From 3edfa2882ee7c7ef8f2f9996fb37c6fe3c1faa4a Mon Sep 17 00:00:00 2001 From: jeremy Date: Sat, 16 Sep 2017 22:52:40 +0000 Subject: [PATCH] Backport security fixes from ruby 2.2.8 to ruby 2.1.9. Fixes CVE-2017-14033, CVE-2017-14064, CVE-2017-0898, and CVE-2017-10784. Regen patches while here. --- lang/ruby/2.1/Makefile | 4 +- lang/ruby/2.1/patches/patch-compile_c | 8 +- lang/ruby/2.1/patches/patch-configure | 10 +- .../patch-ext_json_generator_generator_c | 59 ++++++ .../patch-ext_json_generator_generator_h | 13 ++ .../2.1/patches/patch-ext_openssl_ossl_asn1_c | 39 ++++ .../2.1/patches/patch-ext_psych_yaml_api_c | 142 ++++++++++++++ .../patches/patch-ext_psych_yaml_emitter_c | 77 ++++++++ .../2.1/patches/patch-ext_psych_yaml_loader_c | 79 ++++++++ .../2.1/patches/patch-ext_psych_yaml_parser_c | 61 ++++++ .../patches/patch-ext_psych_yaml_scanner_c | 185 ++++++++++++++++++ .../patch-ext_psych_yaml_yaml_private_h | 20 ++ .../patches/patch-lib_webrick_httpstatus_rb | 16 ++ .../ruby/2.1/patches/patch-lib_webrick_log_rb | 18 ++ lang/ruby/2.1/patches/patch-sprintf_c | 63 ++++++ 15 files changed, 783 insertions(+), 11 deletions(-) create mode 100644 lang/ruby/2.1/patches/patch-ext_json_generator_generator_c create mode 100644 lang/ruby/2.1/patches/patch-ext_json_generator_generator_h create mode 100644 lang/ruby/2.1/patches/patch-ext_openssl_ossl_asn1_c create mode 100644 lang/ruby/2.1/patches/patch-ext_psych_yaml_api_c create mode 100644 lang/ruby/2.1/patches/patch-ext_psych_yaml_emitter_c create mode 100644 lang/ruby/2.1/patches/patch-ext_psych_yaml_loader_c create mode 100644 lang/ruby/2.1/patches/patch-ext_psych_yaml_parser_c create mode 100644 lang/ruby/2.1/patches/patch-ext_psych_yaml_scanner_c create mode 100644 lang/ruby/2.1/patches/patch-ext_psych_yaml_yaml_private_h create mode 100644 lang/ruby/2.1/patches/patch-lib_webrick_httpstatus_rb create mode 100644 lang/ruby/2.1/patches/patch-lib_webrick_log_rb create mode 100644 lang/ruby/2.1/patches/patch-sprintf_c diff --git a/lang/ruby/2.1/Makefile b/lang/ruby/2.1/Makefile index eb2d33ae7f4..57100c924f7 100644 --- a/lang/ruby/2.1/Makefile +++ b/lang/ruby/2.1/Makefile @@ -1,4 +1,4 @@ -# $OpenBSD: Makefile,v 1.27 2017/09/02 21:32:07 jeremy Exp $ +# $OpenBSD: Makefile,v 1.28 2017/09/16 22:52:40 jeremy Exp $ COMMENT-main = object oriented script language with threads COMMENT-gdbm = gdbm interface for ruby @@ -15,7 +15,7 @@ PKGNAME-gdbm = ruby21-gdbm-${VERSION} PKGNAME-tk = ruby21-tk-${VERSION} PKGNAME-ri_docs = ruby21-ri_docs-${VERSION} -REVISION-main = 4 +REVISION-main = 5 PKG_ARCH-ri_docs = * WANTLIB-ri_docs = # empty diff --git a/lang/ruby/2.1/patches/patch-compile_c b/lang/ruby/2.1/patches/patch-compile_c index c41e5accc5d..6067bb1d151 100644 --- a/lang/ruby/2.1/patches/patch-compile_c +++ b/lang/ruby/2.1/patches/patch-compile_c @@ -1,10 +1,10 @@ -$OpenBSD: patch-compile_c,v 1.1 2014/02/12 22:41:43 jeremy Exp $ +$OpenBSD: patch-compile_c,v 1.2 2017/09/16 22:52:40 jeremy Exp $ Disable peephole optimizer on sparc64, since it occasionally segfaults. ---- compile.c.orig Fri Jan 11 09:13:17 2013 -+++ compile.c Thu Jan 9 22:31:36 2014 -@@ -1706,6 +1706,9 @@ static int +--- compile.c.orig Wed Nov 18 03:24:36 2015 ++++ compile.c Tue Jul 12 11:32:17 2016 +@@ -1846,6 +1846,9 @@ static int iseq_peephole_optimize(rb_iseq_t *iseq, LINK_ELEMENT *list, const int do_tailcallopt) { INSN *iobj = (INSN *)list; diff --git a/lang/ruby/2.1/patches/patch-configure b/lang/ruby/2.1/patches/patch-configure index 09ad030af6d..ab76acf033a 100644 --- a/lang/ruby/2.1/patches/patch-configure +++ b/lang/ruby/2.1/patches/patch-configure @@ -1,13 +1,13 @@ -$OpenBSD: patch-configure,v 1.3 2014/11/01 04:53:09 jeremy Exp $ +$OpenBSD: patch-configure,v 1.4 2017/09/16 22:52:40 jeremy Exp $ Fix so name, checking for DOT and DOXYGEN. Override the arch setting to remove OpenBSD version from it, so ports don't have to be bumped when OpenBSD version changes. ---- configure.orig Thu Sep 18 10:04:39 2014 -+++ configure Fri Sep 19 09:12:21 2014 -@@ -21056,7 +21056,7 @@ esac +--- configure.orig Wed Mar 30 02:48:57 2016 ++++ configure Tue Jul 12 11:32:17 2016 +@@ -20971,7 +20971,7 @@ esac openbsd*|mirbsd*) : SOLIBS='$(LIBS)' @@ -16,7 +16,7 @@ so ports don't have to be bumped when OpenBSD version changes. ;; #( solaris*) : -@@ -22300,7 +22300,10 @@ _ACEOF +@@ -22215,7 +22215,10 @@ _ACEOF _ACEOF else diff --git a/lang/ruby/2.1/patches/patch-ext_json_generator_generator_c b/lang/ruby/2.1/patches/patch-ext_json_generator_generator_c new file mode 100644 index 00000000000..400641b3ecb --- /dev/null +++ b/lang/ruby/2.1/patches/patch-ext_json_generator_generator_c @@ -0,0 +1,59 @@ +$OpenBSD: patch-ext_json_generator_generator_c,v 1.1 2017/09/16 22:52:40 jeremy Exp $ + +Index: ext/json/generator/generator.c +--- ext/json/generator/generator.c.orig ++++ ext/json/generator/generator.c +@@ -301,7 +301,7 @@ static char *fstrndup(const char *ptr, unsigned long l + char *result; + if (len <= 0) return NULL; + result = ALLOC_N(char, len); +- memccpy(result, ptr, 0, len); ++ memcpy(result, ptr, len); + return result; + } + +@@ -1033,7 +1033,7 @@ static VALUE cState_indent_set(VALUE self, VALUE inden + } + } else { + if (state->indent) ruby_xfree(state->indent); +- state->indent = strdup(RSTRING_PTR(indent)); ++ state->indent = fstrndup(RSTRING_PTR(indent), len); + state->indent_len = len; + } + return Qnil; +@@ -1071,7 +1071,7 @@ static VALUE cState_space_set(VALUE self, VALUE space) + } + } else { + if (state->space) ruby_xfree(state->space); +- state->space = strdup(RSTRING_PTR(space)); ++ state->space = fstrndup(RSTRING_PTR(space), len); + state->space_len = len; + } + return Qnil; +@@ -1107,7 +1107,7 @@ static VALUE cState_space_before_set(VALUE self, VALUE + } + } else { + if (state->space_before) ruby_xfree(state->space_before); +- state->space_before = strdup(RSTRING_PTR(space_before)); ++ state->space_before = fstrndup(RSTRING_PTR(space_before), len); + state->space_before_len = len; + } + return Qnil; +@@ -1144,7 +1144,7 @@ static VALUE cState_object_nl_set(VALUE self, VALUE ob + } + } else { + if (state->object_nl) ruby_xfree(state->object_nl); +- state->object_nl = strdup(RSTRING_PTR(object_nl)); ++ state->object_nl = fstrndup(RSTRING_PTR(object_nl), len); + state->object_nl_len = len; + } + return Qnil; +@@ -1179,7 +1179,7 @@ static VALUE cState_array_nl_set(VALUE self, VALUE arr + } + } else { + if (state->array_nl) ruby_xfree(state->array_nl); +- state->array_nl = strdup(RSTRING_PTR(array_nl)); ++ state->array_nl = fstrndup(RSTRING_PTR(array_nl), len); + state->array_nl_len = len; + } + return Qnil; diff --git a/lang/ruby/2.1/patches/patch-ext_json_generator_generator_h b/lang/ruby/2.1/patches/patch-ext_json_generator_generator_h new file mode 100644 index 00000000000..e252a968114 --- /dev/null +++ b/lang/ruby/2.1/patches/patch-ext_json_generator_generator_h @@ -0,0 +1,13 @@ +$OpenBSD: patch-ext_json_generator_generator_h,v 1.1 2017/09/16 22:52:40 jeremy Exp $ + +Index: ext/json/generator/generator.h +--- ext/json/generator/generator.h.orig ++++ ext/json/generator/generator.h +@@ -1,7 +1,6 @@ + #ifndef _GENERATOR_H_ + #define _GENERATOR_H_ + +-#include + #include + #include + diff --git a/lang/ruby/2.1/patches/patch-ext_openssl_ossl_asn1_c b/lang/ruby/2.1/patches/patch-ext_openssl_ossl_asn1_c new file mode 100644 index 00000000000..14eeeae5abb --- /dev/null +++ b/lang/ruby/2.1/patches/patch-ext_openssl_ossl_asn1_c @@ -0,0 +1,39 @@ +$OpenBSD: patch-ext_openssl_ossl_asn1_c,v 1.1 2017/09/16 22:52:40 jeremy Exp $ + +Index: ext/openssl/ossl_asn1.c +--- ext/openssl/ossl_asn1.c.orig ++++ ext/openssl/ossl_asn1.c +@@ -871,19 +871,18 @@ int_ossl_asn1_decode0_cons(unsigned char **pp, long ma + { + VALUE value, asn1data, ary; + int infinite; +- long off = *offset; ++ long available_len, off = *offset; + + infinite = (j == 0x21); + ary = rb_ary_new(); + +- while (length > 0 || infinite) { ++ available_len = infinite ? max_len : length; ++ while (available_len > 0) { + long inner_read = 0; +- value = ossl_asn1_decode0(pp, max_len, &off, depth + 1, yield, &inner_read); ++ value = ossl_asn1_decode0(pp, available_len, &off, depth + 1, yield, &inner_read); + *num_read += inner_read; +- max_len -= inner_read; ++ available_len -= inner_read; + rb_ary_push(ary, value); +- if (length > 0) +- length -= inner_read; + + if (infinite && + NUM2INT(ossl_asn1_get_tag(value)) == V_ASN1_EOC && +@@ -974,7 +973,7 @@ ossl_asn1_decode0(unsigned char **pp, long length, lon + if(j & V_ASN1_CONSTRUCTED) { + *pp += hlen; + off += hlen; +- asn1data = int_ossl_asn1_decode0_cons(pp, length, len, &off, depth, yield, j, tag, tag_class, &inner_read); ++ asn1data = int_ossl_asn1_decode0_cons(pp, length - hlen, len, &off, depth, yield, j, tag, tag_class, &inner_read); + inner_read += hlen; + } + else { diff --git a/lang/ruby/2.1/patches/patch-ext_psych_yaml_api_c b/lang/ruby/2.1/patches/patch-ext_psych_yaml_api_c new file mode 100644 index 00000000000..36d2a2ff0dc --- /dev/null +++ b/lang/ruby/2.1/patches/patch-ext_psych_yaml_api_c @@ -0,0 +1,142 @@ +$OpenBSD: patch-ext_psych_yaml_api_c,v 1.1 2017/09/16 22:52:40 jeremy Exp $ + +Index: ext/psych/yaml/api.c +--- ext/psych/yaml/api.c.orig ++++ ext/psych/yaml/api.c +@@ -395,7 +395,7 @@ yaml_emitter_delete(yaml_emitter_t *emitter) + } + QUEUE_DEL(emitter, emitter->events); + STACK_DEL(emitter, emitter->indents); +- while (!STACK_EMPTY(emitter, emitter->tag_directives)) { ++ while (!STACK_EMPTY(empty, emitter->tag_directives)) { + yaml_tag_directive_t tag_directive = POP(emitter, emitter->tag_directives); + yaml_free(tag_directive.handle); + yaml_free(tag_directive.prefix); +@@ -415,7 +415,7 @@ yaml_string_write_handler(void *data, unsigned char *b + { + yaml_emitter_t *emitter = data; + +- if (emitter->output.string.size + *emitter->output.string.size_written ++ if (emitter->output.string.size - *emitter->output.string.size_written + < size) { + memcpy(emitter->output.string.buffer + + *emitter->output.string.size_written, +@@ -822,7 +822,6 @@ yaml_scalar_event_initialize(yaml_event_t *event, + yaml_char_t *anchor_copy = NULL; + yaml_char_t *tag_copy = NULL; + yaml_char_t *value_copy = NULL; +- size_t value_length; + + assert(event); /* Non-NULL event object is expected. */ + assert(value); /* Non-NULL anchor is expected. */ +@@ -840,19 +839,16 @@ yaml_scalar_event_initialize(yaml_event_t *event, + } + + if (length < 0) { +- value_length = strlen((char *)value); ++ length = strlen((char *)value); + } +- else { +- value_length = (size_t)length; +- } + +- if (!yaml_check_utf8(value, value_length)) goto error; +- value_copy = yaml_malloc(value_length+1); ++ if (!yaml_check_utf8(value, length)) goto error; ++ value_copy = yaml_malloc(length+1); + if (!value_copy) goto error; +- memcpy(value_copy, value, value_length); +- value_copy[value_length] = '\0'; ++ memcpy(value_copy, value, length); ++ value_copy[length] = '\0'; + +- SCALAR_EVENT_INIT(*event, anchor_copy, tag_copy, value_copy, value_length, ++ SCALAR_EVENT_INIT(*event, anchor_copy, tag_copy, value_copy, length, + plain_implicit, quoted_implicit, style, mark, mark); + + return 1; +@@ -1206,8 +1202,6 @@ yaml_document_add_scalar(yaml_document_t *document, + yaml_char_t *tag_copy = NULL; + yaml_char_t *value_copy = NULL; + yaml_node_t node; +- size_t value_length; +- ptrdiff_t ret; + + assert(document); /* Non-NULL document object is expected. */ + assert(value); /* Non-NULL value is expected. */ +@@ -1221,26 +1215,19 @@ yaml_document_add_scalar(yaml_document_t *document, + if (!tag_copy) goto error; + + if (length < 0) { +- value_length = strlen((char *)value); ++ length = strlen((char *)value); + } +- else { +- value_length = (size_t)length; +- } + +- if (!yaml_check_utf8(value, value_length)) goto error; +- value_copy = yaml_malloc(value_length+1); ++ if (!yaml_check_utf8(value, length)) goto error; ++ value_copy = yaml_malloc(length+1); + if (!value_copy) goto error; +- memcpy(value_copy, value, value_length); +- value_copy[value_length] = '\0'; ++ memcpy(value_copy, value, length); ++ value_copy[length] = '\0'; + +- SCALAR_NODE_INIT(node, tag_copy, value_copy, value_length, style, mark, mark); ++ SCALAR_NODE_INIT(node, tag_copy, value_copy, length, style, mark, mark); + if (!PUSH(&context, document->nodes, node)) goto