUNDTRIP in @flags to -+ * convert any input A-labels to U-labels and perform additional -+ * testing. This is default since version 2.2. -+ * To switch this behavior off, pass IDN2_NO_ALABEL_ROUNDTRIP -+ * -+ * Pass %IDN2_TRANSITIONAL to enable Unicode TR46 transitional processing, - * and %IDN2_NONTRANSITIONAL to enable Unicode TR46 non-transitional -- * processing. Multiple flags may be specified by binary or:ing them -- * together, for example %IDN2_ALABEL_ROUNDTRIP | -- * %IDN2_NONTRANSITIONAL. The %IDN2_NFC_INPUT in @flags is always -- * enabled in this function. -+ * processing. -+ * -+ * Multiple flags may be specified by binary or:ing them together, for -+ * example %IDN2_ALABEL_ROUNDTRIP | %IDN2_NONTRANSITIONAL. -+ * -+ * The %IDN2_NFC_INPUT in @flags is always enabled in this function. - * - * After version 0.11: @lookupname may be NULL to test lookup of @src - * without allocating memory. -diff --git a/src/blurbs.h b/src/blurbs.h -index 2d71ed0..4fdea0f 100644 ---- a/src/blurbs.h -+++ b/src/blurbs.h -@@ -1,5 +1,5 @@ - /* blurbs.h - warranty and conditions blurbs -- Copyright (C) 2011-2017 Simon Josefsson -+ Copyright (C) 2011-2019 Simon Josefsson, Tim Ruehsen - - This program is free software: you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by -@@ -16,7 +16,7 @@ - */ - - #define GREETING \ -- "Copyright (C) 2011-2017 Simon Josefsson\n" \ -+ "Copyright (C) 2011-2019 Simon Josefsson, Tim Ruehsen\n" \ - "This program comes with ABSOLUTELY NO WARRANTY; for details type `show w'.\n" \ - "This is free software, and you are welcome to redistribute it\n" \ - "under certain conditions; type `show c' for details.\n\n" -diff --git a/src/idn2.c b/src/idn2.c -index 9fdaf12..161ab56 100644 ---- a/src/idn2.c -+++ b/src/idn2.c -@@ -1,5 +1,5 @@ - /* idn2.c - command line interface to libidn2 -- Copyright (C) 2011-2017 Simon Josefsson -+ Copyright (C) 2011-2019 Simon Josefsson, Tim Ruehsen - - This program is free software: you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by -@@ -50,7 +50,7 @@ const char version_etc_copyright[] = - /* Do *not* mark this string for translation. %s is a copyright - symbol suitable for this locale, and %d is the copyright - year. */ -- "Copyright %s %d Simon Josefsson."; -+ "Copyright 2011-%s %d Simon Josefsson, Tim Ruehsen."; - - static void - usage (int status) -@@ -78,23 +78,24 @@ to signal the end of parameters, as in `idn2 --quiet -- -foo'.\n\ - Mandatory arguments to long options are mandatory for short options too.\n\ - "), stdout); - fputs (_("\ -- -h, --help Print help and exit\n\ -- -V, --version Print version and exit\n\ -+ -h, --help Print help and exit\n\ -+ -V, --version Print version and exit\n\ - "), stdout); - fputs (_("\ -- -d, --decode Decode (punycode) domain name\n\ -- -l, --lookup Lookup domain name (default)\n\ -- -r, --register Register label\n\ -+ -d, --decode Decode (punycode) domain name\n\ -+ -l, --lookup Lookup domain name (default)\n\ -+ -r, --register Register label\n\ - "), stdout); - fputs (_("\ -- -T, --tr46t Enable TR46 transitional processing\n\ -- -N, --tr46nt Enable TR46 non-transitional processing\n\ -- --no-tr46 Disable TR46 processing\n\ -+ -T, --tr46t Enable TR46 transitional processing\n\ -+ -N, --tr46nt Enable TR46 non-transitional processing\n\ -+ --no-tr46 Disable TR46 processing\n\ - "), stdout); - fputs (_("\ -- --usestd3asciirules Enable STD3 ASCII rules\n\ -- --debug Print debugging information\n\ -- --quiet Silent operation\n\ -+ --usestd3asciirules Enable STD3 ASCII rules\n\ -+ --no-alabelroundtrip Disable ALabel rountrip for lookups\n\ -+ --debug Print debugging information\n\ -+ --quiet Silent operation\n\ - "), stdout); - emit_bug_reporting_address (); - } -@@ -201,7 +202,7 @@ main (int argc, char *argv[]) - if (args_info.version_given) - { - version_etc (stdout, "idn2", PACKAGE_NAME, VERSION, -- "Simon Josefsson", (char *) NULL); -+ "Simon Josefsson, Tim Ruehsen", (char *) NULL); - return EXIT_SUCCESS; - } - -@@ -230,6 +231,9 @@ main (int argc, char *argv[]) - if (flags && args_info.usestd3asciirules_given) - flags |= IDN2_USE_STD3_ASCII_RULES; - -+ if (flags && args_info.no_alabelroundtrip_given) -+ flags |= IDN2_NO_ALABEL_ROUNDTRIP; -+ - for (cmdn = 0; cmdn < args_info.inputs_num; cmdn++) - process_input (args_info.inputs[cmdn], flags | IDN2_NFC_INPUT); - -diff --git a/src/idn2.ggo b/src/idn2.ggo -index 3732cb5..04a5360 100644 ---- a/src/idn2.ggo -+++ b/src/idn2.ggo -@@ -20,5 +20,6 @@ option "tr46t" T "Enable TR46 transitional processing" flag off - option "tr46nt" N "Enable TR46 non-transitional processing" flag off - option "no-tr46" - "Disable TR46 processing" flag off - option "usestd3asciirules" - "Enable STD3 ASCII rules" flag off -+option "no-alabelroundtrip" - "Disable ALabel roundtrip for lookups" flag off - option "debug" - "Print debugging information" flag off - option "quiet" - "Silent operation" flag off --- -1.8.3.1 - diff --git a/0002-CVE-2019-12290.patch b/0002-CVE-2019-12290.patch deleted file mode 100644 index b6a68cb34867356f8c612e3382209644be9cbef9..0000000000000000000000000000000000000000 --- a/0002-CVE-2019-12290.patch +++ /dev/null @@ -1,196 +0,0 @@ -From 019fd57f70297d216c6b80b89112307db994b74e Mon Sep 17 00:00:00 2001 -From: =?UTF-8?q?Tim=20R=C3=BChsen?