From d3e31afd97dd96eda77465c60b5ccaeb1d361024 Mon Sep 17 00:00:00 2001 From: ultra_planet Date: Sat, 9 May 2020 09:32:02 +0800 Subject: [PATCH 1/6] add yaml file --- aspell.yaml | 4 ++++ 1 file changed, 4 insertions(+) create mode 100644 aspell.yaml diff --git a/aspell.yaml b/aspell.yaml new file mode 100644 index 0000000..02403aa --- /dev/null +++ b/aspell.yaml @@ -0,0 +1,4 @@ +version_control: git +src_repo: https://git.savannah.gnu.org/git/aspell.git +tag_prefix: "rel-" +seperator: "." -- Gitee From 71098875914ad28286619861f95d01b45bd622b4 Mon Sep 17 00:00:00 2001 From: wang--ge Date: Thu, 24 Dec 2020 15:31:27 +0800 Subject: [PATCH 2/6] modify source0 url --- aspell.spec | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/aspell.spec b/aspell.spec index c4e42fc..84587a1 100644 --- a/aspell.spec +++ b/aspell.spec @@ -1,11 +1,11 @@ Name: aspell Version: 0.60.6.1 -Release: 25 +Release: 26 Summary: Spell checker Epoch: 12 License: LGPLv2+ and LGPLv2 and GPLv2+ and BSD URL: http://aspell.net/ -Source: ftp://ftp.gnu.org/gnu/aspell/aspell-%{version}.tar.gz +Source: http://mirrors.ustc.edu.cn/gnu/aspell/aspell-%{version}.tar.gz Patch0000: aspell-0.60.3-install_info.patch Patch0001: aspell-0.60.5-fileconflict.patch @@ -110,5 +110,8 @@ rm -rf ${RPM_BUILD_ROOT}%{_mandir}/man1/aspell-import.1 %{_mandir}/man1/pspell-config.1* %changelog +* Thu Dec 24 2020 Ge Wang - 12:0.60.6.1-26 +- Modify Source0 url + * Wed Nov 27 2019 yangjian - 12:0.60.6.1-25 - Package init -- Gitee From f52add4b55dc2caa60590b931416c0a487f40557 Mon Sep 17 00:00:00 2001 From: houyingchao <1348375921@qq.com> Date: Tue, 27 Jul 2021 11:13:20 +0800 Subject: [PATCH 3/6] CVE-2019-17544 --- CVE-2019-17544.patch | 49 ++++++++++++++++++++++++++++++++++++++++++++ aspell.spec | 6 +++++- 2 files changed, 54 insertions(+), 1 deletion(-) create mode 100644 CVE-2019-17544.patch diff --git a/CVE-2019-17544.patch b/CVE-2019-17544.patch new file mode 100644 index 0000000..69f3045 --- /dev/null +++ b/CVE-2019-17544.patch @@ -0,0 +1,49 @@ +From 80fa26c74279fced8d778351cff19d1d8f44fe4e Mon Sep 17 00:00:00 2001 +From: Kevin Atkinson +Date: Sun, 4 Aug 2019 04:20:29 -0400 +Subject: [PATCH] Fix various bugs found by OSS-Fuze. + +--- + common/config.cpp | 2 +- + common/file_util.cpp | 1 + + common/getdata.cpp | 2 +- + 3 files changed, 3 insertions(+), 2 deletions(-) + +diff --git a/common/config.cpp b/common/config.cpp +index 017e741..e117d3c 100644 +--- a/common/config.cpp ++++ b/common/config.cpp +@@ -763,7 +763,7 @@ namespace acommon { + } + res.append(':'); + } +- if (res.back() == ':') res.pop_back(); ++ if (!res.empty() && res.back() == ':') res.pop_back(); + } + + struct ListAddHelper : public AddableContainer +diff --git a/common/file_util.cpp b/common/file_util.cpp +index 8515832..56ea501 100644 +--- a/common/file_util.cpp ++++ b/common/file_util.cpp +@@ -181,6 +181,7 @@ namespace acommon { + while ( (dir = els.next()) != 0 ) + { + path = dir; ++ if (path.empty()) continue; + if (path.back() != '/') path += '/'; + unsigned dir_len = path.size(); + path += filename; +diff --git a/common/getdata.cpp b/common/getdata.cpp +index 7e822c9..1b04823 100644 +--- a/common/getdata.cpp ++++ b/common/getdata.cpp +@@ -64,7 +64,7 @@ namespace acommon { + char * unescape(char * dest, const char * src) + { + while (*src) { +- if (*src == '\\') { ++ if (*src == '\\' && src[1]) { + ++src; + switch (*src) { + case 'n': *dest = '\n'; break; diff --git a/aspell.spec b/aspell.spec index 84587a1..5dd198d 100644 --- a/aspell.spec +++ b/aspell.spec @@ -1,6 +1,6 @@ Name: aspell Version: 0.60.6.1 -Release: 26 +Release: 27 Summary: Spell checker Epoch: 12 License: LGPLv2+ and LGPLv2 and GPLv2+ and BSD @@ -16,6 +16,7 @@ Patch0005: aspell-0.60.6.1-dump-personal-abort.patch Patch0006: aspell-0.60.6.1-aarch64.patch Patch0007: aspell-0.60.6.1-gcc7-fixes.patch Patch0008: aspell-0.60.6.1-fix-back-on-empty-vector.patch +Patch0009: CVE-2019-17544.patch BuildRequires: chrpath gettext ncurses-devel pkgconfig perl-interpreter gcc-c++ @@ -110,6 +111,9 @@ rm -rf ${RPM_BUILD_ROOT}%{_mandir}/man1/aspell-import.1 %{_mandir}/man1/pspell-config.1* %changelog +* Thu Jul 27 2021 houyingchao - 12:0.60.6.1-27 +- fix CVE-2019-17544 + * Thu Dec 24 2020 Ge Wang - 12:0.60.6.1-26 - Modify Source0 url -- Gitee From 73b7b6eec77151a15109b61aeda7bfadedcdf845 Mon Sep 17 00:00:00 2001 From: programmer12 <964969108@qq.com> Date: Thu, 23 Sep 2021 19:45:31 +0800 Subject: [PATCH 4/6] CVE-2019-25051 --- CVE-2019-25051.patch | 96 ++++++++++++++++++++++++++++++++++++++++++++ aspell.spec | 6 ++- 2 files changed, 101 insertions(+), 1 deletion(-) create mode 100644 CVE-2019-25051.patch diff --git a/CVE-2019-25051.patch b/CVE-2019-25051.patch new file mode 100644 index 0000000..2f15d38 --- /dev/null +++ b/CVE-2019-25051.patch @@ -0,0 +1,96 @@ +From 0718b375425aad8e54e1150313b862e4c6fd324a Mon Sep 17 00:00:00 2001 +From: Kevin Atkinson +Date: Sat, 21 Dec 2019 20:32:47 +0000 +Subject: [PATCH] objstack: assert that the alloc size will fit within a chunk + to prevent a buffer overflow + +Bug found using OSS-Fuze. +--- + common/objstack.hpp | 18 ++++++++++++++---- + 1 file changed, 14 insertions(+), 4 deletions(-) + +diff --git a/common/objstack.hpp b/common/objstack.hpp +index 3997bf7..bd97ccd 100644 +--- a/common/objstack.hpp ++++ b/common/objstack.hpp +@@ -5,6 +5,7 @@ + #include "parm_string.hpp" + #include + #include ++#include + + namespace acommon { + +@@ -26,6 +27,12 @@ class ObjStack + byte * temp_end; + void setup_chunk(); + void new_chunk(); ++ bool will_overflow(size_t sz) const { ++ return offsetof(Node,data) + sz > chunk_size; ++ } ++ void check_size(size_t sz) { ++ assert(!will_overflow(sz)); ++ } + + ObjStack(const ObjStack &); + void operator=(const ObjStack &); +@@ -56,7 +63,7 @@ class ObjStack + void * alloc_bottom(size_t size) { + byte * tmp = bottom; + bottom += size; +- if (bottom > top) {new_chunk(); tmp = bottom; bottom += size;} ++ if (bottom > top) {check_size(size); new_chunk(); tmp = bottom; bottom += size;} + return tmp; + } + // This alloc_bottom will insure that the object is aligned based on the +@@ -66,7 +73,7 @@ class ObjStack + align_bottom(align); + byte * tmp = bottom; + bottom += size; +- if (bottom > top) {new_chunk(); goto loop;} ++ if (bottom > top) {check_size(size); new_chunk(); goto loop;} + return tmp; + } + char * dup_bottom(ParmString str) { +@@ -79,7 +86,7 @@ class ObjStack + // always be aligned as such. + void * alloc_top(size_t size) { + top -= size; +- if (top < bottom) {new_chunk(); top -= size;} ++ if (top < bottom) {check_size(size); new_chunk(); top -= size;} + return top; + } + // This alloc_top will insure that the object is aligned based on +@@ -88,7 +95,7 @@ class ObjStack + {loop: + top -= size; + align_top(align); +- if (top < bottom) {new_chunk(); goto loop;} ++ if (top < bottom) {check_size(size); new_chunk(); goto loop;} + return top; + } + char * dup_top(ParmString str) { +@@ -117,6 +124,7 @@ class ObjStack + void * alloc_temp(size_t size) { + temp_end = bottom + size; + if (temp_end > top) { ++ check_size(size); + new_chunk(); + temp_end = bottom + size; + } +@@ -131,6 +139,7 @@ class ObjStack + } else { + size_t s = temp_end - bottom; + byte * p = bottom; ++ check_size(size); + new_chunk(); + memcpy(bottom, p, s); + temp_end = bottom + size; +@@ -150,6 +159,7 @@ class ObjStack + } else { + size_t s = temp_end - bottom; + byte * p = bottom; ++ check_size(size); + new_chunk(); + memcpy(bottom, p, s); + temp_end = bottom + size; diff --git a/aspell.spec b/aspell.spec index 5dd198d..3ab0498 100644 --- a/aspell.spec +++ b/aspell.spec @@ -1,6 +1,6 @@ Name: aspell Version: 0.60.6.1 -Release: 27 +Release: 28 Summary: Spell checker Epoch: 12 License: LGPLv2+ and LGPLv2 and GPLv2+ and BSD @@ -17,6 +17,7 @@ Patch0006: aspell-0.60.6.1-aarch64.patch Patch0007: aspell-0.60.6.1-gcc7-fixes.patch Patch0008: aspell-0.60.6.1-fix-back-on-empty-vector.patch Patch0009: CVE-2019-17544.patch +Patch0010: CVE-2019-25051.patch BuildRequires: chrpath gettext ncurses-devel pkgconfig perl-interpreter gcc-c++ @@ -111,6 +112,9 @@ rm -rf ${RPM_BUILD_ROOT}%{_mandir}/man1/aspell-import.1 %{_mandir}/man1/pspell-config.1* %changelog +* Thu Sep 23 2021 liwu - 12:0.60.6.1-28 +- fix CVE-2019-25051 + * Thu Jul 27 2021 houyingchao - 12:0.60.6.1-27 - fix CVE-2019-17544 -- Gitee From 54f0e236033ea09015bbdfe8cad451d0116efaab Mon Sep 17 00:00:00 2001 From: programmer12 <964969108@qq.com> Date: Thu, 23 Sep 2021 20:30:11 +0800 Subject: [PATCH 5/6] CVE-2019-25051 --- CVE-2019-25051.patch | 96 ++++++++++++++++++++++++++++++++++++++++++++ aspell.spec | 6 ++- 2 files changed, 101 insertions(+), 1 deletion(-) create mode 100644 CVE-2019-25051.patch diff --git a/CVE-2019-25051.patch b/CVE-2019-25051.patch new file mode 100644 index 0000000..2f15d38 --- /dev/null +++ b/CVE-2019-25051.patch @@ -0,0 +1,96 @@ +From 0718b375425aad8e54e1150313b862e4c6fd324a Mon Sep 17 00:00:00 2001 +From: Kevin Atkinson +Date: Sat, 21 Dec 2019 20:32:47 +0000 +Subject: [PATCH] objstack: assert that the alloc size will fit within a chunk + to prevent a buffer overflow + +Bug found using OSS-Fuze. +--- + common/objstack.hpp | 18 ++++++++++++++---- + 1 file changed, 14 insertions(+), 4 deletions(-) + +diff --git a/common/objstack.hpp b/common/objstack.hpp +index 3997bf7..bd97ccd 100644 +--- a/common/objstack.hpp ++++ b/common/objstack.hpp +@@ -5,6 +5,7 @@ + #include "parm_string.hpp" + #include + #include ++#include + + namespace acommon { + +@@ -26,6 +27,12 @@ class ObjStack + byte * temp_end; + void setup_chunk(); + void new_chunk(); ++ bool will_overflow(size_t sz) const { ++ return offsetof(Node,data) + sz > chunk_size; ++ } ++ void check_size(size_t sz) { ++ assert(!will_overflow(sz)); ++ } + + ObjStack(const ObjStack &); + void operator=(const ObjStack &); +@@ -56,7 +63,7 @@ class ObjStack + void * alloc_bottom(size_t size) { + byte * tmp = bottom; + bottom += size; +- if (bottom > top) {new_chunk(); tmp = bottom; bottom += size;} ++ if (bottom > top) {check_size(size); new_chunk(); tmp = bottom; bottom += size;} + return tmp; + } + // This alloc_bottom will insure that the object is aligned based on the +@@ -66,7 +73,7 @@ class ObjStack + align_bottom(align); + byte * tmp = bottom; + bottom += size; +- if (bottom > top) {new_chunk(); goto loop;} ++ if (bottom > top) {check_size(size); new_chunk(); goto loop;} + return tmp; + } + char * dup_bottom(ParmString str) { +@@ -79,7 +86,7 @@ class ObjStack + // always be aligned as such. + void * alloc_top(size_t size) { + top -= size; +- if (top < bottom) {new_chunk(); top -= size;} ++ if (top < bottom) {check_size(size); new_chunk(); top -= size;} + return top; + } + // This alloc_top will insure that the object is aligned based on +@@ -88,7 +95,7 @@ class ObjStack + {loop: + top -= size; + align_top(align); +- if (top < bottom) {new_chunk(); goto loop;} ++ if (top < bottom) {check_size(size); new_chunk(); goto loop;} + return top; + } + char * dup_top(ParmString str) { +@@ -117,6 +124,7 @@ class ObjStack + void * alloc_temp(size_t size) { + temp_end = bottom + size; + if (temp_end > top) { ++ check_size(size); + new_chunk(); + temp_end = bottom + size; + } +@@ -131,6 +139,7 @@ class ObjStack + } else { + size_t s = temp_end - bottom; + byte * p = bottom; ++ check_size(size); + new_chunk(); + memcpy(bottom, p, s); + temp_end = bottom + size; +@@ -150,6 +159,7 @@ class ObjStack + } else { + size_t s = temp_end - bottom; + byte * p = bottom; ++ check_size(size); + new_chunk(); + memcpy(bottom, p, s); + temp_end = bottom + size; diff --git a/aspell.spec b/aspell.spec index 5dd198d..3ab0498 100644 --- a/aspell.spec +++ b/aspell.spec @@ -1,6 +1,6 @@ Name: aspell Version: 0.60.6.1 -Release: 27 +Release: 28 Summary: Spell checker Epoch: 12 License: LGPLv2+ and LGPLv2 and GPLv2+ and BSD @@ -17,6 +17,7 @@ Patch0006: aspell-0.60.6.1-aarch64.patch Patch0007: aspell-0.60.6.1-gcc7-fixes.patch Patch0008: aspell-0.60.6.1-fix-back-on-empty-vector.patch Patch0009: CVE-2019-17544.patch +Patch0010: CVE-2019-25051.patch BuildRequires: chrpath gettext ncurses-devel pkgconfig perl-interpreter gcc-c++ @@ -111,6 +112,9 @@ rm -rf ${RPM_BUILD_ROOT}%{_mandir}/man1/aspell-import.1 %{_mandir}/man1/pspell-config.1* %changelog +* Thu Sep 23 2021 liwu - 12:0.60.6.1-28 +- fix CVE-2019-25051 + * Thu Jul 27 2021 houyingchao - 12:0.60.6.1-27 - fix CVE-2019-17544 -- Gitee From 48bc36d6d0ba37bbc405beaa6fb6a9c3c262154b Mon Sep 17 00:00:00 2001 From: starlet-dx <15929766099@163.com> Date: Tue, 28 Sep 2021 17:40:31 +0800 Subject: [PATCH 6/6] fix CVE-2019-20433 --- CVE-2019-20433-1.patch | 1207 ++++++++++++++++++++++++++++++++++++++++ CVE-2019-20433-2.patch | 56 ++ aspell.spec | 7 +- 3 files changed, 1269 insertions(+), 1 deletion(-) create mode 100644 CVE-2019-20433-1.patch create mode 100644 CVE-2019-20433-2.patch diff --git a/CVE-2019-20433-1.patch b/CVE-2019-20433-1.patch new file mode 100644 index 0000000..e4d4755 --- /dev/null +++ b/CVE-2019-20433-1.patch @@ -0,0 +1,1207 @@ +From de29341638833ba7717bd6b5e6850998454b044b Mon Sep 17 00:00:00 2001 +From: Kevin Atkinson +Date: Sat, 17 Aug 2019 17:06:53 -0400 +Subject: [PATCH] Don't allow null-terminated UCS-2/4 strings using the + original API. + +Detect if the encoding is UCS-2/4 and the length is -1 in affected API +functions and refuse to convert the string. If the string ends up +being converted somehow, abort with an error message in DecodeDirect +and ConvDirect. To convert a null terminated string in +Decode/ConvDirect, a negative number corresponding to the width of the +underlying character type for the encoding is expected; for example, +if the encoding is "ucs-2" then a the size is expected to be -2. + +Also fix a 1-3 byte over-read in DecodeDirect when reading UCS-2/4 +strings when a size is provided (found by OSS-Fuzz). + +Also fix a bug in DecodeDirect that caused DocumentChecker to return +the wrong offsets when working with UCS-2/4 strings. +--- + auto/MkSrc/CcHelper.pm | 99 ++++++++++++++++++++++++++++++++++--- + auto/MkSrc/Create.pm | 5 +- + auto/MkSrc/Info.pm | 5 +- + auto/MkSrc/ProcCc.pm | 24 +++++---- + auto/MkSrc/ProcImpl.pm | 57 +++++++++++++++------ + auto/MkSrc/Read.pm | 4 +- + auto/mk-src.in | 44 +++++++++++++++-- + common/convert.cpp | 39 ++++++++++++--- + common/convert.hpp | 38 +++++++++++++- + common/document_checker.cpp | 17 ++++++- + common/document_checker.hpp | 1 + + configure.ac | 8 +++ + manual/aspell.texi | 58 ++++++++++++++++------ + manual/readme.texi | 67 +++++++++++++++++++++---- + test/cxx_warnings_test.cpp | 84 +++++++++++++++++++++++++++++++ + test/wide_test_invalid.c | 69 ++++++++++++++++++++++++++ + test/wide_test_valid.c | 69 ++++++++++++++++++++++++++ + 17 files changed, 618 insertions(+), 70 deletions(-) + create mode 100644 test/cxx_warnings_test.cpp + create mode 100644 test/wide_test_invalid.c + create mode 100644 test/wide_test_valid.c + +diff --git a/auto/MkSrc/CcHelper.pm b/auto/MkSrc/CcHelper.pm +index e814a1a..9a96041 100644 +--- a/auto/MkSrc/CcHelper.pm ++++ b/auto/MkSrc/CcHelper.pm +@@ -10,8 +10,8 @@ BEGIN { + use Exporter; + our @ISA = qw(Exporter); + our @EXPORT = qw(to_c_return_type c_error_cond +- to_type_name make_desc make_func call_func +- make_c_method call_c_method form_c_method ++ to_type_name make_desc make_func call_func get_c_func_name ++ make_c_method make_wide_macro call_c_method form_c_method + make_cxx_method); + } + +@@ -90,6 +90,69 @@ sub make_func ( $ \@ $ ; \% ) { + ')')); + } + ++=item make_wide_version NAME @TYPES PARMS ; %ACCUM ++ ++Creates the wide character version of the function if needed ++ ++=cut ++ ++sub make_wide_version ( $ \@ $ ; \% ) { ++ my ($name, $d, $p, $accum) = @_; ++ my @d = @$d; ++ shift @d; ++ return '' unless grep {$_->{type} eq 'encoded string'} @d; ++ $accum->{sys_headers}{'stddef.h'} = true; ++ $accum->{suffix}[5] = <<'---'; ++ ++/******************* private implemantion details *********************/ ++ ++#ifdef __cplusplus ++# define aspell_cast_(type, expr) (static_cast(expr)) ++# define aspell_cast_from_wide_(str) (static_cast(str)) ++#else ++# define aspell_cast_(type, expr) ((type)(expr)) ++# define aspell_cast_from_wide_(str) ((const char *)(str)) ++#endif ++--- ++ my @parms = map {$_->{type} eq 'encoded string' ++ ? ($_->{name}, $_->{name}.'_size') ++ : $_->{name}} @d; ++ $name = to_lower $name; ++ $accum->{suffix}[0] = <<'---'; ++/**********************************************************************/ ++ ++#ifdef ASPELL_ENCODE_SETTING_SECURE ++--- ++ $accum->{suffix}[2] = "#endif\n"; ++ my @args = map {$_->{type} eq 'encoded string' ++ ? ($_->{name}, "$_->{name}_size", '-1') ++ : $_->{name}} @d; ++ $accum->{suffix}[1] .= ++ (join '', ++ "#define $name", ++ '(', join(', ', @parms), ')', ++ "\\\n ", ++ $name, '_wide', ++ '(', join(', ', @args), ')', ++ "\n"); ++ @args = map {$_->{type} eq 'encoded string' ++ ? ("aspell_cast_from_wide_($_->{name})", ++ "$_->{name}_size*aspell_cast_(int,sizeof(*($_->{name})))", ++ "sizeof(*($_->{name}))") ++ : $_->{name}} @d; ++ return (join '', ++ "\n", ++ "/* version of $name that is safe to use with (null terminated) wide characters */\n", ++ '#define ', ++ $name, '_w', ++ '(', join(', ', @parms), ')', ++ "\\\n ", ++ $name, '_wide', ++ '(', join(', ', @args), ')', ++ "\n"); ++} ++ ++ + =item call_func NAME @TYPES PARMS ; %ACCUM + + Return a string to call a func. Will prefix the function with return +@@ -103,7 +166,6 @@ Parms can be any of: + + sub call_func ( $ \@ $ ; \% ) { + my ($name, $d, $p, $accum) = @_; +- $accum = {} unless defined $accum; + my @d = @$d; + my $func_ret = to_type_name(shift @d, {%$p,pos=>'return'}, %$accum); + return (join '', +@@ -148,8 +210,14 @@ sub to_type_name ( $ $ ; \% ) { + my $name = $t->{name}; + my $type = $t->{type}; + +- return ( (to_type_name {%$d, type=>'string'}, $p, %$accum) , +- (to_type_name {%$d, type=>'int', name=>"$d->{name}_size"}, $p, %$accum) ) ++ if ($name eq 'encoded string' && $is_cc && $pos eq 'parm') { ++ my @types = ((to_type_name {%$d, type=>($p->{wide}?'const void pointer':'string')}, $p, %$accum), ++ (to_type_name {%$d, type=>'int', name=>"$d->{name}_size"}, $p, %$accum)); ++ push @types, (to_type_name {%$d, type=>'int', name=>"$d->{name}_type_width"}, $p, %$accum) if $p->{wide}; ++ return @types; ++ } ++ return ( (to_type_name {%$d, type=>($p->{wide}?'const void pointer':'string')}, $p, %$accum) , ++ (to_type_name {%$d, type=>'int', name=>"$d->{name}_size"}, $p, %$accum) ) + if $name eq 'encoded string' && $is_cc && $pos eq 'parm'; + + my $str; +@@ -174,7 +242,7 @@ sub to_type_name ( $ $ ; \% ) { + $str .= "String"; + } + } elsif ($name eq 'encoded string') { +- $str .= "const char *"; ++ $str .= $p->{wide} ? "const void *" : "const char *"; + } elsif ($name eq '') { + $str .= "void"; + } elsif ($name eq 'bool' && $is_cc) { +@@ -186,7 +254,7 @@ sub to_type_name ( $ $ ; \% ) { + if ($t->{pointer}) { + $accum->{types}->{$name} = $t; + } else { +- $accum->{headers}->{$t->{created_in}} = true; ++ $accum->{headers}->{$t->{created_in}} = true unless $mode eq 'cc'; + } + $str .= "$c_type Aspell" if $mode eq 'cc'; + $str .= to_mixed($name); +@@ -214,6 +282,7 @@ sub to_type_name ( $ $ ; \% ) { + return $str; + } + ++ + =item make_desc DESC ; LEVEL + + Make a C comment out of DESC optionally indenting it LEVEL spaces. +@@ -286,6 +355,7 @@ sub form_c_method ($ $ $ ; \% ) + } else { + $func = "aspell $class $name"; + } ++ $func .= " wide" if $p->{wide}; + if (exists $d->{'const'}) { + splice @data, 1, 0, {type => "const $class", name=> $this_name}; + } else { +@@ -306,6 +376,21 @@ sub make_c_method ($ $ $ ; \%) + return &make_func(@ret); + } + ++sub get_c_func_name ($ $ $) ++{ ++ my @ret = &form_c_method(@_); ++ return undef unless @ret > 0; ++ return to_lower $ret[0]; ++} ++ ++sub make_wide_macro ($ $ $ ; \%) ++{ ++ my @ret = &form_c_method(@_); ++ return undef unless @ret > 0; ++ my $str = &make_wide_version(@ret); ++ return $str; ++} ++ + sub call_c_method ($ $ $ ; \%) + { + my @ret = &form_c_method(@_); +diff --git a/auto/MkSrc/Create.pm b/auto/MkSrc/Create.pm +index e467a10..d76af15 100644 +--- a/auto/MkSrc/Create.pm ++++ b/auto/MkSrc/Create.pm +@@ -75,8 +75,10 @@ sub create_cc_file ( % ) { + $file .= "#include \"aspell.h\"\n" if $p{type} eq 'cxx'; + $file .= "#include \"settings.h\"\n" if $p{type} eq 'native_impl' && $p{name} eq 'errors'; + $file .= "#include \"gettext.h\"\n" if $p{type} eq 'native_impl' && $p{name} eq 'errors'; ++ $file .= cmap {"#include <$_>\n"} sort keys %{$accum{sys_headers}}; + $file .= cmap {"#include \"".to_lower($_).".hpp\"\n"} sort keys %{$accum{headers}}; +- $file .= "#ifdef __cplusplus\nextern \"C\" {\n#endif\n" if $p{header} && !$p{cxx}; ++ $file .= "\n#ifdef __cplusplus\nextern \"C\" {\n#endif\n" if $p{header} && !$p{cxx}; ++ $file .= join('', grep {defined $_} @{$accum{prefix}}); + $file .= "\nnamespace $p{namespace} {\n\n" if $p{cxx}; + if (defined $info{forward}{proc}{$p{type}}) { + my @types = sort {$a->{name} cmp $b->{name}} (values %{$accum{types}}); +@@ -84,6 +86,7 @@ sub create_cc_file ( % ) { + } + $file .= "\n"; + $file .= $body; ++ $file .= join('', grep {defined $_} @{$accum{suffix}}); + $file .= "\n\n}\n\n" if $p{cxx}; + $file .= "#ifdef __cplusplus\n}\n#endif\n" if $p{header} && !$p{cxx}; + $file .