error; + +- ret = document->nodes.top - document->nodes.start; +-#if PTRDIFF_MAX > INT_MAX +- if (ret > INT_MAX) goto error; +-#endif +- return (int)ret; ++ return document->nodes.top - document->nodes.start; + + error: + yaml_free(tag_copy); +@@ -1268,7 +1255,6 @@ yaml_document_add_sequence(yaml_document_t *document, + yaml_node_item_t *top; + } items = { NULL, NULL, NULL }; + yaml_node_t node; +- ptrdiff_t ret; + + assert(document); /* Non-NULL document object is expected. */ + +@@ -1286,11 +1272,7 @@ yaml_document_add_sequence(yaml_document_t *document, + style, mark, mark); + if (!PUSH(&context, document->nodes, node)) goto error; + +- ret = document->nodes.top - document->nodes.start; +-#if PTRDIFF_MAX > INT_MAX +- if (ret > INT_MAX) goto error; +-#endif +- return (int)ret; ++ return document->nodes.top - document->nodes.start; + + error: + STACK_DEL(&context, items); +@@ -1318,7 +1300,6 @@ yaml_document_add_mapping(yaml_document_t *document, + yaml_node_pair_t *top; + } pairs = { NULL, NULL, NULL }; + yaml_node_t node; +- ptrdiff_t ret; + + assert(document); /* Non-NULL document object is expected. */ + +@@ -1336,11 +1317,7 @@ yaml_document_add_mapping(yaml_document_t *document, + style, mark, mark); + if (!PUSH(&context, document->nodes, node)) goto error; + +- ret = document->nodes.top - document->nodes.start; +-#if PTRDIFF_MAX > INT_MAX +- if (ret > INT_MAX) goto error; +-#endif +- return (int)ret; ++ return document->nodes.top - document->nodes.start; + + error: + STACK_DEL(&context, pairs); diff --git a/lang/ruby/2.1/patches/patch-ext_psych_yaml_emitter_c b/lang/ruby/2.1/patches/patch-ext_psych_yaml_emitter_c new file mode 100644 index 00000000000..55327e6950e --- /dev/null +++ b/lang/ruby/2.1/patches/patch-ext_psych_yaml_emitter_c @@ -0,0 +1,77 @@ +$OpenBSD: patch-ext_psych_yaml_emitter_c,v 1.1 2017/09/16 22:52:40 jeremy Exp $ + +Index: ext/psych/yaml/emitter.c +--- ext/psych/yaml/emitter.c.orig ++++ ext/psych/yaml/emitter.c +@@ -53,7 +53,7 @@ + #define WRITE_BREAK(emitter,string) \ + (FLUSH(emitter) \ + && (CHECK(string,'\n') ? \ +- ((void)PUT_BREAK(emitter), \ ++ (PUT_BREAK(emitter), \ + string.pointer ++, \ + 1) : \ + (COPY(emitter->buffer,string), \ +@@ -221,7 +221,7 @@ yaml_emitter_write_indent(yaml_emitter_t *emitter); + + static int + yaml_emitter_write_indicator(yaml_emitter_t *emitter, +- const char *indicator, int need_whitespace, ++ char *indicator, int need_whitespace, + int is_whitespace, int is_indention); + + static int +@@ -1493,7 +1493,7 @@ yaml_emitter_analyze_scalar(yaml_emitter_t *emitter, + int break_space = 0; + int space_break = 0; + +- int preceeded_by_whitespace = 0; ++ int preceded_by_whitespace = 0; + int followed_by_whitespace = 0; + int previous_space = 0; + int previous_break = 0; +@@ -1524,7 +1524,7 @@ yaml_emitter_analyze_scalar(yaml_emitter_t *emitter, + flow_indicators = 1; + } + +- preceeded_by_whitespace = 1; ++ preceded_by_whitespace = 1; + followed_by_whitespace = IS_BLANKZ_AT(string, WIDTH(string)); + + while (string.pointer != string.end) +@@ -1570,7 +1570,7 @@ yaml_emitter_analyze_scalar(yaml_emitter_t *emitter, + } + } + +- if (CHECK(string, '#') && preceeded_by_whitespace) { ++ if (CHECK(string, '#') && preceded_by_whitespace) { + flow_indicators = 1; + block_indicators = 1; + } +@@ -1619,7 +1619,7 @@ yaml_emitter_analyze_scalar(yaml_emitter_t *emitter, + previous_break = 0; + } + +- preceeded_by_whitespace = IS_BLANKZ(string); ++ preceded_by_whitespace = IS_BLANKZ(string); + MOVE(string); + if (string.pointer != string.end) { + followed_by_whitespace = IS_BLANKZ_AT(string, WIDTH(string)); +@@ -1784,7 +1784,7 @@ yaml_emitter_write_indent(yaml_emitter_t *emitter) + + static int + yaml_emitter_write_indicator(yaml_emitter_t *emitter, +- const char *indicator, int need_whitespace, ++ char *indicator, int need_whitespace, + int is_whitespace, int is_indention) + { + size_t indicator_length; +@@ -2178,7 +2178,7 @@ yaml_emitter_write_block_scalar_hints(yaml_emitter_t * + yaml_string_t string) + { + char indent_hint[2]; +- const char *chomp_hint = NULL; ++ char *chomp_hint = NULL; + + if (IS_SPACE(string) || IS_BREAK(string)) + { diff --git a/lang/ruby/2.1/patches/patch-ext_psych_yaml_loader_c b/lang/ruby/2.1/patches/patch-ext_psych_yaml_loader_c new file mode 100644 index 00000000000..7a498a50b73 --- /dev/null +++ b/lang/ruby/2.1/patches/patch-ext_psych_yaml_loader_c @@ -0,0 +1,79 @@ +$OpenBSD: patch-ext_psych_yaml_loader_c,v 1.1 2017/09/16 22:52:40 jeremy Exp $ + +Index: ext/psych/yaml/loader.c +--- ext/psych/yaml/loader.c.orig ++++ ext/psych/yaml/loader.c +@@ -239,8 +239,8 @@ yaml_parser_register_anchor(yaml_parser_t *parser, + if (strcmp((char *)alias_data->anchor, (char *)anchor) == 0) { + yaml_free(anchor); + return yaml_parser_set_composer_error_context(parser, +- "found duplicate anchor; first occurence", +- alias_data->mark, "second occurence", data.mark); ++ "found duplicate anchor; first occurrence", ++ alias_data->mark, "second occurrence", data.mark); + } + } + +@@ -283,7 +283,6 @@ static int + yaml_parser_load_scalar(yaml_parser_t *parser, yaml_event_t *first_event) + { + yaml_node_t node; +- ptrdiff_t node_index; + int index; + yaml_char_t *tag = first_event->data.scalar.tag; + +@@ -301,11 +300,7 @@ yaml_parser_load_scalar(yaml_parser_t *parser, yaml_ev + + if (!PUSH(parser, parser->document->nodes, node)) goto error; + +- node_index = parser->document->nodes.top - parser->document->nodes.start; +-#if PTRDIFF_MAX > INT_MAX +- if (node_index > INT_MAX) goto error; +-#endif +- index = (int)node_index; ++ index = parser->document->nodes.top - parser->document->nodes.start; + + if (!yaml_parser_register_anchor(parser, index, + first_event->data.scalar.anchor)) return 0; +@@ -334,7 +329,6 @@ yaml_parser_load_sequence(yaml_parser_t *parser, yaml_ + yaml_node_item_t *top; + } items = { NULL, NULL, NULL }; + int index, item_index; +- ptrdiff_t node_index; + yaml_char_t *tag = first_event->data.sequence_start.tag; + + if (!STACK_LIMIT(parser, parser->document->nodes, INT_MAX-1)) goto error; +@@ -353,11 +347,7 @@ yaml_parser_load_sequence(yaml_parser_t *parser, yaml_ + + if (!PUSH(parser, parser->document->nodes, node)) goto error; + +- node_index = parser->document->nodes.top - parser->document->nodes.start; +-#if PTRDIFF_MAX > INT_MAX +- if (node_index > INT_MAX) goto error; +-#endif +- index = (int)node_index; ++ index = parser->document->nodes.top - parser->document->nodes.start; + + if (!yaml_parser_register_anchor(parser, index, + first_event->data.sequence_start.anchor)) return 0; +@@ -401,7 +391,6 @@ yaml_parser_load_mapping(yaml_parser_t *parser, yaml_e + yaml_node_pair_t *top; + } pairs = { NULL, NULL, NULL }; + int index; +- ptrdiff_t node_index; + yaml_node_pair_t pair; + yaml_char_t *tag = first_event->data.mapping_start.tag; + +@@ -421,11 +410,7 @@ yaml_parser_load_mapping(yaml_parser_t *parser, yaml_e + + if (!PUSH(parser, parser->document->nodes, node)) goto error; + +- node_index = parser->document->nodes.top - parser->document->nodes.start; +-#if PTRDIFF_MAX > INT_MAX +- if (node_index > INT_MAX) goto error; +-#endif +- index = (int)node_index; ++ index = parser->document->nodes.top - parser->document->nodes.start; + + if (!yaml_parser_register_anchor(parser, index, + first_event->data.mapping_start.anchor)) return 0; diff --git a/lang/ruby/2.1/patches/patch-ext_psych_yaml_parser_c b/lang/ruby/2.1/patches/patch-ext_psych_yaml_parser_c new file mode 100644 index 00000000000..a1e87d131be --- /dev/null +++ b/lang/ruby/2.1/patches/patch-ext_psych_yaml_parser_c @@ -0,0 +1,61 @@ +$OpenBSD: patch-ext_psych_yaml_parser_c,v 1.1 2017/09/16 22:52:40 jeremy Exp $ + +Index: ext/psych/yaml/parser.c +--- ext/psych/yaml/parser.c.orig ++++ ext/psych/yaml/parser.c +@@ -759,8 +759,9 @@ yaml_parser_parse_block_sequence_entry(yaml_parser_t * + + else if (token->type == YAML_BLOCK_END_TOKEN) + { ++ yaml_mark_t dummy_mark; /* Used to eliminate a compiler warning. */ + parser->state = POP(parser, parser->states); +- (void)POP(parser, parser->marks); ++ dummy_mark = POP(parser, parser->marks); + SEQUENCE_END_EVENT_INIT(*event, token->start_mark, token->end_mark); + SKIP_TOKEN(parser); + return 1; +@@ -868,8 +869,9 @@ yaml_parser_parse_block_mapping_key(yaml_parser_t *par + + else if (token->type == YAML_BLOCK_END_TOKEN) + { ++ yaml_mark_t dummy_mark; /* Used to eliminate a compiler warning. */ + parser->state = POP(parser, parser->states); +- (void)POP(parser, parser->marks); ++ dummy_mark = POP(parser, parser->marks); + MAPPING_END_EVENT_INIT(*event, token->start_mark, token->end_mark); + SKIP_TOKEN(parser); + return 1; +@@ -950,6 +952,7 @@ yaml_parser_parse_flow_sequence_entry(yaml_parser_t *p + yaml_event_t *event, int first) + { + yaml_token_t *token; ++ yaml_mark_t dummy_mark; /* Used to eliminate a compiler warning. */ + + if (first) { + token = PEEK_TOKEN(parser); +@@ -994,7 +997,7 @@ yaml_parser_parse_flow_sequence_entry(yaml_parser_t *p + } + + parser->state = POP(parser, parser->states); +- (void)POP(parser, parser->marks); ++ dummy_mark = POP(parser, parser->marks); + SEQUENCE_END_EVENT_INIT(*event, token->start_mark, token->end_mark); + SKIP_TOKEN(parser); + return 1; +@@ -1101,6 +1104,7 @@ yaml_parser_parse_flow_mapping_key(yaml_parser_t *pars + yaml_event_t *event, int first) + { + yaml_token_t *token; ++ yaml_mark_t dummy_mark; /* Used to eliminate a compiler warning. */ + + if (first) { + token = PEEK_TOKEN(parser); +@@ -1154,7 +1158,7 @@ yaml_parser_parse_flow_mapping_key(yaml_parser_t *pars + } + + parser->state = POP(parser, parser->states); +- (void)POP(parser, parser->marks); ++ dummy_mark = POP(parser, parser->marks); + MAPPING_END_EVENT_INIT(*event, token->start_mark, token->end_mark); + SKIP_TOKEN(parser); + return 1; diff --git a/lang/ruby/2.1/patches/patch-ext_psych_yaml_scanner_c b/lang/ruby/2.1/patches/patch-ext_psych_yaml_scanner_c new file mode 100644 index 00000000000..849529d61f7 --- /dev/null +++ b/lang/ruby/2.1/patches/patch-ext_psych_yaml_scanner_c @@ -0,0 +1,185 @@ +$OpenBSD: patch-ext_psych_yaml_scanner_c,v 1.1 2017/09/16 22:52:40 jeremy Exp $ + +Index: ext/psych/yaml/scanner.c +--- ext/psych/yaml/scanner.c.orig ++++ ext/psych/yaml/scanner.c +@@ -1106,13 +1106,6 @@ yaml_parser_save_simple_key(yaml_parser_t *parser) + && parser->indent == (ptrdiff_t)parser->mark.column); + + /* +- * A simple key is required only when it is the first token in the current +- * line. Therefore it is always allowed. But we add a check anyway. +- */ +- +- assert(parser->simple_key_allowed || !required); /* Impossible. */ +- +- /* + * If the current position may start a simple key, save it. + */ + +@@ -1193,9 +1186,11 @@ yaml_parser_increase_flow_level(yaml_parser_t *parser) + static int + yaml_parser_decrease_flow_level(yaml_parser_t *parser) + { ++ yaml_simple_key_t dummy_key; /* Used to eliminate a compiler warning. */ ++ + if (parser->flow_level) { + parser->flow_level --; +- (void)POP(parser, parser->simple_keys); ++ dummy_key = POP(parser, parser->simple_keys); + } + + return 1; +@@ -1229,14 +1224,12 @@ yaml_parser_roll_indent(yaml_parser_t *parser, ptrdiff + if (!PUSH(parser, parser->indents, parser->indent)) + return 0; + +-#if PTRDIFF_MAX > INT_MAX + if (column > INT_MAX) { + parser->error = YAML_MEMORY_ERROR; + return 0; + } +-#endif + +- parser->indent = (int)column; ++ parser->indent = column; + + /* Create a token and insert it into the queue. */ + +@@ -1258,7 +1251,7 @@ yaml_parser_roll_indent(yaml_parser_t *parser, ptrdiff + + /* + * Pop indentation levels from the indents stack until the current level +- * becomes less or equal to the column. For each intendation level, append ++ * becomes less or equal to the column. For each indentation level, append + * the BLOCK-END token. + */ + +@@ -1273,7 +1266,7 @@ yaml_parser_unroll_indent(yaml_parser_t *parser, ptrdi + if (parser->flow_level) + return 1; + +- /* Loop through the intendation levels in the stack. */ ++ /* Loop through the indentation levels in the stack. */ + + while (parser->indent > column) + { +@@ -2060,7 +2053,7 @@ yaml_parser_scan_directive(yaml_parser_t *parser, yaml + else + { + yaml_parser_set_scanner_error(parser, "while scanning a directive", +- start_mark, "found uknown directive name"); ++ start_mark, "found unknown directive name"); + goto