From 7549e05bf83cf0b6a9db4c2c40122e676fb07e7f Mon Sep 17 00:00:00 2001 From: Bernd Kuhls Date: Sat, 8 Jan 2022 10:39:53 +0100 Subject: [PATCH] package/icu: bump version to 70-1 Removed patch which was applied upstream: https://github.com/unicode-org/icu/commit/2dc5bea9061b4fb05cd03e21b775dd944a0eb81d Updated license hash due to typo fixes: https://github.com/unicode-org/icu/commit/73eca0a9c927045a3b5eafdbec9c17d2fcacd5da Updated project URL as recommended in the release notes: https://github.com/unicode-org/icu/releases/tag/release-70-1 Signed-off-by: Bernd Kuhls Signed-off-by: Arnout Vandecappelle (Essensium/Mind) --- ...-ICU-21587-Fix-memory-bug-w-baseName.patch | 112 ------------------ package/icu/Config.in | 2 +- package/icu/icu.hash | 4 +- package/icu/icu.mk | 2 +- 4 files changed, 4 insertions(+), 116 deletions(-) delete mode 100644 package/icu/0005-ICU-21587-Fix-memory-bug-w-baseName.patch diff --git a/package/icu/0005-ICU-21587-Fix-memory-bug-w-baseName.patch b/package/icu/0005-ICU-21587-Fix-memory-bug-w-baseName.patch deleted file mode 100644 index 15af976e49..0000000000 --- a/package/icu/0005-ICU-21587-Fix-memory-bug-w-baseName.patch +++ /dev/null @@ -1,112 +0,0 @@ -From 2dc5bea9061b4fb05cd03e21b775dd944a0eb81d Mon Sep 17 00:00:00 2001 -From: Frank Tang -Date: Tue, 13 Apr 2021 15:16:50 -0700 -Subject: [PATCH] ICU-21587 Fix memory bug w/ baseName - -Edge cases not fixed in assign and move assign operator -while the locale is long and call setKeywordValue with incorrect -keyword/values. - -Signed-off-by: Peter Korsgaard -[Peter: Fixes CVE-2021-30535, adjust paths for tarball] ---- - source/common/locid.cpp | 11 +++++++++-- - source/test/intltest/loctest.cpp | 26 ++++++++++++++++++++++++++ - source/test/intltest/loctest.h | 2 ++ - 3 files changed, 37 insertions(+), 2 deletions(-) - -diff --git a/source/common/locid.cpp b/source/common/locid.cpp -index 02cd82a7b8..3c6e5b0669 100644 ---- a/source/common/locid.cpp -+++ b/source/common/locid.cpp -@@ -469,14 +469,18 @@ Locale& Locale::operator=(Locale&& other) U_NOEXCEPT { - if ((baseName != fullName) && (baseName != fullNameBuffer)) uprv_free(baseName); - if (fullName != fullNameBuffer) uprv_free(fullName); - -- if (other.fullName == other.fullNameBuffer) { -+ if (other.fullName == other.fullNameBuffer || other.baseName == other.fullNameBuffer) { - uprv_strcpy(fullNameBuffer, other.fullNameBuffer); -+ } -+ if (other.fullName == other.fullNameBuffer) { - fullName = fullNameBuffer; - } else { - fullName = other.fullName; - } - -- if (other.baseName == other.fullName) { -+ if (other.baseName == other.fullNameBuffer) { -+ baseName = fullNameBuffer; -+ } else if (other.baseName == other.fullName) { - baseName = fullName; - } else { - baseName = other.baseName; -@@ -2681,6 +2685,9 @@ Locale::setKeywordValue(const char* keywordName, const char* keywordValue, UErro - if (fullName != fullNameBuffer) { - // if full Name is already on the heap, need to free it. - uprv_free(fullName); -+ if (baseName == fullName) { -+ baseName = newFullName; // baseName should not point to freed memory. -+ } - } - fullName = newFullName; - status = U_ZERO_ERROR; -diff --git a/source/test/intltest/loctest.cpp b/source/test/intltest/loctest.cpp -index ce41a4c00e..5503b008b0 100644 ---- a/source/test/intltest/loctest.cpp -+++ b/source/test/intltest/loctest.cpp -@@ -284,6 +284,8 @@ void LocaleTest::runIndexedTest( int32_t index, UBool exec, const char* &name, c - TESTCASE_AUTO(TestSetUnicodeKeywordValueNullInLongLocale); - TESTCASE_AUTO(TestCanonicalize); - TESTCASE_AUTO(TestLeak21419); -+ TESTCASE_AUTO(TestLongLocaleSetKeywordAssign); -+ TESTCASE_AUTO(TestLongLocaleSetKeywordMoveAssign); - TESTCASE_AUTO_END; - } - -@@ -6520,6 +6522,30 @@ void LocaleTest::TestSetUnicodeKeywordValueInLongLocale() { - } - } - -+void LocaleTest::TestLongLocaleSetKeywordAssign() { -+ IcuTestErrorCode status(*this, "TestLongLocaleSetKeywordAssign"); -+ // A long base name, with an illegal keyword and copy constructor -+ icu::Locale l("de_AAAAAAA1_AAAAAAA2_AAAAAAA3_AAAAAAA4_AAAAAAA5_AAAAAAA6_" -+ "AAAAAAA7_AAAAAAA8_AAAAAAA9_AAAAAA10_AAAAAA11_AAAAAA12_" -+ "AAAAAA13_AAAAAA14_AAAAAA15_AAAAAA16_AAAAAA17_AAAAAA18"); -+ Locale l2; -+ l.setUnicodeKeywordValue("co", "12", status); // Cause an error -+ status.reset(); -+ l2 = l; // copy operator on such bogus locale. -+} -+ -+void LocaleTest::TestLongLocaleSetKeywordMoveAssign() { -+ IcuTestErrorCode status(*this, "TestLongLocaleSetKeywordMoveAssign"); -+ // A long base name, with an illegal keyword and copy constructor -+ icu::Locale l("de_AAAAAAA1_AAAAAAA2_AAAAAAA3_AAAAAAA4_AAAAAAA5_AAAAAAA6_" -+ "AAAAAAA7_AAAAAAA8_AAAAAAA9_AAAAAA10_AAAAAA11_AAAAAA12_" -+ "AAAAAA13_AAAAAA14_AAAAAA15_AAAAAA16_AAAAAA17"); -+ Locale l2; -+ l.setUnicodeKeywordValue("co", "12", status); // Cause an error -+ status.reset(); -+ Locale l3 = std::move(l); // move assign -+} -+ - void LocaleTest::TestSetUnicodeKeywordValueNullInLongLocale() { - IcuTestErrorCode status(*this, "TestSetUnicodeKeywordValueNullInLongLocale"); - const char *exts[] = {"cf", "cu", "em", "kk", "kr", "ks", "kv", "lb", "lw", -diff --git a/source/test/intltest/loctest.h b/source/test/intltest/loctest.h -index 05be4037bd..12a93bde53 100644 ---- a/source/test/intltest/loctest.h -+++ b/source/test/intltest/loctest.h -@@ -156,6 +156,8 @@ class LocaleTest: public IntlTest { - void TestSetUnicodeKeywordValueInLongLocale(); - void TestSetUnicodeKeywordValueNullInLongLocale(); - void TestLeak21419(); -+ void TestLongLocaleSetKeywordAssign(); -+ void TestLongLocaleSetKeywordMoveAssign(); - - private: - void _checklocs(const char* label, --- -2.20.1 - diff --git a/package/icu/Config.in b/package/icu/Config.in index b0c9eac83d..8b410bfdb6 100644 --- a/package/icu/Config.in +++ b/package/icu/Config.in @@ -12,7 +12,7 @@ config BR2_PACKAGE_ICU help International Components for Unicode. - http://site.icu-project.org/ + https://icu.unicode.org/ if BR2_PACKAGE_ICU diff --git a/package/icu/icu.hash b/package/icu/icu.hash index 5ed7cc4217..56a0a5dd53 100644 --- a/package/icu/icu.hash +++ b/package/icu/icu.hash @@ -1,3 +1,3 @@ # Locally computed -sha256 4cba7b7acd1d3c42c44bb0c14be6637098c7faf2b330ce876bc5f3b915d09745 icu4c-69_1-src.tgz -sha256 7915b19db903070778581ae05d8bf4ea241b34a05deb51ca4f5cbb15ea1cbba3 LICENSE +sha256 8d205428c17bf13bb535300669ed28b338a157b1c01ae66d31d0d3e2d47c3fd5 icu4c-70_1-src.tgz +sha256 861671f8c712aa046f8f5ac89239e6c33821636516c5d0cc8c4e1973085f27a6 LICENSE diff --git a/package/icu/icu.mk b/package/icu/icu.mk index c5d0c3eefb..7e0c96e43a 100644 --- a/package/icu/icu.mk +++ b/package/icu/icu.mk @@ -7,7 +7,7 @@ # Git tags (and therefore versions on release-monitoring.org) use the # XX-Y format, but the tarballs are named XX_Y and the containing # directories XX.Y. -ICU_VERSION = 69-1 +ICU_VERSION = 70-1 ICU_SOURCE = icu4c-$(subst -,_,$(ICU_VERSION))-src.tgz ICU_SITE = \ https://github.com/unicode-org/icu/releases/download/release-$(ICU_VERSION)