= -Date: Tue, 9 Apr 2019 16:58:18 +0200 -Subject: [PATCH 2/3] Manually create idn2_cmd.c and idn2_cmd.h due to idn2.ggo - -diff -ru goo_before/src/idn2_cmd.c goo/src/idn2_cmd.c ---- goo_before/src/idn2_cmd.c 2020-03-17 23:09:46.872000000 +0800 -+++ goo/src/idn2_cmd.c 2020-03-17 23:07:45.844000000 +0800 -@@ -1,5 +1,5 @@ - /* -- File autogenerated by gengetopt version 2.22.6 -+ File autogenerated by gengetopt version 2.23 - generated with the following command: - gengetopt --unamed-opts --no-handle-version --no-handle-help --set-package=idn2 --input idn2.ggo --file-name idn2_cmd - -@@ -27,24 +27,25 @@ - - const char *gengetopt_args_info_purpose = ""; - --const char *gengetopt_args_info_usage = "Usage: idn2 [OPTION]... [STRING]..."; -+const char *gengetopt_args_info_usage = "Usage: idn2 [OPTION]... [FILE]..."; - - const char *gengetopt_args_info_versiontext = ""; - - const char *gengetopt_args_info_description = ""; - - const char *gengetopt_args_info_help[] = { -- " -h, --help Print help and exit", -- " -V, --version Print version and exit", -- " -d, --decode Decode (punycode) domain name", -- " -l, --lookup Lookup domain name (default)", -- " -r, --register Register label", -- " -T, --tr46t Enable TR46 transitional processing (default=off)", -- " -N, --tr46nt Enable TR46 non-transitional processing\n (default=off)", -- " --no-tr46 Disable TR46 processing (default=off)", -- " --usestd3asciirules Enable STD3 ASCII rules (default=off)", -- " --debug Print debugging information (default=off)", -- " --quiet Silent operation (default=off)", -+ " -h, --help Print help and exit", -+ " -V, --version Print version and exit", -+ " -d, --decode Decode (punycode) domain name", -+ " -l, --lookup Lookup domain name (default)", -+ " -r, --register Register label", -+ " -T, --tr46t Enable TR46 transitional processing (default=off)", -+ " -N, --tr46nt Enable TR46 non-transitional processing\n (default=off)", -+ " --no-tr46 Disable TR46 processing (default=off)", -+ " --usestd3asciirules Enable STD3 ASCII rules (default=off)", -+ " --no-alabelroundtrip Disable ALabel roundtrip for lookups (default=off)", -+ " --debug Print debugging information (default=off)", -+ " --quiet Silent operation (default=off)", - 0 - }; - -@@ -77,6 +78,7 @@ - args_info->tr46nt_given = 0 ; - args_info->no_tr46_given = 0 ; - args_info->usestd3asciirules_given = 0 ; -+ args_info->no_alabelroundtrip_given = 0 ; - args_info->debug_given = 0 ; - args_info->quiet_given = 0 ; - } -@@ -89,6 +91,7 @@ - args_info->tr46nt_flag = 0; - args_info->no_tr46_flag = 0; - args_info->usestd3asciirules_flag = 0; -+ args_info->no_alabelroundtrip_flag = 0; - args_info->debug_flag = 0; - args_info->quiet_flag = 0; - -@@ -108,8 +111,9 @@ - args_info->tr46nt_help = gengetopt_args_info_help[6] ; - args_info->no_tr46_help = gengetopt_args_info_help[7] ; - args_info->usestd3asciirules_help = gengetopt_args_info_help[8] ; -- args_info->debug_help = gengetopt_args_info_help[9] ; -- args_info->quiet_help = gengetopt_args_info_help[10] ; -+ args_info->no_alabelroundtrip_help = gengetopt_args_info_help[9] ; -+ args_info->debug_help = gengetopt_args_info_help[10] ; -+ args_info->quiet_help = gengetopt_args_info_help[11] ; - - } - -@@ -124,19 +128,25 @@ - printf("\n%s\n", gengetopt_args_info_versiontext); - } - --static void print_help_common(void) { -- cmdline_parser_print_version (); -- -- if (strlen(gengetopt_args_info_purpose) > 0) -- printf("\n%s\n", gengetopt_args_info_purpose); -- -- if (strlen(gengetopt_args_info_usage) > 0) -- printf("\n%s\n", gengetopt_args_info_usage); -- -- printf("\n"); -+static void print_help_common(void) -+{ -+ size_t len_purpose = strlen(gengetopt_args_info_purpose); -+ size_t len_usage = strlen(gengetopt_args_info_usage); - -- if (strlen(gengetopt_args_info_description) > 0) -- printf("%s\n\n", gengetopt_args_info_description); -+ if (len_usage > 0) { -+ printf("%s\n", gengetopt_args_info_usage); -+ } -+ if (len_purpose > 0) { -+ printf("%s\n", gengetopt_args_info_purpose); -+ } -+ -+ if (len_usage || len_purpose) { -+ printf("\n"); -+ } -+ -+ if (strlen(gengetopt_args_info_description) > 0) { -+ printf("%s\n\n", gengetopt_args_info_description); -+ } - } - - void -@@ -240,6 +250,8 @@ - write_into_file(outfile, "no-tr46", 0, 0 ); - if (args_info->usestd3asciirules_given) - write_into_file(outfile, "usestd3asciirules", 0, 0 ); -+ if (args_info->no_alabelroundtrip_given) -+ write_into_file(outfile, "no-alabelroundtrip", 0, 0 ); - if (args_info->debug_given) - write_into_file(outfile, "debug", 0, 0 ); - if (args_info->quiet_given) -@@ -416,7 +428,9 @@ - break; - }; - -- -+ FIX_UNUSED(stop_char); -+ FIX_UNUSED(val); -+ - /* store the original value */ - switch(arg_type) { - case ARG_NO: -@@ -455,10 +469,16 @@ - - package_name = argv[0]; - -+ /* TODO: Why is