= "#endif /* $hm */\n" if $p{header}; +diff --git a/auto/MkSrc/Info.pm b/auto/MkSrc/Info.pm +index 5d30ec5..a131b2e 100644 +--- a/auto/MkSrc/Info.pm ++++ b/auto/MkSrc/Info.pm +@@ -60,6 +60,7 @@ each proc sub should take the following argv + the object from which it is a member of + no native: do not attemt to create a native implementation + treat as object: treat as a object rather than a pointer ++ no conv: do not converted an encoded string + + The %info structure is initialized as follows: + +@@ -104,8 +105,8 @@ The %info structure is initialized as follows: + errors => {}, # possible errors + method => { + # A class method +- options => ['desc', 'posib err', 'c func', 'const', +- 'c only', 'c impl', 'cxx impl'], ++ options => ['desc', 'posib err', 'c func', 'const', 'no conv', 'on conv error', ++ 'c only', 'c impl', 'cxx impl', 'cc extra'], + groups => undef}, + constructor => { + # A class constructor +diff --git a/auto/MkSrc/ProcCc.pm b/auto/MkSrc/ProcCc.pm +index 47c4338..98cc435 100644 +--- a/auto/MkSrc/ProcCc.pm ++++ b/auto/MkSrc/ProcCc.pm +@@ -23,7 +23,7 @@ use MkSrc::Info; + sub make_c_object ( $ @ ); + + $info{group}{proc}{cc} = sub { +- my ($data) = @_; ++ my ($data,@rest) = @_; + my $ret; + my $stars = (70 - length $data->{name})/2; + $ret .= "/"; +@@ -33,14 +33,14 @@ $info{group}{proc}{cc} = sub { + $ret .= "/\n"; + foreach my $d (@{$data->{data}}) { + $ret .= "\n\n"; +- $ret .= $info{$d->{type}}{proc}{cc}->($d); ++ $ret .= $info{$d->{type}}{proc}{cc}->($d,@rest); + } + $ret .= "\n\n"; + return $ret; + }; + + $info{enum}{proc}{cc} = sub { +- my ($d) = @_; ++ my ($d,@rest) = @_; + my $n = "Aspell".to_mixed($d->{name}); + return ("\n". + make_desc($d->{desc}). +@@ -58,21 +58,26 @@ $info{struct}{proc}{cc} = sub { + }; + + $info{union}{proc}{cc} = sub { +- return make_c_object "union", $_[0]; ++ return make_c_object "union", @_; + }; + + $info{class}{proc}{cc} = sub { +- my ($d) = @_; ++ my ($d,$accum) = @_; + my $class = $d->{name}; + my $classname = "Aspell".to_mixed($class); + my $ret = ""; + $ret .= "typedef struct $classname $classname;\n\n"; + foreach (@{$d->{data}}) { +- my $s = make_c_method($class, $_, {mode=>'cc'}); ++ my $s = make_c_method($class, $_, {mode=>'cc'}, %$accum); + next unless defined $s; + $ret .= "\n"; + $ret .= make_desc($_->{desc}); +- $ret .= make_c_method($class, $_, {mode=>'cc'}).";\n"; ++ $ret .= make_c_method($class, $_, {mode=>'cc'}, %$accum).";\n"; ++ if (grep {$_->{type} eq 'encoded string'} @{$_->{data}}) { ++ $ret .= make_c_method($class, $_, {mode=>'cc', wide=>true}, %$accum).";\n"; ++ $ret .= make_wide_macro($class, $_, {mode=>'cc'}, %$accum); ++ } ++ $ret .= "\n".$_->{'cc extra'}."\n" if defined $_->{'cc extra'}; + } + $ret .= "\n"; + return $ret; +@@ -105,7 +110,8 @@ $info{errors}{proc}{cc} = sub { + }; + + sub make_c_object ( $ @ ) { +- my ($t, $d) = @_; ++ my ($t, $d, $accum) = @_; ++ $accum = {} unless defined $accum; + my $struct; + $struct .= "Aspell"; + $struct .= to_mixed($d->{name}); +@@ -120,7 +126,7 @@ sub make_c_object ( $ @ ) { + "\n};\n"), + "typedef $t $struct $struct;", + join ("\n", +- map {make_c_method($d->{name}, $_, {mode=>'cc'}).";"} ++ map {make_c_method($d->{name}, $_, {mode=>'cc'}, %$accum).";"} + grep {$_->{type} eq 'method'} + @{$d->{data}}) + )."\n"; +diff --git a/auto/MkSrc/ProcImpl.pm b/auto/MkSrc/ProcImpl.pm +index b8628fd..3d0f220 100644 +--- a/auto/MkSrc/ProcImpl.pm ++++ b/auto/MkSrc/ProcImpl.pm +@@ -45,10 +45,13 @@ $info{class}{proc}{impl} = sub { + foreach (grep {$_ ne ''} split /\s*,\s*/, $data->{'c impl headers'}) { + $accum->{headers}{$_} = true; + } +- foreach my $d (@{$data->{data}}) { ++ my @d = @{$data->{data}}; ++ while (@d) { ++ my $d = shift @d; ++ my $need_wide = false; + next unless one_of $d->{type}, qw(method constructor destructor); + my @parms = @{$d->{data}} if exists $d->{data}; +- my $m = make_c_method $data->{name}, $d, {mode=>'cc_cxx', use_name=>true}, %$accum; ++ my $m = make_c_method $data->{name}, $d, {mode=>'cc_cxx', use_name=>true, wide=>$d->{wide}}, %$accum; + next unless defined $m; + $ret .= "extern \"C\" $m\n"; + $ret .= "{\n"; +@@ -57,24 +60,49 @@ $info{class}{proc}{impl} = sub { + } else { + if ($d->{type} eq 'method') { + my $ret_type = shift @parms; +- my $ret_native = to_type_name $ret_type, {mode=>'native_no_err', pos=>'return'}, %$accum; ++ my $ret_native = to_type_name $ret_type, {mode=>'native_no_err', pos=>'return', wide=>$d->{wide}}, %$accum; + my $snum = 0; ++ my $call_fun = $d->{name}; ++ my @call_parms; + foreach (@parms) { + my $n = to_lower($_->{name}); +- if ($_->{type} eq 'encoded string') { +- $accum->{headers}{'mutable string'} = true; +- $accum->{headers}{'convert'} = true; +- $ret .= " ths->temp_str_$snum.clear();\n"; +- $ret .= " ths->to_internal_->convert($n, ${n}_size, ths->temp_str_$snum);\n"; +- $ret .= " unsigned int s$snum = ths->temp_str_$snum.size();\n"; +- $_ = "MutableString(ths->temp_str_$snum.mstr(), s$snum)"; +- $snum++; ++ if ($_->{type} eq 'encoded string' && !exists($d->{'no conv'})) { ++ $need_wide = true unless $d->{wide}; ++ die unless exists $d->{'posib err'}; ++ $accum->{headers}{'mutable string'} = true; ++ $accum->{headers}{'convert'} = true; ++ my $name = get_c_func_name $data->{name}, $d, {mode=>'cc_cxx', use_name=>true, wide=>$d->{wide}}; ++ $ret .= " ths->temp_str_$snum.clear();\n"; ++ if ($d->{wide}) { ++ $ret .= " ${n}_size = get_correct_size(\"$name\", ths->to_internal_->in_type_width(), ${n}_size, ${n}_type_width);\n"; ++ } else { ++ $ret .= " PosibErr ${n}_fixed_size = get_correct_size(\"$name\", ths->to_internal_->in_type_width(), ${n}_size);\n"; ++ if (exists($d->{'on conv error'})) { ++ $ret .= " if (${n}_fixed_size.get_err()) {\n"; ++ $ret .= " ".$d->{'on conv error'}."\n"; ++ $ret .= " } else {\n"; ++ $ret .= " ${n}_size = ${n}_fixed_size;\n"; ++ $ret .= " }\n"; ++ } else { ++ $ret .= " ths->err_.reset(${n}_fixed_size.release_err());\n"; ++ $ret .= " if (ths->err_ != 0) return ".(c_error_cond $ret_type).";\n"; ++ } ++ } ++ $ret .= " ths->to_internal_->convert($n, ${n}_size, ths->temp_str_$snum);\n"; ++ $ret .= " unsigned int s$snum = ths->temp_str_$snum.size();\n"; ++ push @call_parms, "MutableString(ths->temp_str_$snum.mstr(), s$snum)"; ++ $snum++; ++ } elsif ($_->{type} eq 'encoded string') { ++ $need_wide = true unless $d->{wide}; ++ push @call_parms, $n, "${n}_size"; ++ push @call_parms, "${n}_type_width" if $d->{wide}; ++ $call_fun .= " wide" if $d->{wide}; + } else { +- $_ = $n; ++ push @call_parms, $n; + } + } +- my $parms = '('.(join ', ', @parms).')'; +- my $exp = "ths->".to_lower($d->{name})."$parms"; ++ my $parms = '('.(join ', ', @call_parms).')'; ++ my $exp = "ths->".to_lower($call_fun)."$parms"; + if (exists $d->{'posib err'}) { + $accum->{headers}{'posib err'} = true; + $ret .= " PosibErr<$ret_native> ret = $exp;\n"; +@@ -118,6 +146,7 @@ $info{class}{proc}{impl} = sub { + } + } + $ret .= "}\n\n"; ++ unshift @d,{%$d, wide=>true} if $need_wide; + } + return $ret; + }; +diff --git a/auto/MkSrc/Read.pm b/auto/MkSrc/Read.pm +index 4b3d1d0..4bf640e 100644 +--- a/auto/MkSrc/Read.pm ++++ b/auto/MkSrc/Read.pm +@@ -88,13 +88,13 @@ sub advance ( ) { + $in_pod = $1 if $line =~ /^\=(\w+)/; + $line = '' if $in_pod; + $in_pod = undef if $in_pod && $in_pod eq 'cut'; +- $line =~ s/\#.