summaryrefslogtreecommitdiffstats
path: root/debian/patches/0001-fix-unnecessary-asserts-leading-to-crashes.patch
diff options
context:
space:
mode:
Diffstat (limited to 'debian/patches/0001-fix-unnecessary-asserts-leading-to-crashes.patch')
-rw-r--r--debian/patches/0001-fix-unnecessary-asserts-leading-to-crashes.patch116
1 files changed, 116 insertions, 0 deletions
diff --git a/debian/patches/0001-fix-unnecessary-asserts-leading-to-crashes.patch b/debian/patches/0001-fix-unnecessary-asserts-leading-to-crashes.patch
new file mode 100644
index 0000000..ded7e70
--- /dev/null
+++ b/debian/patches/0001-fix-unnecessary-asserts-leading-to-crashes.patch
@@ -0,0 +1,116 @@
+From ae03c6107dfa18e648f6fdd1280f5b89092d5d49 Mon Sep 17 00:00:00 2001
+From: Chris Sewell <chrisj_sewell@hotmail.com>
+Date: Wed, 22 Feb 2023 05:56:39 +0100
+Subject: [PATCH] =?UTF-8?q?=F0=9F=90=9B=20FIX:=20CVE-2023-26303=20(#246)?=
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+Bug-Debian: https://bugs.debian.org/1031764
+
+Fix unnecessary asserts, leading to crashes
+---
+ markdown_it/renderer.py | 20 ++++++++------------
+ markdown_it/rules_core/replacements.py | 3 ++-
+ markdown_it/rules_core/smartquotes.py | 4 ++--
+ tests/test_port/fixtures/issue-fixes.md | 9 +++++++++
+ tests/test_port/test_fixtures.py | 1 +
+ 5 files changed, 22 insertions(+), 15 deletions(-)
+
+Index: markdown-it-py-2.1.0/markdown_it/renderer.py
+===================================================================
+--- markdown-it-py-2.1.0.orig/markdown_it/renderer.py 2023-03-31 07:50:21.639213371 -0300
++++ markdown-it-py-2.1.0/markdown_it/renderer.py 2023-03-31 07:50:21.635213318 -0300
+@@ -84,8 +84,8 @@
+ for i, token in enumerate(tokens):
+
+ if token.type == "inline":
+- assert token.children is not None
+- result += self.renderInline(token.children, options, env)
++ if token.children:
++ result += self.renderInline(token.children, options, env)
+ elif token.type in self.rules:
+ result += self.rules[token.type](tokens, i, options, env)
+ else:
+@@ -207,8 +207,8 @@
+ if token.type == "text":
+ result += token.content
+ elif token.type == "image":
+- assert token.children is not None
+- result += self.renderInlineAsText(token.children, options, env)
++ if token.children:
++ result += self.renderInlineAsText(token.children, options, env)
+ elif token.type == "softbreak":
+ result += "\n"
+
+@@ -306,14 +306,10 @@
+
+ # "alt" attr MUST be set, even if empty. Because it's mandatory and
+ # should be placed on proper position for tests.
+-
+- assert (
+- token.attrs and "alt" in token.attrs
+- ), '"image" token\'s attrs must contain `alt`'
+-
+- # Replace content with actual value
+-
+- token.attrSet("alt", self.renderInlineAsText(token.children, options, env))
++ if token.children:
++ token.attrSet("alt", self.renderInlineAsText(token.children, options, env))
++ else:
++ token.attrSet("alt", "")
+
+ return self.renderToken(tokens, idx, options, env)
+
+Index: markdown-it-py-2.1.0/markdown_it/rules_core/replacements.py
+===================================================================
+--- markdown-it-py-2.1.0.orig/markdown_it/rules_core/replacements.py 2023-03-31 07:50:21.639213371 -0300
++++ markdown-it-py-2.1.0/markdown_it/rules_core/replacements.py 2023-03-31 07:50:21.635213318 -0300
+@@ -116,7 +116,8 @@
+ for token in state.tokens:
+ if token.type != "inline":
+ continue
+- assert token.children is not None
++ if token.children is None:
++ continue
+
+ if SCOPED_ABBR_RE.search(token.content):
+ replace_scoped(token.children)
+Index: markdown-it-py-2.1.0/markdown_it/rules_core/smartquotes.py
+===================================================================
+--- markdown-it-py-2.1.0.orig/markdown_it/rules_core/smartquotes.py 2023-03-31 07:50:21.639213371 -0300
++++ markdown-it-py-2.1.0/markdown_it/rules_core/smartquotes.py 2023-03-31 07:50:21.635213318 -0300
+@@ -198,5 +198,5 @@
+
+ if token.type != "inline" or not QUOTE_RE.search(token.content):
+ continue
+- assert token.children is not None
+- process_inlines(token.children, state)
++ if token.children is not None:
++ process_inlines(token.children, state)
+Index: markdown-it-py-2.1.0/tests/test_port/fixtures/issue-fixes.md
+===================================================================
+--- markdown-it-py-2.1.0.orig/tests/test_port/fixtures/issue-fixes.md 2023-03-31 07:50:21.639213371 -0300
++++ markdown-it-py-2.1.0/tests/test_port/fixtures/issue-fixes.md 2023-03-31 07:50:21.635213318 -0300
+@@ -36,3 +36,12 @@
+ .
+ <p>💬</p>
+ .
++
++Fix CVE-2023-26303
++.
++![![]()
++]([)
++.
++<p><img src="%5B" alt="
++" /></p>
++.
+Index: markdown-it-py-2.1.0/tests/test_port/test_fixtures.py
+===================================================================
+--- markdown-it-py-2.1.0.orig/tests/test_port/test_fixtures.py 2023-03-31 07:50:21.639213371 -0300
++++ markdown-it-py-2.1.0/tests/test_port/test_fixtures.py 2023-03-31 07:50:21.635213318 -0300
+@@ -111,4 +111,5 @@
+ def test_issue_fixes(line, title, input, expected):
+ md = MarkdownIt()
+ text = md.render(input)
++ print(text)
+ assert text.rstrip() == expected.rstrip()
generated by cgit v1.2.3 (git 2.39.1) at 2024-09-29 04:52:43 +0000