this here? It is not used anywhere. */ - override = params->override; -+ FIX_UNUSED(override); -+ - initialize = params->initialize; - check_required = params->check_required; -+ -+ /* TODO: Why is this here? It is not used anywhere. */ - check_ambiguity = params->check_ambiguity; -+ FIX_UNUSED(check_ambiguity); - - if (initialize) - cmdline_parser_init (args_info); -@@ -484,6 +504,7 @@ - { "tr46nt", 0, NULL, 'N' }, - { "no-tr46", 0, NULL, 0 }, - { "usestd3asciirules", 0, NULL, 0 }, -+ { "no-alabelroundtrip", 0, NULL, 0 }, - { "debug", 0, NULL, 0 }, - { "quiet", 0, NULL, 0 }, - { 0, 0, 0, 0 } -@@ -605,6 +626,18 @@ - goto failure; - - } -+ /* Disable ALabel roundtrip for lookups. */ -+ else if (strcmp (long_options[option_index].name, "no-alabelroundtrip") == 0) -+ { -+ -+ -+ if (update_arg((void *)&(args_info->no_alabelroundtrip_flag), 0, &(args_info->no_alabelroundtrip_given), -+ &(local_args_info.no_alabelroundtrip_given), optarg, 0, 0, ARG_FLAG, -+ check_ambiguity, override, 1, 0, "no-alabelroundtrip", '-', -+ additional_error)) -+ goto failure; -+ -+ } - /* Print debugging information. */ - else if (strcmp (long_options[option_index].name, "debug") == 0) - { -@@ -643,6 +676,7 @@ - - - -+ FIX_UNUSED(check_required); - - cmdline_parser_release (&local_args_info); - -@@ -680,3 +714,4 @@ - cmdline_parser_release (&local_args_info); - return (EXIT_FAILURE); - } -+/* vim: set ft=c noet ts=8 sts=8 sw=8 tw=80 nojs spell : */ diff --git a/0003-CVE-2019-12290.patch b/0003-CVE-2019-12290.patch deleted file mode 100644 index 1f6c004e95fe4094ec29a22dc4b1e84f4ac09fdb..0000000000000000000000000000000000000000 --- a/0003-CVE-2019-12290.patch +++ /dev/null @@ -1,44 +0,0 @@ -From 019fd57f70297d216c6b80b89112307db994b74e Mon Sep 17 00:00:00 2001 -From: =?UTF-8?q?Tim=20R=C3=BChsen?= -Date: Tue, 9 Apr 2019 16:58:18 +0200 -Subject: [PATCH 3/3] Manually create idn2_cmd.c and idn2_cmd.h due to idn2.ggo - -diff -ru goo_before/src/idn2_cmd.h goo/src/idn2_cmd.h ---- goo_before/src/idn2_cmd.h 2020-03-17 23:09:46.872000000 +0800 -+++ goo/src/idn2_cmd.h 2020-03-17 23:07:45.844000000 +0800 -@@ -1,9 +1,9 @@ - /** @file idn2_cmd.h - * @brief The header file for the command line option parser -- * generated by GNU Gengetopt version 2.22.6 -+ * generated by GNU Gengetopt version 2.23 - * http://www.gnu.org/software/gengetopt. - * DO NOT modify this file, since it can be overwritten -- * @author GNU Gengetopt by Lorenzo Bettini */ -+ * @author GNU Gengetopt */ - - #ifndef IDN2_CMD_H - #define IDN2_CMD_H -@@ -50,6 +50,8 @@ - const char *no_tr46_help; /**< @brief Disable TR46 processing help description. */ - int usestd3asciirules_flag; /**< @brief Enable STD3 ASCII rules (default=off). */ - const char *usestd3asciirules_help; /**< @brief Enable STD3 ASCII rules help description. */ -+ int no_alabelroundtrip_flag; /**< @brief Disable ALabel roundtrip for lookups (default=off). */ -+ const char *no_alabelroundtrip_help; /**< @brief Disable ALabel roundtrip for lookups help description. */ - int debug_flag; /**< @brief Print debugging information (default=off). */ - const char *debug_help; /**< @brief Print debugging information help description. */ - int quiet_flag; /**< @brief Silent operation (default=off). */ -@@ -64,11 +66,12 @@ - unsigned int tr46nt_given ; /**< @brief Whether tr46nt was given. */ - unsigned int no_tr46_given ; /**< @brief Whether no-tr46 was given. */ - unsigned int usestd3asciirules_given ; /**< @brief Whether usestd3asciirules was given. */ -+ unsigned int no_alabelroundtrip_given ; /**< @brief Whether no-alabelroundtrip was given. */ - unsigned int debug_given ; /**< @brief Whether debug was given. */ - unsigned int quiet_given ; /**< @brief Whether quiet was given. */ - -- char **inputs ; /**< @brief unamed options (options without names) */ -- unsigned inputs_num ; /**< @brief unamed options number */ -+ char **inputs ; /**< @brief unnamed options (options without names) */ -+ unsigned inputs_num ; /**< @brief unnamed options number */ - } ; - - /** @brief The additional parameters to pass to parser functions */ diff --git a/Add-libidn2_register_fuzzer-and-corpora.patch b/Add-libidn2_register_fuzzer-and-corpora.patch deleted file mode 100644 index 41f6f549c75333402e6f4a9857f64606264835d2..0000000000000000000000000000000000000000 --- a/Add-libidn2_register_fuzzer-and-corpora.patch +++ /dev/null @@ -1,174 +0,0 @@ -From a35e324d9245835abb07166910ffc9ec9d690038 Mon Sep 17 00:00:00 2001 -From: =?UTF-8?q?Tim=20R=C3=BChsen?