*$//; ++ $line =~ s/(? "%expression" is not a valid regular expression. + parms => expression ++ + } + group: speller + { +@@ -641,6 +642,7 @@ class: speller + posib err + desc => Returns 0 if it is not in the dictionary, + 1 if it is, or -1 on error. ++ on conv error => return 0; + / + bool + encoded string: word +@@ -706,6 +708,8 @@ class: speller + desc => Return NULL on error. + The word list returned by suggest is only + valid until the next call to suggest. ++ on conv error => ++ word = NULL; word_size = 0; + / + const word list + encoded string: word +@@ -831,7 +835,6 @@ class: document checker + void + + method: process +- + desc => Process a string. + The string passed in should only be split on + white space characters. Furthermore, between +@@ -840,10 +843,10 @@ class: document checker + in the document. Passing in strings out of + order, skipping strings or passing them in + more than once may lead to undefined results. ++ no conv + / + void +- string: str +- int: size ++ encoded string: str + + method: next misspelling + +@@ -851,9 +854,23 @@ class: document checker + processed string. If there are no more + misspelled words, then token.word will be + NULL and token.size will be 0 ++ cc extra => ++ \#define aspell_document_checker_next_misspelling_w(type, ths) \\ ++ aspell_document_checker_next_misspelling_adj(ths, sizeof(type)) + / + token object + ++ method: next misspelling adj ++ desc => internal: do not use ++ c impl => ++ Token res = ths->next_misspelling(); ++ res.offset /= type_width; ++ res.len /= type_width; ++ return res; ++ / ++ token object ++ int: type_width ++ + method: filter + + desc => Returns the underlying filter class. +@@ -913,9 +930,30 @@ class: string enumeration + ths->from_internal_->append_null(ths->temp_str); + return ths->temp_str.data(); + \} ++ cc extra => ++ \#define aspell_string_enumeration_next_w(type, ths) \\ ++ aspell_cast_(const type *, aspell_string_enumeration_next_wide(ths, sizeof(type))) + / + const string + ++ method: next wide ++ c impl => ++ const char * s = ths->next(); ++ if (s == 0) { ++ return s; ++ } else if (ths->from_internal_ == 0) \{ ++ assert(type_width == 1); ++ return s; ++ \} else \{ ++ assert(type_width == ths->from_internal_->out_type_width()); ++ ths->temp_str.clear(); ++ ths->from_internal_->convert(s,-1,ths->temp_str); ++ ths->from_internal_->append_null(ths->temp_str); ++ return ths->temp_str.data(); ++ \} ++ / ++ const void pointer ++ int: type_width + } + group: info + { +diff --git a/common/convert.cpp b/common/convert.cpp +index 7fd3895..77804c0 100644 +--- a/common/convert.cpp ++++ b/common/convert.cpp +@@ -511,18 +511,25 @@ namespace acommon { + // Trivial Conversion + // + ++ const char * unsupported_null_term_wide_string_msg = ++ "Null-terminated wide-character strings unsupported when used this way."; ++ + template + struct DecodeDirect : public Decode + { ++ DecodeDirect() {type_width = sizeof(Chr);} + void decode(const char * in0, int size, FilterCharVector & out) const { + const Chr * in = reinterpret_cast(in0); +- if (size == -1) { ++ if (size == -sizeof(Chr)) { + for (;*in; ++in) +- out.append(*in); ++ out.append(*in, sizeof(Chr)); ++ } else if (size <= -1) { ++ fprintf(stderr, "%s\n", unsupported_null_term_wide_string_msg); ++ abort(); + } else { +- const Chr * stop = reinterpret_cast(in0 +size); ++ const Chr * stop = reinterpret_cast(in0) + size/sizeof(Chr); + for (;in != stop; ++in) +- out.append(*in); ++ out.append(*in, sizeof(Chr)); + } + } + PosibErr decode_ec(const char * in0, int size, +@@ -535,6 +542,7 @@ namespace acommon { + template + struct EncodeDirect : public Encode + { ++ EncodeDirect() {type_width = sizeof(Chr);} + void encode(const FilterChar * in, const FilterChar * stop, + CharVector & out) const { + for (; in != stop; ++in) { +@@ -564,11 +572,15 @@ namespace acommon { + template + struct ConvDirect : public DirectConv + { ++ ConvDirect() {type_width = sizeof(Chr);} + void convert(const char * in0, int size, CharVector & out) const { +- if (size == -1) { ++ if (size == -sizeof(Chr)) { + const Chr * in = reinterpret_cast(in0); + for (;*in != 0; ++in) + out.append(in, sizeof(Chr)); ++ } else if (size <= -1) { ++ fprintf(stderr, "%s\n", unsupported_null_term_wide_string_msg); ++ abort(); + } else { + out.append(in0, size); + } +@@ -1092,5 +1104,20 @@ namespace acommon { + } + return 0; + } +- ++ ++ PosibErr unsupported_null_term_wide_string_err_(const char * func) { ++ static bool reported_to_stderr = false; ++ PosibErr err = make_err(other_error, unsupported_null_term_wide_string_msg); ++ if (!reported_to_stderr) { ++ CERR.printf("ERROR: %s: %s\n", func, unsupported_null_term_wide_string_msg); ++ reported_to_stderr = true; ++ } ++ return err; ++ } ++ ++ void unsupported_null_term_wide_string_abort_(const char * func) { ++ CERR.printf("%s: %s\n", unsupported_null_term_wide_string_msg); ++ abort(); ++ } ++ + } +diff --git a/common/convert.hpp b/common/convert.hpp +index 76332ee..c948973 100644 +--- a/common/convert.hpp ++++ b/common/convert.hpp +@@ -7,6 +7,8 @@ + #ifndef ASPELL_CONVERT__HPP + #define ASPELL_CONVERT__HPP + ++#include "settings.h" ++ + #include "string.hpp" + #include "posib_err.hpp" + #include "char_vector.hpp" +@@ -25,8 +27,9 @@ namespace acommon { + typedef const Config CacheConfig; + typedef const char * CacheKey; + String key; ++ int type_width; // type width in bytes + bool cache_key_eq(const char * l) const {return key == l;} +- ConvBase() {} ++ ConvBase() : type_width(1) {} + private: + ConvBase(const ConvBase &); + void operator=(const ConvBase &); +@@ -56,6 +59,8 @@ namespace acommon { + virtual ~Encode() {} + }; + struct DirectConv { // convert directly from in_code to out_code. ++ int type_width; // type width in bytes ++ DirectConv() : type_width(1) {} + // should not take ownership of decode and encode. + // decode and encode guaranteed to stick around for the life + // of the object. +@@ -126,6 +131,9 @@ namespace acommon { + const char * in_code() const {return decode_->key.c_str();} + const char * out_code() const {return encode_->key.c_str();} + ++ int in_type_width() const {return decode_->type_width;} ++ int out_type_width() const {return encode_->type_width;} ++ + void append_null(CharVector & out) const + { + const char nul[4] = {0,0,0,0}; // 4 should be enough +@@ -191,6 +199,10 @@ namespace acommon { + } + } + ++ void convert(const void * in, int size, CharVector & out) { ++ convert(static_cast(in), size, out); ++ } ++ + void generic_convert(const char * in, int size, CharVector & out); + + }; +@@ -412,6 +424,30 @@ namespace acommon { + return operator()(str, str + byte_size);} + }; + ++#ifdef SLOPPY_NULL_TERM_STRINGS ++ static const bool sloppy_null_term_strings = true; ++#else ++ static const bool sloppy_null_term_strings = false; ++#endif ++ ++ PosibErr unsupported_null_term_wide_string_err_(const char * func); ++ void unsupported_null_term_wide_string_abort_(const char * func); ++ ++ static inline PosibErr get_correct_size(const char * func, int conv_type_width, int size) { ++ if (sloppy_null_term_strings && size <= -1) ++ return -conv_type_width; ++ if (size <= -1 && -conv_type_width != size) ++ return unsupported_null_term_wide_string_err_(func); ++ return size; ++ } ++ static inline int get_correct_size(const char * func, int conv_type_width, int size, int type_width) { ++ if ((sloppy_null_term_strings || type_width <= -1) && size <= -1) ++ return -conv_type_width; ++ if (size <= -1 && conv_type_width != type_width) ++ unsupported_null_term_wide_string_abort_(func); ++ return size; ++ } ++ + } + + #endif +diff --git a/common/document_checker.cpp b/common/document_checker.cpp +index 5e510c4..0ccf1cd 100644 +--- a/common/document_checker.cpp ++++ b/common/document_checker.cpp +@@ -44,7 +44,9 @@ namespace acommon { + void DocumentChecker::process(const char * str, int size) + { + proc_str_.clear(); +- conv_->decode(str, size, proc_str_); ++ PosibErr fixed_size = get_correct_size("aspell_document_checker_process", conv_->in_type_width(), size); ++ if (!fixed_size.has_err()) ++ conv_->decode(str, fixed_size, proc_str_); + proc_str_.append(0); + FilterChar * begin = proc_str_.pbegin(); + FilterChar * end = proc_str_.pend() - 1; +@@ -53,6 +55,19 @@ namespace acommon { + tokenizer_->reset(begin, end); + } + ++ void DocumentChecker::process_wide(const void * str, int size, int type_width) ++ { ++ proc_str_.clear(); ++ int fixed_size = get_correct_size("aspell_document_checker_process", conv_->in_type_width(), size, type_width); ++ conv_->decode(static_cast(str), fixed_size, proc_str_); ++ proc_str_.append(0); ++ FilterChar * begin = proc_str_.pbegin(); ++ FilterChar * end = proc_str_.pend() - 1; ++ if (filter_) ++ filter_->process(begin, end); ++ tokenizer_->reset(begin, end); ++ } ++ + Token DocumentChecker::next_misspelling() + { + bool correct; +diff --git a/common/document_checker.hpp b/common/document_checker.hpp +index d35bb88..11a3c73 100644 +--- a/common/document_checker.hpp ++++ b/common/document_checker.hpp +@@ -36,6 +36,7 @@ namespace acommon { + PosibErr setup(Tokenizer *, Speller *, Filter *); + void reset(); + void process(const char * str, int size); ++ void process_wide(const void * str, int size, int type_width); + Token next_misspelling(); + + Filter * filter() {return filter_;} +diff --git a/configure.ac b/configure.ac +index ed26945..51a31cb 100644 +--- a/configure.ac ++++ b/configure.ac +@@ -70,6 +70,9 @@ AC_ARG_ENABLE(compile-in-filters, + AC_ARG_ENABLE(filter-version-control, + [ --disable-filter-version-control]) + ++AC_ARG_ENABLE(sloppy-null-term-strings, ++ AS_HELP_STRING([--enable-sloppy-null-term-strings],[allows allow null terminated UCS-2 and UCS-4 strings])) ++ + AC_ARG_ENABLE(pspell-compatibility, + AS_HELP_STRING([--disable-pspell-compatibility],[don't install pspell compatibility libraries])) + +@@ -133,6 +136,11 @@ fi + AM_CONDITIONAL(COMPILE_IN_FILTERS, + [test "$enable_compile_in_filters" = "yes"]) + ++if test "$enable_sloppy_null_term_strings" = "yes" ++then ++ AC_DEFINE(SLOPPY_NULL_TERM_STRINGS, 1, [Defined if null-terminated UCS-2 and UCS-4 strings should always be allowed.]) ++fi ++ + AM_CONDITIONAL(PSPELL_COMPATIBILITY, + [test "$enable_pspell_compatibility" != "no"]) + AM_CONDITIONAL(INCREMENTED_SONAME, +diff --git a/manual/aspell.texi b/manual/aspell.texi +index 080f894..f331fb0 100644 +--- a/manual/aspell.texi ++++ b/manual/aspell.texi +@@ -158,7 +158,8 @@ Installing + + * Generic Install Instructions:: + * HTML Manuals and "make clean":: +-* Curses Notes:: ++* Curses Notes:: ++* Upgrading from Aspell 0.60.7:: + * Loadable Filter Notes:: + * Upgrading from Aspell 0.50:: + * Upgrading from Aspell .33/Pspell .12:: +@@ -2196,18 +2197,26 @@ int correct = aspell_speller_check(spell_checker, @var{word}, @var{size}); + @end smallexample + + @noindent +-@var{word} is expected to be a @code{const char *} character +-string. If the encoding is set to be @code{ucs-2} or +-@code{ucs-4} @var{word} is expected to be a cast +-from either @code{const u16int *} or @code{const u32int *} +-respectively. @code{u16int} and @code{u32int} are generally +-@code{unsigned short} and @code{unsigned int} respectively. +-@var{size} is the length of the string or @code{-1} if the string +-is null terminated. If the string is a cast from @code{const u16int +-*} or @code{const u32int *} then @code{@i{size}} is the amount of +-space in bytes the string takes up after being cast to @code{const +-char *} and not the true size of the string. @code{sspell_speller_check} +-will return @code{0} if it is not found and non-zero otherwise. ++@var{word} is expected to be a @code{const char *} character string. ++@var{size} is the length of the string or @code{-1} if the string is ++null terminated. @code{aspell_speller_check} will return @code{0} if it is not found ++and non-zero otherwise. ++ ++If you are using the @code{ucs-2} or @code{ucs-4} encoding then the ++string is expected to be either a 2 or 4 byte wide integer ++(respectively) and the @code{_w} macro vesion should be used: ++ ++@smallexample ++int correct = aspell_speller_check_w(spell_checker, @var{word}, @var{size}); ++@end smallexample ++ ++The macro will cast the string to to the correct type and convert ++@var{size} into bytes for you and then a call the special wide version of the ++function that will make sure the encoding is correct for the type ++passed in. For compatibility with older versions of Aspell the normal ++non-wide functions can still be used provided that the size of the ++string, in bytes, is also passed in. Null terminated @code{ucs-2} or ++@code{ucs-4} are no longer supported when using the non-wide functions. + + If the word is not correct, then the @code{suggest} method can be used + to come up with likely replacements. +@@ -2226,7 +2235,28 @@ delete_aspell_string_enumeration(elements); + + Notice how @code{elements} is deleted but @code{suggestions} is not. + The value returned by @code{suggestions} is only valid to the next +-call to @code{suggest}. Once a replacement is made the ++call to @code{suggest}. ++ ++If you are using the @code{ucs-2} or @code{ucs-4} encoding then, in ++addition to using the @code{_w} macro for the @code{suggest} method, you ++should also use the @code{_w} macro with the @code{next} method which ++will cast the string to the correct type for you. For example, if you ++are using the @code{ucs-2} encoding and the string is a @code{const ++uint16_t *} then you should use: ++ ++@smallexample ++AspellWordList * suggestions = aspell_speller_suggest_w(spell_checker, ++ @var{word}, @var{size}); ++AspellStringEnumeration * elements = aspell_word_list_elements(suggestions); ++const uint16_t * word; ++while ( (word = aspell_string_enumeration_next_w(uint16_t, aspell_elements)) != NULL ) ++@{ ++ // add to suggestion list ++@} ++delete_aspell_string_enumeration(elements); ++@end smallexample ++ ++Once a replacement is made the + @code{store_repl} method should be used to communicate the replacement + pair back to the spell checker (for the reason, @pxref{Notes on + Storing Replacement Pairs}). Its usage is as follows: +diff --git a/manual/readme.texi b/manual/readme.texi +index 4bfb2e2..ae680da 100644 +--- a/manual/readme.texi ++++ b/manual/readme.texi +@@ -15,14 +15,16 @@ The latest version can always be found at GNU Aspell's home page at + @uref{http://aspell.net}. + + @menu +-* Generic Install Instructions:: +-* HTML Manuals and "make clean":: +-* Curses Notes:: +-* Loadable Filter Notes:: +-* Upgrading from Aspell 0.50:: +-* Upgrading from Aspell .33/Pspell .12:: +-* Upgrading from a Pre-0.50 snapshot:: +-* WIN32 Notes:: ++* Generic Install Instructions:: ++* HTML Manuals and "make clean":: ++* Curses Notes:: ++* Upgrading from Aspell 0.60.7:: ++* Loadable Filter Notes:: ++* Using 32-Bit Dictionaries on a 64-Bit System:: ++* Upgrading from Aspell 0.50:: ++* Upgrading from Aspell .33/Pspell .12:: ++* Upgrading from a Pre-0.50 snapshot:: ++* WIN32 