Fix a heap overflow condition when compiling certain regular

expressions involving in-pattern options and branches, potentially
leading to arbitrary code execution.

PR:		ports/126471
Submitted by:	Tsurutani Naoki <turutani@scphys.kyoto-u.ac.jp>

2 files changed, 15 insertions, 0 deletions

diff --git a/devel/pcre/Makefile b/devel/pcre/Makefile
index 974536cee096..dd3fc5890666 100644
--- a/devel/pcre/Makefile
+++ b/devel/pcre/Makefile
@@ -7,6 +7,7 @@
 
 PORTNAME=	pcre
 PORTVERSION=	7.7
+PORTREVISION=	1
 CATEGORIES=	devel
 MASTER_SITES=	ftp://ftp.csx.cam.ac.uk/pub/software/programming/%SUBDIR%/ \
 		ftp://ftp.fu-berlin.de/unix/misc/%SUBDIR%/ \
diff --git a/devel/pcre/files/patch-pcre__compile.c b/devel/pcre/files/patch-pcre__compile.c
new file mode 100644
index 000000000000..a492df897aee
--- /dev/null
+++ b/devel/pcre/files/patch-pcre__compile.c
@@ -0,0 +1,14 @@
+
+$FreeBSD$
+
+--- pcre_compile.c.orig
++++ pcre_compile.c
+@@ -4931,7 +4931,7 @@
+                (lengthptr == NULL || *lengthptr == 2 + 2*LINK_SIZE))
+             {
+             cd->external_options = newoptions;
+-            options = newoptions;
++            options = *optionsptr = newoptions;
+             }
+          else
+             {