= -Date: Sat, 5 Jan 2019 21:10:04 +0100 -Subject: [PATCH] Add libidn2_register_fuzzer and corpora - ---- - fuzz/Makefile.am | 4 +- - fuzz/libidn2_register_fuzzer.c | 68 ++++++++++++++++++++++++++++++++++ - lib/context.c | 24 ++++++++---- - 3 files changed, 87 insertions(+), 9 deletions(-) - create mode 100644 fuzz/libidn2_register_fuzzer.c - -diff --git a/fuzz/Makefile.am b/fuzz/Makefile.am -index bc55d30..6f6d7c8 100644 ---- a/fuzz/Makefile.am -+++ b/fuzz/Makefile.am -@@ -6,12 +6,14 @@ LDADD = ../lib/libidn2.la ../gl/libgnu.la $(LTLIBUNISTRING) - - IDN_TESTS = \ - libidn2_to_ascii_8z_fuzzer$(EXEEXT) \ -- libidn2_to_unicode_8z8z_fuzzer$(EXEEXT) -+ libidn2_to_unicode_8z8z_fuzzer$(EXEEXT) \ -+ libidn2_register_fuzzer$(EXEEXT) - - check_PROGRAMS = $(IDN_TESTS) - - libidn2_to_ascii_8z_fuzzer_SOURCES = libidn2_to_ascii_8z_fuzzer.c main.c fuzzer.h - libidn2_to_unicode_8z8z_fuzzer_SOURCES = libidn2_to_unicode_8z8z_fuzzer.c main.c fuzzer.h -+libidn2_register_fuzzer_SOURCES = libidn2_register_fuzzer.c main.c fuzzer.h - - dist-hook: - find . -name '*.options' -exec cp -v '{}' $(distdir) ';' -diff --git a/fuzz/libidn2_register_fuzzer.c b/fuzz/libidn2_register_fuzzer.c -new file mode 100644 -index 0000000..7164a93 ---- /dev/null -+++ b/fuzz/libidn2_register_fuzzer.c -@@ -0,0 +1,68 @@ -+/* -+ * Copyright(c) 2019 Tim Ruehsen -+ * -+ * Permission is hereby granted, free of charge, to any person obtaining a -+ * copy of this software and associated documentation files (the "Software"), -+ * to deal in the Software without restriction, including without limitation -+ * the rights to use, copy, modify, merge, publish, distribute, sublicense, -+ * and/or sell copies of the Software, and to permit persons to whom the -+ * Software is furnished to do so, subject to the following conditions: -+ * -+ * The above copyright notice and this permission notice shall be included in -+ * all copies or substantial portions of the Software. -+ * -+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR -+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, -+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE -+ * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER -+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING -+ * FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER -+ * DEALINGS IN THE SOFTWARE. -+ * -+ * This file is part of libidn2. -+ */ -+ -+#include -+ -+#include /* assert */ -+#include /* malloc, free */ -+#include /* memcpy */ -+ -+#include "idn2.h" -+#include "fuzzer.h" -+ -+int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) -+{ -+ char *ulabel, *alabel; -+ char *out; -+ -+ if (size > 1024) -+ return 0; -+ -+ ulabel = (char *) malloc(size + 1); -+ assert(ulabel != NULL); -+ -+ /* 0 terminate */ -+ memcpy(ulabel, data, size); -+ ulabel[size] = 0; -+ -+ if (idn2_register_ul(ulabel, NULL, &out, 0) == IDNA_SUCCESS) -+ idn2_free(out); -+ -+ free(ulabel); -+ -+ alabel = (char *) malloc(size + 4 + 1); -+ assert(alabel != NULL); -+ -+ /* 0 terminate */ -+ memcpy(alabel, "xn--", 4); -+ memcpy(alabel + 4, data, size); -+ alabel[size] = 0; -+ -+ if (idn2_register_ul(NULL, alabel, &out, 0) == IDNA_SUCCESS) -+ idn2_free(out); -+ -+ free(alabel); -+ -+ return 0; -+} -diff --git a/lib/context.c b/lib/context.c -index 991ec9f..1ee9ba3 100644 ---- a/lib/context.c -+++ b/lib/context.c -@@ -29,11 +29,8 @@ - #include - - #include "idn2.h" -- - #include "tables.h" -- - #include /* uc_combining_class, UC_CCC_VR */ -- - #include "context.h" - - int -@@ -115,6 +112,17 @@ _idn2_contextj_rule (const uint32_t * label, size_t llen, size_t pos) - return IDN2_CONTEXTJ_NO_RULE; - } - -+static inline const char * -+_uc_script_name (ucs4_t uc) -+{ -+ const uc_script_t *ucs = uc_script(uc); -+ -+ if (!ucs) -+ return ""; -+ -+ return ucs->name; -+} -+ - int - _idn2_contexto_rule (const uint32_t * label, size_t llen, size_t pos) - { -@@ -140,7 +148,7 @@ _idn2_contexto_rule (const uint32_t * label, size_t llen, size_t pos) - /* GREEK LOWER NUMERAL SIGN (KERAIA) */ - if (pos == llen - 1) - return IDN2_CONTEXTO; -- if (strcmp (uc_script (label[pos + 1])->name, "Greek") == 0) -+ if (strcmp (_uc_script_name (label[pos + 1]), "Greek") == 0) - return IDN2_OK; - return IDN2_CONTEXTO; - break; -@@ -151,7 +159,7 @@ _idn2_contexto_rule (const uint32_t * label, size_t llen, size_t pos) - /* HEBREW PUNCTUATION GERSHAYIM */ - if (pos == 0) - return IDN2_CONTEXTO; -- if (strcmp (uc_script (label[pos - 1])->name, "Hebrew") == 0) -+ if (strcmp (_uc_script_name (label[pos - 1]), "Hebrew") == 0) - return IDN2_OK; - return IDN2_CONTEXTO; - break; -@@ -202,9 +210,9 @@ _idn2_contexto_rule (const uint32_t * label, size_t llen, size_t pos) - bool script_ok = false; - - for (i = 0; !script_ok && i < llen; i++) -- if (strcmp (uc_script (label[i])->name, "Hiragana") == 0 -- || strcmp (uc_script (label[i])->name, "Katakana") == 0 -- || strcmp (uc_script (label[i])->name, "Han") == 0) -+ if (strcmp (_uc_script_name (label[i]), "Hiragana") == 0 -+ || strcmp (_uc_script_name (label[i]), "Katakana") == 0 -+ || strcmp (_uc_script_name (label[i]), "Han") == 0) - script_ok = true; - - if (script_ok) --- -2.19.1 - diff --git a/Add-missing-errors-in-idn2_strerror_name.patch b/Add-missing-errors-in-idn2_strerror_name.patch deleted file mode 100644 index 26805f334ddabcfb1e8e09c8bdff187b1cbb80cb..0000000000000000000000000000000000000000 --- a/Add-missing-errors-in-idn2_strerror_name.patch +++ /dev/null @@ -1,52 +0,0 @@ -From be02ca5ca2d4aa1117b4fc55d47f18f9bb01957e Mon Sep 17 00:00:00 2001 -From: =?UTF-8?q?Tim=20R=C3=BChsen?