Notes:: + @end menu + + @node Generic Install Instructions +@@ -120,6 +122,52 @@ In addition your system must also support the @code{mblen} function. + Although this function was defined in the ISO C89 standard (ANSI + X3.159-1989), not all systems have it. + ++@node Upgrading from Aspell 0.60.7 ++@appendixsec Upgrading from Aspell 0.60.7 ++ ++To prevent a potentially unbounded buffer over-read, Aspell no longer ++supports null-terminated UCS-2 and UCS-4 encoded strings with the ++original C API. Null-termianted 8-bit or UTF-8 encoded strings are ++still supported, as are UCS-2 and UCS-4 encoded strings when the ++length is passed in. ++ ++As of Aspell 0.60.8 a function from the original API that expects an ++encoded string as a parameter will return meaningless results (or an ++error code) if string is null terminated and the encoding is set to ++@code{ucs-2} or @code{ucs-4}. In addition, a single: ++@example ++ERROR: aspell_speller_check: Null-terminated wide-character strings unsupported when used this way. ++@end example ++will be printed to standard error the first time one of those ++functions is called. ++ ++Application that use null-terminated UCS-2/4 strings should either (1) ++use the interface intended for working with wide-characters ++(@xref{Through the C API}); or (2) define ++@code{ASPELL_ENCODE_SETTING_SECURE} before including @code{aspell.h}. ++In the latter case is is important that the application explicitly ++sets the encoding to a known value. Defining ++@code{ASPELL_ENCODE_SETTING_SECURE} and not setting the encoding ++explicitly or allowing user of the application to set the encoding ++could result in an unbounded buffer over-read. ++ ++If it is necessary to preserve binary compatibility with older ++versions of Aspell, the easiest thing would be to determine the length ++of the UCS-2/4 string---in bytes---and pass that in. Due to an ++implemenation detail, existing API functions can be made to work with ++null-terminated UCS-2/4 strings safely by passing in either @code{-2} ++or @code{-4} (corresponding to the width of the character type) as the ++size. Doing so, however, will cause a buffer over-read for unpatched ++version of Aspell. To avoid this it will be necessary to parse the ++version string to determine the correct value to use. However, no ++official support will be provided for the latter method. ++ ++If the application can not be recompiled, then Aspell can be configured ++to preserve the old behavior by passing ++@option{--enable-sloppy-null-term-strings} to @command{configure}. When Aspell ++is compiled this way the version string will include the string ++@samp{ SLOPPY}. ++ + @node Loadable Filter Notes + @appendixsec Loadable Filter Notes + +@@ -129,8 +177,7 @@ errors when trying to use a filter, then it is likely that loadable + filter support is not working yet on your platform. Thus, in order to + get Aspell to work correctly you will need to avoid compiling the + filters as individual modules by using the +-@option{--enable-compile-in-filters} when configuring Aspell with +-@command{./configure}. ++@option{--enable-compile-in-filters} @command{configure} option. + + @node Upgrading from Aspell 0.50 + @appendixsec Upgrading from Aspell 0.50 +diff --git a/test/cxx_warnings_test.cpp b/test/cxx_warnings_test.cpp +new file mode 100644 +index 0000000..923bfc8 +--- /dev/null ++++ b/test/cxx_warnings_test.cpp +@@ -0,0 +1,84 @@ ++ #include ++#include ++#include ++#include ++ ++#include ++ ++const uint16_t test_word[] = {'c','a','f', 0x00E9, 0}; ++const uint16_t test_incorrect[] = {'c','a','f', 'e', 0}; ++const uint16_t test_doc[] = {'T', 'h', 'e', ' ', 'c','a','f', 0x00E9, '.', 0}; ++ ++int fail = 0; ++ ++void f1() { ++ AspellConfig * spell_config = new_aspell_config(); ++ aspell_config_replace(spell_config, "master", "en_US-w_accents"); ++ aspell_config_replace(spell_config, "encoding", "ucs-2"); ++ AspellCanHaveError * possible_err = new_aspell_speller(spell_config); ++ AspellSpeller * spell_checker = 0; ++ if (aspell_error_number(possible_err) != 0) { ++ fprintf(stderr, "%s", aspell_error_message(possible_err)); ++ exit(0); ++ } else { ++ spell_checker = to_aspell_speller(possible_err); ++ } ++ int correct = aspell_speller_check_w(spell_checker, test_word, -1); ++ if (!correct) { ++ fprintf(stderr, "%s", "fail: expected word to be correct\n"); ++ fail = 1; ++ } ++ correct = aspell_speller_check_w(spell_checker, test_incorrect, -1); ++ if (correct) { ++ fprintf(stderr, "%s", "fail: expected word to be incorrect\n"); ++ fail = 1; ++ } ++ const AspellWordList * suggestions = aspell_speller_suggest_w(spell_checker, test_incorrect, -1); ++ AspellStringEnumeration * elements = aspell_word_list_elements(suggestions); ++ const uint16_t * word = aspell_string_enumeration_next_w(uint16_t, elements); ++ if (memcmp(word, test_word, sizeof(test_incorrect)) != 0) { ++ fprintf(stderr, "%s", "fail: first suggesion is not what is expected\n"); ++ fail = 1; ++ delete_aspell_string_enumeration(elements); ++ } ++ if (fail) ++ printf("not ok\n"); ++ else ++ printf("ok\n"); ++} ++ ++void f2() { ++ AspellConfig * spell_config = new_aspell_config(); ++ aspell_config_replace(spell_config, "master", "en_US-w_accents"); ++ aspell_config_replace(spell_config, "encoding", "ucs-2"); ++ AspellCanHaveError * possible_err = new_aspell_speller(spell_config); ++ AspellSpeller * spell_checker = 0; ++ if (aspell_error_number(possible_err) != 0) { ++ fprintf(stderr, "%s", aspell_error_message(possible_err)); ++ exit(0); ++ } else { ++ spell_checker = to_aspell_speller(possible_err); ++ } ++ int correct = aspell_speller_check_w(spell_checker, test_word, -1); ++ if (!correct) { ++ fprintf(stderr, "%s", "fail: expected word to be correct\n"); ++ fail = 1; ++ } ++ correct = aspell_speller_check_w(spell_checker, test_incorrect, -1); ++ if (correct) { ++ fprintf(stderr, "%s", "fail: expected word to be incorrect\n"); ++ fail = 1; ++ } ++ const AspellWordList * suggestions = aspell_speller_suggest_w(spell_checker, test_incorrect, -1); ++ AspellStringEnumeration * elements = aspell_word_list_elements(suggestions); ++ const uint16_t * word = aspell_string_enumeration_next_w(uint16_t, elements); ++ if (memcmp(word, test_word, sizeof(test_incorrect)) != 0) { ++ fprintf(stderr, "%s", "fail: first suggesion is not what is expected\n"); ++ fail = 1; ++ delete_aspell_string_enumeration(elements); ++ } ++ if (fail) ++ printf("not ok\n"); ++ else ++ printf("ok\n"); ++} +diff --git a/test/wide_test_invalid.c b/test/wide_test_invalid.c +new file mode 100644 +index 0000000..d5e2ed7 +--- /dev/null ++++ b/test/wide_test_invalid.c +@@ -0,0 +1,69 @@ ++#include ++#include ++#include ++#include ++ ++#include ++ ++const uint16_t test_word[] = {'c','a','f', 0x00E9, 0}; ++const uint16_t test_incorrect[] = {'c','a','f', 'e', 0}; ++const uint16_t test_doc[] = {'T', 'h', 'e', ' ', 'c','a','f', 'e', '.', 0}; ++ ++int fail = 0; ++ ++int main() { ++ AspellConfig * spell_config = new_aspell_config(); ++ aspell_config_replace(spell_config, "master", "en_US-w_accents"); ++ aspell_config_replace(spell_config, "encoding", "ucs-2"); ++ AspellCanHaveError * possible_err = new_aspell_speller(spell_config); ++ AspellSpeller * spell_checker = 0; ++ if (aspell_error_number(possible_err) != 