error; + } + +@@ -2782,15 +2775,15 @@ yaml_parser_scan_block_scalar(yaml_parser_t *parser, y + + if (IS_DIGIT(parser->buffer)) + { +- /* Check that the intendation is greater than 0. */ ++ /* Check that the indentation is greater than 0. */ + + if (CHECK(parser->buffer, '0')) { + yaml_parser_set_scanner_error(parser, "while scanning a block scalar", +- start_mark, "found an intendation indicator equal to 0"); ++ start_mark, "found an indentation indicator equal to 0"); + goto error; + } + +- /* Get the intendation level and eat the indicator. */ ++ /* Get the indentation level and eat the indicator. */ + + increment = AS_DIGIT(parser->buffer); + +@@ -2804,7 +2797,7 @@ yaml_parser_scan_block_scalar(yaml_parser_t *parser, y + { + if (CHECK(parser->buffer, '0')) { + yaml_parser_set_scanner_error(parser, "while scanning a block scalar", +- start_mark, "found an intendation indicator equal to 0"); ++ start_mark, "found an indentation indicator equal to 0"); + goto error; + } + +@@ -2854,7 +2847,7 @@ yaml_parser_scan_block_scalar(yaml_parser_t *parser, y + + end_mark = parser->mark; + +- /* Set the intendation level if it was specified. */ ++ /* Set the indentation level if it was specified. */ + + if (increment) { + indent = parser->indent >= 0 ? parser->indent+increment : increment; +@@ -2920,7 +2913,7 @@ yaml_parser_scan_block_scalar(yaml_parser_t *parser, y + + if (!READ_LINE(parser, leading_break)) goto error; + +- /* Eat the following intendation spaces and line breaks. */ ++ /* Eat the following indentation spaces and line breaks. */ + + if (!yaml_parser_scan_block_scalar_breaks(parser, + &indent, &trailing_breaks, start_mark, &end_mark)) goto error; +@@ -2955,8 +2948,8 @@ error: + } + + /* +- * Scan intendation spaces and line breaks for a block scalar. Determine the +- * intendation level if needed. ++ * Scan indentation spaces and line breaks for a block scalar. Determine the ++ * indentation level if needed. + */ + + static int +@@ -2968,11 +2961,11 @@ yaml_parser_scan_block_scalar_breaks(yaml_parser_t *pa + + *end_mark = parser->mark; + +- /* Eat the intendation spaces and line breaks. */ ++ /* Eat the indentation spaces and line breaks. */ + + while (1) + { +- /* Eat the intendation spaces. */ ++ /* Eat the indentation spaces. */ + + if (!CACHE(parser, 1)) return 0; + +@@ -2985,12 +2978,12 @@ yaml_parser_scan_block_scalar_breaks(yaml_parser_t *pa + if ((int)parser->mark.column > max_indent) + max_indent = (int)parser->mark.column; + +- /* Check for a tab character messing the intendation. */ ++ /* Check for a tab character messing the indentation. */ + + if ((!*indent || (int)parser->mark.column < *indent) + && IS_TAB(parser->buffer)) { + return yaml_parser_set_scanner_error(parser, "while scanning a block scalar", +- start_mark, "found a tab character where an intendation space is expected"); ++ start_mark, "found a tab character where an indentation space is expected"); + } + + /* Have we found a non-empty line? */ +@@ -3511,12 +3504,12 @@ yaml_parser_scan_plain_scalar(yaml_parser_t *parser, y + { + if (IS_BLANK(parser->buffer)) + { +- /* Check for tab character that abuse intendation. */ ++ /* Check for tab characters that abuse indentation. */ + + if (leading_blanks && (int)parser->mark.column < indent + && IS_TAB(parser->buffer)) { + yaml_parser_set_scanner_error(parser, "while scanning a plain scalar", +- start_mark, "found a tab character that violate intendation"); ++ start_mark, "found a tab character that violates indentation"); + goto error; + } + +@@ -3549,7 +3542,7 @@ yaml_parser_scan_plain_scalar(yaml_parser_t *parser, y + if (!CACHE(parser, 1)) goto error; + } + +- /* Check intendation level. */ ++ /* Check indentation level. */ + + if (!parser->flow_level && (int)parser->mark.column < indent) + break; diff --git a/lang/ruby/2.1/patches/patch-ext_psych_yaml_yaml_private_h b/lang/ruby/2.1/patches/patch-ext_psych_yaml_yaml_private_h new file mode 100644 index 00000000000..994d81b890a --- /dev/null +++ b/lang/ruby/2.1/patches/patch-ext_psych_yaml_yaml_private_h @@ -0,0 +1,20 @@ +$OpenBSD: patch-ext_psych_yaml_yaml_private_h,v 1.1 2017/09/16 22:52:40 jeremy Exp $ + +Index: ext/psych/yaml/yaml_private.h +--- ext/psych/yaml/yaml_private.h.orig ++++ ext/psych/yaml/yaml_private.h +@@ -436,8 +436,7 @@ yaml_queue_extend(void **start, void **head, void **ta + (stack).start = (stack).top = (stack).end = 0) + + #define STACK_EMPTY(context,stack) \ +- ((void)(context), \ +- ((stack).start == (stack).top)) ++ ((stack).start == (stack).top) + + #define STACK_LIMIT(context,stack,size) \ + ((stack).top - (stack).start < (size) ? \ +@@ -661,4 +660,3 @@ yaml_queue_extend(void **start, void **head, void **ta + (node).data.mapping.pairs.end = (node_pairs_end), \ + (node).data.mapping.pairs.top = (node_pairs_start), \ + (node).data.mapping.style = (node_style)) +- diff --git a/lang/ruby/2.1/patches/patch-lib_webrick_httpstatus_rb b/lang/ruby/2.1/patches/patch-lib_webrick_httpstatus_rb new file mode 100644 index 00000000000..0c7e3050bd6 --- /dev/null +++ b/lang/ruby/2.1/patches/patch-lib_webrick_httpstatus_rb @@ -0,0 +1,16 @@ +$OpenBSD: patch-lib_webrick_httpstatus_rb,v 1.1 2017/09/16 22:52:40 jeremy Exp $ + +Index: lib/webrick/httpstatus.rb +--- lib/webrick/httpstatus.rb.orig ++++ lib/webrick/httpstatus.rb +@@ -20,10 +20,6 @@ module WEBrick + ## + # Root of the HTTP status class hierarchy + class Status < StandardError +- def initialize(*args) # :nodoc: +- args[0] = AccessLog.escape(args[0]) unless args.empty? +- super(*args) +- end + class << self + attr_reader :code, :reason_phrase # :nodoc: + end diff --git a/lang/ruby/2.1/patches/patch-lib_webrick_log_rb b/lang/ruby/2.1/patches/patch-lib_webrick_log_rb new file mode 100644 index 00000000000..934dda41668 --- /dev/null +++ b/lang/ruby/2.1/patches/patch-lib_webrick_log_rb @@ -0,0 +1,18 @@ +$OpenBSD: patch-lib_webrick_log_rb,v 1.1 2017/09/16 22:52:40 jeremy Exp $ + +Index: lib/webrick/log.rb +--- lib/webrick/log.rb.orig ++++ lib/webrick/log.rb +@@ -117,10 +117,10 @@ module WEBrick + # * Otherwise it will return +arg+.inspect. + def format(arg) + if arg.is_a?(Exception) +- "#{arg.class}: #{arg.message}\n\t" << ++ "#{arg.class}: #{AccessLog.escape(arg.message)}\n\t" << + arg.backtrace.join("\n\t") << "\n" + elsif arg.respond_to?(:to_str) +- arg.to_str ++ AccessLog.escape(arg.to_str) + else + arg.inspect + end diff --git a/lang/ruby/2.1/patches/patch-sprintf_c b/lang/ruby/2.1/patches/patch-sprintf_c new file mode 100644 index 00000000000..3bb0fc294d2 --- /dev/null +++ b/lang/ruby/2.1/patches/patch-sprintf_c @@ -0,0 +1,63 @@ +$OpenBSD: patch-sprintf_c,v 1.1 2017/09/16 22:52:40 jeremy Exp $ + +Index: sprintf.c +--- sprintf.c.orig ++++ sprintf.c +@@ -1000,6 +1000,8 @@ rb_str_format(int argc, const VALUE *argv, VALUE fmt) + fval = RFLOAT_VALUE(rb_Float(val)); + if (isnan(fval) || isinf(fval)) { + const char *expr; ++ int elen; ++ char sign = '\0'; + + if (isnan(fval)) { + expr = "NaN"; +@@ -1008,33 +1010,28 @@ rb_str_format(int argc, const VALUE *argv, VALUE fmt) + expr = "Inf"; + } + need = (int)strlen(expr); +- if ((!isnan(fval) && fval < 0.0) || (flags & FPLUS)) +- need++; ++ elen = need; ++ i = 0; ++ if (!isnan(fval) && fval < 0.0) ++ sign = '-'; ++ else if (flags & (FPLUS|FSPACE)) ++ sign = (flags & FPLUS) ? '+' : ' '; ++ if (sign) ++ ++need; + if ((flags & FWIDTH) && need < width) + need = width; + +- CHECK(need + 1); +- snprintf(&buf[blen], need + 1, "%*s", need, ""); ++ FILL(' ', need); + if (flags & FMINUS) { +- if (!isnan(fval) && fval < 0.0) +- buf[blen++] = '-'; +- else if (flags & FPLUS) +- buf[blen++] = '+'; +- else if (flags & FSPACE) +- blen++; +- memcpy(&buf[blen], expr, strlen(expr)); ++ if (sign) ++ buf[blen - need--] = sign; ++ memcpy(&buf[blen - need], expr, elen); + } + else { +- if (!isnan(fval) && fval < 0.0) +- buf[blen + need - strlen(expr) - 1] = '-'; +- else if (flags & FPLUS) +- buf[blen + need - strlen(expr) - 1] = '+'; +- else if ((flags & FSPACE) && need > width) +- blen++; +- memcpy(&buf[blen + need - strlen(expr)], expr, +- strlen(expr)); ++ if (sign) ++ buf[blen - elen - 1] = sign; ++ memcpy(&buf[blen - elen], expr, elen); + } +- blen += strlen(&buf[blen]); + break; + } +