= -Date: Thu, 28 Jun 2018 13:14:45 +0200 -Subject: [PATCH] Add missing errors in idn2_strerror_name() - ---- - lib/error.c | 18 +++++++++++++++++- - 1 file changed, 17 insertions(+), 1 deletion(-) - -diff --git a/lib/error.c b/lib/error.c -index 9a5179c..9ab4fb1 100644 ---- a/lib/error.c -+++ b/lib/error.c -@@ -230,11 +230,15 @@ idn2_strerror_name (int rc) - p = ERR2STR (IDN2_UALABEL_MISMATCH); - break; - -+ case IDN2_INVALID_FLAGS: -+ p = ERR2STR (IDN2_INVALID_FLAGS); -+ break; -+ - case IDN2_NOT_NFC: - p = ERR2STR (IDN2_NOT_NFC); - break; - -- case IDN2_2HYPHEN: -+ case IDN2_2HYPHEN: - p = ERR2STR (IDN2_2HYPHEN); - break; - -@@ -274,6 +278,18 @@ idn2_strerror_name (int rc) - p = ERR2STR (IDN2_BIDI); - break; - -+ case IDN2_DOT_IN_LABEL: -+ p = ERR2STR (IDN2_DOT_IN_LABEL); -+ break; -+ -+ case IDN2_INVALID_TRANSITIONAL: -+ p = ERR2STR (IDN2_INVALID_TRANSITIONAL); -+ break; -+ -+ case IDN2_INVALID_NONTRANSITIONAL: -+ p = ERR2STR (IDN2_INVALID_NONTRANSITIONAL); -+ break; -+ - default: - p = "IDN2_UNKNOWN"; - break; --- -1.8.3.1 - diff --git a/Fix-free-of-random-stack-value-in-idn2_to_ascii_4i.patch b/Fix-free-of-random-stack-value-in-idn2_to_ascii_4i.patch deleted file mode 100644 index 62231e4960e327b1781087e680f608f094193a1d..0000000000000000000000000000000000000000 --- a/Fix-free-of-random-stack-value-in-idn2_to_ascii_4i.patch +++ /dev/null @@ -1,28 +0,0 @@ -From dfedd4024b01bf08d5b55ed8fb29c009b887f083 Mon Sep 17 00:00:00 2001 -From: =?UTF-8?q?Tim=20R=C3=BChsen?= -Date: Sat, 5 Jan 2019 22:49:13 +0100 -Subject: [PATCH] Fix free of random (stack) value in idn2_to_ascii_4i() - ---- - lib/lookup.c | 3 ++- - 1 file changed, 2 insertions(+), 1 deletion(-) - -diff --git a/lib/lookup.c b/lib/lookup.c -index 14e87da..7c5b52b 100644 ---- a/lib/lookup.c -+++ b/lib/lookup.c -@@ -619,9 +619,10 @@ idn2_to_ascii_4i (const uint32_t * input, size_t inlen, char * output, int flags - */ - if (output) - strcpy (output, (const char *) output_u8); -+ -+ free(output_u8); - } - -- free(output_u8); - return rc; - } - --- -1.7.12.4 - diff --git a/Implement-full-roundtrip-for-lookup-functionality.patch b/Implement-full-roundtrip-for-lookup-functionality.patch new file mode 100644 index 0000000000000000000000000000000000000000..ffcdfbe0f1d59a71af441a328a80bb968cecd6c3 --- /dev/null +++ b/Implement-full-roundtrip-for-lookup-functionality.patch @@ -0,0 +1,122 @@ +From c7b33a418d9426ee311db45473cb20bad94df26a Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Tim=20R=C3=BChsen?= +Date: Mon, 10 Feb 2020 15:10:54 +0100 +Subject: [PATCH] Implement full roundtrip for lookup functionality +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +With TR64 enabled (default), '☺i' was converted to 'xn-- o-oia59s'. +The output contains an illegal space and thus could not be decoded any more. + +References: +https://gitlab.com/libidn/libidn2/issues/78 +https://gitlab.isc.org/isc-projects/bind9/issues/1610 + +Reported-by: Chris Malton +--- + lib/lookup.c | 33 +++++++++++++++++++++++---------- + tests/test-lookup.c | 5 +++++ + 3 files changed, 29 insertions(+), 10 deletions(-) + +diff --git a/lib/lookup.c b/lib/lookup.c +index a55f82b..5e5ff12 100644 +--- a/lib/lookup.c ++++ b/lib/lookup.c +@@ -1,5 +1,6 @@ + /* lookup.c - implementation of IDNA2008 lookup functions + Copyright (C) 2011-2017 Simon Josefsson ++ Copyright (C) 2017-2020 Tim Ruehsen + + Libidn2 is free software: you can redistribute it and/or modify it + under the terms of either: +@@ -123,7 +124,7 @@ label (const uint8_t * src, size_t srclen, uint8_t * dst, size_t * dstlen, + int flags) + { + size_t plen; +- uint32_t *p; ++ uint32_t *p = NULL; + const uint8_t *src_org = NULL; + uint8_t *src_allocated = NULL; + int rc, check_roundtrip = 0; +@@ -187,10 +188,7 @@ label (const uint8_t * src, size_t srclen, uint8_t * dst, size_t * dstlen, + p, plen); + + if (rc != IDN2_OK) +- { +- free (p); +- goto out; +- } ++ goto out; + } + + dst[0] = 'x'; +@@ -200,7 +198,6 @@ label (const uint8_t * src, size_t srclen, uint8_t * dst, size_t * dstlen, + + tmpl = *dstlen - 4; + rc = _idn2_punycode_encode_internal (plen, p, &tmpl, (char *) dst + 4); +- free (p); + if (rc != IDN2_OK) + goto out; + +@@ -210,15 +207,31 @@ label (const uint8_t * src, size_t srclen, uint8_t * dst, size_t * dstlen, + if (check_roundtrip) + { + if (srclen_org != *dstlen || c_strncasecmp ((char *) src_org, (char *) dst, srclen_org)) +- { +- rc = IDN2_ALABEL_ROUNDTRIP_FAILED; +- goto out; +- } ++ { ++ rc = IDN2_ALABEL_ROUNDTRIP_FAILED; ++ goto out; ++ } ++ } ++ else if (!