0) { ++ fprintf(stderr, "%s", aspell_error_message(possible_err)); ++ return 2; ++ } else { ++ spell_checker = to_aspell_speller(possible_err); ++ } ++ int correct = aspell_speller_check(spell_checker, (const char *)test_word, -1); ++ if (!correct) { ++ fprintf(stderr, "%s", "fail: expected word to be correct\n"); ++ fail = 1; ++ } ++ correct = aspell_speller_check(spell_checker, (const char *)test_incorrect, -1); ++ if (correct) { ++ fprintf(stderr, "%s", "fail: expected word to be incorrect\n"); ++ fail = 1; ++ } ++ const AspellWordList * suggestions = aspell_speller_suggest(spell_checker, (const char *)test_incorrect, -1); ++ AspellStringEnumeration * elements = aspell_word_list_elements(suggestions); ++ const char * word = aspell_string_enumeration_next(elements); ++ if (memcmp(word, test_word, sizeof(test_incorrect)) != 0) { ++ fprintf(stderr, "%s", "fail: first suggesion is not what is expected\n"); ++ fail = 1; ++ } ++ delete_aspell_string_enumeration(elements); ++ ++ possible_err = new_aspell_document_checker(spell_checker); ++ if (aspell_error(possible_err) != 0) { ++ fprintf(stderr, "Error: %s\n",aspell_error_message(possible_err)); ++ return 2; ++ } ++ AspellDocumentChecker * checker = to_aspell_document_checker(possible_err); ++ aspell_document_checker_process(checker, (const char *)test_doc, -1); ++ ++ AspellToken token = aspell_document_checker_next_misspelling(checker); ++ if (sizeof(test_incorrect) - sizeof(uint16_t) != token.len) { ++ fprintf(stderr, "fail: size of first misspelling (%d) is not what is expected (%lu)\n", ++ token.len, sizeof(test_incorrect) - sizeof(uint16_t)); ++ fail = 1; ++ } else if (memcmp(test_incorrect, (const char *)test_doc + token.offset, token.len) != 0) { ++ fprintf(stderr, "%s", "fail: first misspelling is not what is expected\n"); ++ fail = 1; ++ } ++ if (fail) { ++ printf("not ok\n"); ++ return 1; ++ } else { ++ printf("ok\n"); ++ return 0; ++ } ++} +diff --git a/test/wide_test_valid.c b/test/wide_test_valid.c +new file mode 100644 +index 0000000..bc3006d +--- /dev/null ++++ b/test/wide_test_valid.c +@@ -0,0 +1,69 @@ ++#include ++#include ++#include ++#include ++ ++#include ++ ++const uint16_t test_word[] = {'c','a','f', 0x00E9, 0}; ++const uint16_t test_incorrect[] = {'c','a','f', 'e', 0}; ++const uint16_t test_doc[] = {'T', 'h', 'e', ' ', 'c','a','f', 'e', '.', 0}; ++ ++int fail = 0; ++ ++int main() { ++ AspellConfig * spell_config = new_aspell_config(); ++ aspell_config_replace(spell_config, "master", "en_US-w_accents"); ++ aspell_config_replace(spell_config, "encoding", "ucs-2"); ++ AspellCanHaveError * possible_err = new_aspell_speller(spell_config); ++ AspellSpeller * spell_checker = 0; ++ if (aspell_error_number(possible_err) != 0) { ++ fprintf(stderr, "%s", aspell_error_message(possible_err)); ++ return 2; ++ } else { ++ spell_checker = to_aspell_speller(possible_err); ++ } ++ int correct = aspell_speller_check_w(spell_checker, test_word, -1); ++ if (!correct) { ++ fprintf(stderr, "%s", "fail: expected word to be correct\n"); ++ fail = 1; ++ } ++ correct = aspell_speller_check_w(spell_checker, test_incorrect, -1); ++ if (correct) { ++ fprintf(stderr, "%s", "fail: expected word to be incorrect\n"); ++ fail = 1; ++ } ++ const AspellWordList * suggestions = aspell_speller_suggest_w(spell_checker, test_incorrect, -1); ++ AspellStringEnumeration * elements = aspell_word_list_elements(suggestions); ++ const uint16_t * word = aspell_string_enumeration_next_w(uint16_t, elements); ++ if (memcmp(word, test_word, sizeof(test_incorrect)) != 0) { ++ fprintf(stderr, "%s", "fail: first suggesion is not what is expected\n"); ++ fail = 1; ++ } ++ delete_aspell_string_enumeration(elements); ++ ++ possible_err = new_aspell_document_checker(spell_checker); ++ if (aspell_error(possible_err) != 0) { ++ fprintf(stderr, "Error: %s\n",aspell_error_message(possible_err)); ++ return 2; ++ } ++ AspellDocumentChecker * checker = to_aspell_document_checker(possible_err); ++ aspell_document_checker_process_w(checker, test_doc, -1); ++ ++ AspellToken token = aspell_document_checker_next_misspelling_w(uint16_t, checker); ++ if (4 != token.len) { ++ fprintf(stderr, "fail: size of first misspelling (%d) is not what is expected (%d)\n", ++ token.len, 4); ++ fail = 1; ++ } else if (memcmp(test_incorrect, test_doc + token.offset, token.len) != 0) { ++ fprintf(stderr, "%s", "fail: first misspelling is not what is expected\n"); ++ fail = 1; ++ } ++ if (fail) { ++ printf("not ok\n"); ++ return 1; ++ } else { ++ printf("ok\n"); ++ return 0; ++ } ++} +-- +2.27.0 + diff --git a/CVE-2019-20433-2.patch b/CVE-2019-20433-2.patch new file mode 100644 index 0000000..6d0ee61 --- /dev/null +++ b/CVE-2019-20433-2.patch @@ -0,0 +1,56 @@ +From cefd447e5528b08bb0cd6656bc52b4255692cefc Mon Sep 17 00:00:00 2001 +From: Kevin Atkinson +Date: Sat, 17 Aug 2019 20:25:21 -0400 +Subject: [PATCH] Increment library version to reflect API changes. + +--- + Makefile.am | 24 +++++++++++++++++------- + 1 file changed, 17 insertions(+), 7 deletions(-) + +diff --git a/Makefile.am b/Makefile.am +index 950319d..3bbadb7 100644 +--- a/Makefile.am ++++ b/Makefile.am +@@ -93,10 +93,24 @@ libaspell_la_SOURCES =\ + + libaspell_la_LIBADD = $(LTLIBINTL) $(PTHREAD_LIB) + ++## The version string is current[:revision[:age]] ++## ++## Before a release that has changed the source code at all ++## increment revision. ++## ++## After merging changes that have changed the API in a backwards ++## comptable way set revision to 0 and bump both current and age. ++## ++## Do not change the API in a backwards incompatible way. ++## ++## See "Libtool: Updating version info" ++## (https://www.gnu.org/software/libtool/manual/html_node/Updating-version-info.html) ++## for more into ++## + if INCREMENTED_SONAME +-libaspell_la_LDFLAGS = -version-info 16:5:0 -no-undefined ++libaspell_la_LDFLAGS = -version-info 19:0:3 -no-undefined + else +-libaspell_la_LDFLAGS = -version-info 16:5:1 -no-undefined ++libaspell_la_LDFLAGS = -version-info 18:0:3 -no-undefined + endif + + if PSPELL_COMPATIBILITY +@@ -104,11 +118,7 @@ libpspell_la_SOURCES = lib/dummy.cpp + + libpspell_la_LIBADD = libaspell.la + +-if INCREMENTED_SONAME +-libpspell_la_LDFLAGS = -version-info 16:5:0 -no-undefined +-else +-libpspell_la_LDFLAGS = -version-info 16:5:1 -no-undefined +-endif ++libpspell_la_LDFLAGS = $(libaspell_la_LDFLAGS) + + endif + +-- +2.27.0 + diff --git a/aspell.spec b/aspell.spec index 3ab0498..3d84393 100644 --- a/aspell.spec +++ b/aspell.spec @@ -1,6 +1,6 @@ Name: aspell Version: 0.60.6.1 -Release: 28 +Release: 29 Summary: Spell checker Epoch: 12 License: LGPLv2+ and LGPLv2 and GPLv2+ and BSD @@ -18,6 +18,8 @@ Patch0007: aspell-0.60.6.1-gcc7-fixes.patch Patch0008: aspell-0.60.6.1-fix-back-on-empty-vector.patch Patch0009: CVE-2019-17544.patch Patch0010: CVE-2019-25051.patch +Patch0011: CVE-2019-20433-1.patch +Patch0012: CVE-2019-20433-2.patch BuildRequires: chrpath gettext ncurses-devel pkgconfig perl-interpreter gcc-c++ @@ -112,6 +114,9 @@ rm -rf ${RPM_BUILD_ROOT}%{_mandir}/man1/aspell-import.1 %{_mandir}/man1/pspell-config.1* %changelog +* Tue Sep 28 2021 yaoxin - 12:0.60.6.1-29 +- fix CVE-2019-20433 + * Thu Sep 23 2021 liwu - 12:0.60.6.1-28 - fix CVE-2019-25051 -- Gitee