(flags & IDN2_NO_ALABEL_ROUNDTRIP)) ++ { ++ rc = _idn2_punycode_decode_internal (*dstlen - 4, (char *) dst + 4, &label32_len, label_u32); ++ if (rc) ++ { ++ rc = IDN2_ALABEL_ROUNDTRIP_FAILED; ++ goto out; ++ } ++ ++ if (plen != label32_len || u32_cmp (p, label_u32, label32_len)) ++ { ++ rc = IDN2_ALABEL_ROUNDTRIP_FAILED; ++ goto out; ++ } + } + + rc = IDN2_OK; + + out: ++ free (p); + free (src_allocated); + return rc; + } +diff --git a/tests/test-lookup.c b/tests/test-lookup.c +index aa75e18..2b49cb1 100644 +--- a/tests/test-lookup.c ++++ b/tests/test-lookup.c +@@ -1,5 +1,6 @@ + /* test-lookup.c --- Self tests for IDNA processing + Copyright (C) 2011-2017 Simon Josefsson ++ Copyright (C) 2017-2020 Tim Ruehsen + + This program is free software: you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by +@@ -838,6 +839,10 @@ static const struct idna idna[] = { + {"\xc3\xa4_x", "xn--_x-uia", IDN2_OK, IDN2_TRANSITIONAL}, + /* failing lookup round-trip */ + {"xn--te_", "", IDN2_ALABEL_ROUNDTRIP_FAILED}, ++ /* failing lookup round-trip: ☺ -> xn-- o-oia59s (illegal space in output, see https://gitlab.com/libidn/libidn2/issues/78) */ ++ {"\xc3\xa2\xcb\x9c\xc2\xba", "", IDN2_DISALLOWED, IDN2_NO_TR46}, ++ {"\xc3\xa2\xcb\x9c\xc2\xba", "", IDN2_ALABEL_ROUNDTRIP_FAILED, IDN2_TRANSITIONAL}, ++ {"\xc3\xa2\xcb\x9c\xc2\xba", "", IDN2_ALABEL_ROUNDTRIP_FAILED, IDN2_NONTRANSITIONAL}, + }; + + static int ok = 0, failed = 0; +-- +1.8.3.1 + diff --git a/Remove-overhead-from-error.c-add-missing-TR46-values.patch b/Remove-overhead-from-error.c-add-missing-TR46-values.patch deleted file mode 100644 index 0a3975632c08cc27571af430d3d9f8347f3c3518..0000000000000000000000000000000000000000 --- a/Remove-overhead-from-error.c-add-missing-TR46-values.patch +++ /dev/null @@ -1,315 +0,0 @@ -From fc1448456bd429de98e3c5a854430af2555b9a07 Mon Sep 17 00:00:00 2001 -From: =?UTF-8?q?Tim=20R=C3=BChsen?= -Date: Wed, 9 Jan 2019 16:59:54 +0100 -Subject: [PATCH] Remove overhead from error.c, add missing TR46 values - ---- - lib/error.c | 279 +++++++++++++----------------------------------------------- - 1 file changed, 57 insertions(+), 222 deletions(-) - -diff --git a/lib/error.c b/lib/error.c -index 9ab4fb1..0304044 100644 ---- a/lib/error.c -+++ b/lib/error.c -@@ -46,114 +46,39 @@ - const char * - idn2_strerror (int rc) - { -- const char *p; -- - bindtextdomain (PACKAGE, LOCALEDIR); - - switch (rc) - { -- case IDN2_OK: -- p = _("success"); -- break; -- -- case IDN2_MALLOC: -- p = _("out of memory"); -- break; -- -- case IDN2_NO_CODESET: -- p = _("could not determine locale encoding format"); -- break; -- -- case IDN2_ICONV_FAIL: -- p = _("could not convert string to UTF-8"); -- break; -- -- case IDN2_ENCODING_ERROR: -- p = _("string encoding error"); -- break; -- -- case IDN2_NFC: -- p = _("string could not be NFC normalized"); -- break; -- -- case IDN2_PUNYCODE_BAD_INPUT: -- p = _("string contains invalid punycode data"); -- break; -- -- case IDN2_PUNYCODE_BIG_OUTPUT: -- p = _("punycode encoded data will be too large"); -- break; -- -- case IDN2_PUNYCODE_OVERFLOW: -- p = _("punycode conversion resulted in overflow"); -- break; -- -- case IDN2_TOO_BIG_DOMAIN: -- p = _("domain name longer than 255 characters"); -- break; -- -- case IDN2_TOO_BIG_LABEL: -- p = _("domain label longer than 63 characters"); -- break; -- -- case IDN2_INVALID_ALABEL: -- p = _("input A-label is not valid"); -- break; -- -- case IDN2_UALABEL_MISMATCH: -- p = _("input A-label and U-label does not match"); -- break; -- -- case IDN2_NOT_NFC: -- p = _("string is not in Unicode NFC format"); -- break; -- -- case IDN2_2HYPHEN: -- p = _("string contains forbidden two hyphens pattern"); -- break; -- -- case IDN2_HYPHEN_STARTEND: -- p = _("string start/ends with forbidden hyphen"); -- break; -- -- case IDN2_LEADING_COMBINING: -- p = _("string contains a forbidden leading combining character"); -- break; -- -- case IDN2_DISALLOWED: -- p = _("string contains a disallowed character"); -- break; -- -- case IDN2_CONTEXTJ: -- p = _("string contains a forbidden context-j character"); -- break; -- -- case IDN2_CONTEXTJ_NO_RULE: -- p = _("string contains a context-j character with null rule"); -- break; -- -- case IDN2_CONTEXTO: -- p = _("string contains a forbidden context-o character"); -- break; -- -- case IDN2_CONTEXTO_NO_RULE: -- p = _("string contains a context-o character with null rule"); -- break; -- -- case IDN2_UNASSIGNED: -- p = _("string contains unassigned code point"); -- break; -- -- case IDN2_BIDI: -- p = _("string has forbidden bi-directional properties"); -- break; -- -- default: -- p = _("Unknown error"); -- break; -+ case IDN2_OK: return _("success"); -+ case IDN2_MALLOC: return _("out of memory"); -+ case IDN2_NO_CODESET: return _("could not determine locale encoding format"); -+ case IDN2_ICONV_FAIL: return _("could not convert string to UTF-8"); -+ case IDN2_ENCODING_ERROR: return _("string encoding error"); -+ case IDN2_NFC: return _("string could not be NFC normalized"); -+ case IDN2_PUNYCODE_BAD_INPUT: return _("string contains invalid punycode data"); -+ case IDN2_PUNYCODE_BIG_OUTPUT: return _("punycode encoded data will be too large"); -+ case IDN2_PUNYCODE_OVERFLOW: return _("punycode conversion resulted in overflow"); -+ case IDN2_TOO_BIG_DOMAIN: return _("domain name longer than 255 characters"); -+ case IDN2_TOO_BIG_LABEL: return _("domain label longer than 63 characters"); -+ case IDN2_INVALID_ALABEL: return _("input A-label is not valid"); -+ case IDN2_UALABEL_MISMATCH: return _("input A-label and U-label does not match"); -+ case IDN2_NOT_NFC: return _("string is not in Unicode NFC format"); -+ case IDN2_2HYPHEN: return _("string contains forbidden two hyphens pattern"); -+ case IDN2_HYPHEN_STARTEND: return _("string start/ends with forbidden hyphen"); -+ case IDN2_LEADING_COMBINING: return _("string contains a forbidden leading combining character"); -+ case IDN2_DISALLOWED: return _("string contains a disallowed character"); -+ case IDN2_CONTEXTJ: return _("string contains a forbidden context-j character"); -+ case IDN2_CONTEXTJ_NO_RULE: return _("string contains a context-j character with null rule"); -+ case IDN2_CONTEXTO: return _("string contains a forbidden context-o character"); -+ case IDN2_CONTEXTO_NO_RULE: return _("string contains a context-o character with null rule"); -+ case IDN2_UNASSIGNED: return _("string contains unassigned code point"); -+ case IDN2_BIDI: return _("string has forbidden bi-directional properties"); -+ case IDN2_DOT_IN_LABEL: return _("domain label has forbidden dot (TR46)"); -+ case IDN2_INVALID_TRANSITIONAL: return _("domain label has character forbidden in transitional mode (TR46)"); -+ case IDN2_INVALID_NONTRANSITIONAL: return _("domain label has character forbidden in non-transitional mode (TR46)"); -+ default: return _("Unknown error"); - } -- -- return p; - } - - #define ERR2STR(name) #name -@@ -174,126 +99,36 @@ idn2_strerror (int rc) - const char * - idn2_strerror_name (int rc) - { -- const char *p; -- - switch (rc) - { -- case IDN2_OK: -- p = ERR2STR (IDN2_OK); -- break; -- -- case IDN2_MALLOC: -- p = ERR2STR (IDN2_MALLOC); -- break; -- -- case IDN2_NO_CODESET: -- p = ERR2STR (IDN2_NO_NODESET); -- break; -- -- case IDN2_ICONV_FAIL: -- p = ERR2STR (IDN2_ICONV_FAIL); -- break; -- -- case IDN2_ENCODING_ERROR: -- p = ERR2STR (IDN2_ENCODING_ERROR); -- break; -- -- case IDN2_NFC: -- p = ERR2STR (IDN2_NFC); -- break; -- -- case IDN2_PUNYCODE_BAD_INPUT: -- p = ERR2STR (IDN2_PUNYCODE_BAD_INPUT); -- break; -- -- case IDN2_PUNYCODE_BIG_OUTPUT: -- p = ERR2STR (IDN2_PUNYCODE_BIG_OUTPUT); -- break; -- -- case IDN2_PUNYCODE_OVERFLOW: -- p = ERR2STR (IDN2_PUNYCODE_OVERFLOW); -- break; -- -- case IDN2_TOO_BIG_DOMAIN: -- p = ERR2STR (IDN2_TOO_BIG_DOMAIN); -- break; -- -- case IDN2_TOO_BIG_LABEL: -- p = ERR2STR (IDN2_TOO_BIG_LABEL); -- break; -- -- case IDN2_INVALID_ALABEL: -- p = ERR2STR (IDN2_INVALID_ALABEL); -- break; -- -- case IDN2_UALABEL_MISMATCH: -- p = ERR2STR (IDN2_UALABEL_MISMATCH); -- break; -- -- case IDN2_INVALID_FLAGS: -- p = ERR2STR (IDN2_INVALID_FLAGS); -- break; -- -- case IDN2_NOT_NFC: -- p = ERR2STR (IDN2_NOT_NFC); -- break; -- -- case IDN2_2HYPHEN: -- p = ERR2STR (IDN2_2HYPHEN); -- break; -- -- case IDN2_HYPHEN_STARTEND: -- p = ERR2STR (IDN2_HYPHEN_STARTEND); -- break; -- -- case IDN2_LEADING_COMBINING: -- p = ERR2STR (IDN2_LEADING_COMBINING); -- break; -- -- case IDN2_DISALLOWED: -- p = ERR2STR (IDN2_DISALLOWED); -- break; -- -- case IDN2_CONTEXTJ: -- p = ERR2STR (IDN2_CONTEXTJ); -- break; -- -- case IDN2_CONTEXTJ_NO_RULE: -- p = ERR2STR (IDN2_CONTEXTJ_NO_RULE); -- break; -- -- case IDN2_CONTEXTO: -- p = ERR2STR (IDN2_CONTEXTO); -- break; -- -- case IDN2_CONTEXTO_NO_RULE: -- p = ERR2STR (IDN2_CONTEXTO_NO_RULE); -- break; -- -- case IDN2_UNASSIGNED: -- p = ERR2STR (IDN2_UNASSIGNED); -- break; -- -- case IDN2_BIDI: -- p = ERR2STR (IDN2_BIDI); -- break; -- -- case IDN2_DOT_IN_LABEL: -- p = ERR2STR (IDN2_DOT_IN_LABEL); -- break; -- -- case IDN2_INVALID_TRANSITIONAL: -- p = ERR2STR (IDN2_INVALID_TRANSITIONAL); -- break; -- -- case IDN2_INVALID_NONTRANSITIONAL: -- p = ERR2STR (IDN2_INVALID_NONTRANSITIONAL); -- break; -- -- default: -- p = "IDN2_UNKNOWN"; -- break; -+ case IDN2_OK: return ERR2STR (IDN2_OK); -+ case IDN2_MALLOC: return ERR2STR (IDN2_MALLOC); -+ case IDN2_NO_CODESET: return ERR2STR (IDN2_NO_NODESET); -+ case IDN2_ICONV_FAIL: return ERR2STR (IDN2_ICONV_FAIL); -+ case IDN2_ENCODING_ERROR: return ERR2STR (IDN2_ENCODING_ERROR); -+ case IDN2_NFC: return ERR2STR (IDN2_NFC); -+ case IDN2_PUNYCODE_BAD_INPUT: return ERR2STR (IDN2_PUNYCODE_BAD_INPUT); -+ case IDN2_PUNYCODE_BIG_OUTPUT: return ERR2STR (IDN2_PUNYCODE_BIG_OUTPUT); -+ case IDN2_PUNYCODE_OVERFLOW: return ERR2STR (IDN2_PUNYCODE_OVERFLOW); -+ case IDN2_TOO_BIG_DOMAIN: return ERR2STR (IDN2_TOO_BIG_DOMAIN); -+ case IDN2_TOO_BIG_LABEL: return ERR2STR (IDN2_TOO_BIG_LABEL); -+ case IDN2_INVALID_ALABEL: return ERR2STR (IDN2_INVALID_ALABEL); -+ case IDN2_UALABEL_MISMATCH: return ERR2STR (IDN2_UALABEL_MISMATCH); -+ case IDN2_INVALID_FLAGS: return ERR2STR (IDN2_INVALID_FLAGS); -+ case IDN2_NOT_NFC: return ERR2STR (IDN2_NOT_NFC); -+ case IDN2_2HYPHEN: return ERR2STR (IDN2_2HYPHEN); -+ case IDN2_HYPHEN_STARTEND: return ERR2STR (IDN2_HYPHEN_STARTEND); -+ case IDN2_LEADING_COMBINING: return ERR2STR (IDN2_LEADING_COMBINING); -+ case IDN2_DISALLOWED: return ERR2STR (IDN2_DISALLOWED); -+ case IDN2_CONTEXTJ: return ERR2STR (IDN2_CONTEXTJ); -+ case IDN2_CONTEXTJ_NO_RULE: return ERR2STR (IDN2_CONTEXTJ_NO_RULE); -+ case IDN2_CONTEXTO: return ERR2STR (IDN2_CONTEXTO); -+ case IDN2_CONTEXTO_NO_RULE: return ERR2STR (IDN2_CONTEXTO_NO_RULE); -+ case IDN2_UNASSIGNED: return ERR2STR (IDN2_UNASSIGNED); -+ case IDN2_BIDI: return ERR2STR (IDN2_BIDI); -+ case IDN2_DOT_IN_LABEL: return ERR2STR (IDN2_DOT_IN_LABEL); -+ case IDN2_INVALID_TRANSITIONAL: return ERR2STR (IDN2_INVALID_TRANSITIONAL); -+ case IDN2_INVALID_NONTRANSITIONAL: return ERR2STR (IDN2_INVALID_NONTRANSITIONAL); -+ default: return "IDN2_UNKNOWN"; - } -- -- return p; - } --- -1.8.3.1 - diff --git a/Restrict-output-length-to-63.patch b/Restrict-output-length-to-63.patch deleted file mode 100644 index e247c404c7746614e63f1e3ee170bfe796df0f0a..0000000000000000000000000000000000000000 --- a/Restrict-output-length-to-63.patch +++ /dev/null @@ -1,37 +0,0 @@ -From e4d1558aa2c1c04a05066ee8600f37603890ba8c Mon Sep 17 00:00:00 2001 -From: =?UTF-8?q?Tim=20R=C3=BChsen?= -Date: Wed, 9 Jan 2019 14:36:16 +0100 -Subject: [PATCH] idn2_to_ascii_4i(): Restrict output length to 63 - ---- - lib/lookup.c | 12 ++++++++++-- - 1 file changed, 10 insertions(+), 2 deletions(-) - -diff --git a/lib/lookup.c b/lib/lookup.c -index 7c5b52bb..cc918d95 100644 ---- a/lib/lookup.c -+++ b/lib/lookup.c -@@ -617,10 +617,18 @@ idn2_to_ascii_4i (const uint32_t * input, size_t inlen, char * output, int flags - * char * out output zero terminated string that must have room for at - * least 63 characters plus the terminating zero. - */ -+ size_t len = strlen ((char *) output_u8); -+ -+ if (len > 63) -+ { -+ free (output_u8); -+ return IDN2_TOO_BIG_DOMAIN; -+ } -+ - if (output) -- strcpy (output, (const char *) output_u8); -+ strcpy (output, (char *) output_u8); - -- free(output_u8); -+ free (output_u8); - } - - return rc; --- -2.22.0 - diff --git a/fix-compile-error-about-missing-aclocal.patch b/fix-compile-error-about-missing-aclocal.patch deleted file mode 100644 index 61594e14c0f2afe018d906bb4de41fcc6e611ba3..0000000000000000000000000000000000000000 --- a/fix-compile-error-about-missing-aclocal.patch +++ /dev/null @@ -1,26 +0,0 @@ -From c178e8f982802db37fcf6173331bcc7a8128f4ee Mon Sep 17 00:00:00 2001 -From: wangjia -Date: Thu, 20 Dec 2018 03:04:48 +0000 -Subject: [PATCH] libidn2: fix compile error about missing aclocal - -reason: fix compile error about missing aclocal ---- - configure | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/configure b/configure -index 8651a7a..31a5ed9 100755 ---- a/configure -+++ b/configure -@@ -3285,7 +3285,7 @@ ac_configure="$SHELL $ac_aux_dir/configure" # Please don't use this var. - ac_config_headers="$ac_config_headers config.h" - - --am__api_version='1.15' -+am__api_version='1.16' - - # Find a good install program. We prefer a C program (faster), - # so one script is as good as another. But avoid the broken or --- -2.19.1 - diff --git a/libidn2-2.0.5.tar.gz b/libidn2-2.0.5.tar.gz deleted file mode 100644 index 06e2a98254c8a69e85295bac276e359665956943..0000000000000000000000000000000000000000 Binary files a/libidn2-2.0.5.tar.gz and /dev/null differ diff --git a/libidn2-2.0.5.tar.gz.sig b/libidn2-2.0.5.tar.gz.sig deleted file mode 100644 index b1307ccc26b85fbe122d2e093d87913bbffccdd3..0000000000000000000000000000000000000000 Binary files a/libidn2-2.0.5.tar.gz.sig and /dev/null differ diff --git a/libidn2-2.3.0.tar.gz b/libidn2-2.3.0.tar.gz new file mode 100644 index 0000000000000000000000000000000000000000..d3ce0a36fda016976867d0c41e1ee2e0f8b9d3cf Binary files /dev/null and b/libidn2-2.3.0.tar.gz differ diff --git a/libidn2-2.3.0.tar.gz.sig b/libidn2-2.3.0.tar.gz.sig new file mode 100644 index 0000000000000000000000000000000000000000..0c8381888f28a80b28a8eb334d177d0f2abef2a4 Binary files /dev/null and b/libidn2-2.3.0.tar.gz.sig differ diff --git a/libidn2.spec b/libidn2.spec index 9130a1fa2d4e920543481911fb9ff3b63748ae99..ffbf724c8b8148ccff669129e522d343a77a20c5 100644 --- a/libidn2.spec +++ b/libidn2.spec @@ -1,21 +1,13 @@ Name: libidn2 -Version: 2.0.5 -Release: 9 +Version: 2.3.0 +Release: 1 Summary: GNU IDN Library License: (GPLv2+ or LGPLv3+) and GPLv3+ URL: https://www.gnu.org/software/libidn/#libidn2 Source0: https://ftp.gnu.org/gnu/libidn/%{name}-%{version}.tar.gz Patch0: bugfix-libidn2-change-rpath.patch -Patch1: Fix-free-of-random-stack-value-in-idn2_to_ascii_4i.patch -Patch2: Add-libidn2_register_fuzzer-and-corpora.patch -Patch3: Restrict-output-length-to-63.patch -Patch4: Add-missing-errors-in-idn2_strerror_name.patch -Patch5: Remove-overhead-from-error.c-add-missing-TR46-values.patch -Patch6: 0001-CVE-2019-12290.patch -Patch7: 0002-CVE-2019-12290.patch -Patch8: 0003-CVE-2019-12290.patch -Patch9: fix-compile-error-about-missing-aclocal.patch +Patch1: Implement-full-roundtrip-for-lookup-functionality.patch #Dependency BuildRequires: gcc gettext libunistring-devel autoconf texinfo automake @@ -83,6 +75,12 @@ make %{?_smp_mflags} -C tests check %{_datadir}/gtk-doc/ %changelog +* Thu Jul 23 2020 zhangxingliang - 2.3.0-1 +- Type:update +- ID:NA +- SUG:NA +- DESC:update to 2.3.0 + * Wed Jun 17 2020 Liquor - 2.0.5-9 - Type:bugfix - ID:NA