Patch from the upstream git

remicollet · remicollet · commit 27a743b82b0b · 2017-07-05T09:25:57.000+02:00
kkos/oniguruma#59 (CVE-2017-9229) b690371bbf97794b4a1d3f295d4fb9a8b05d402d Modified for onig 5.9.6 Thanks to Mamoru TASAKA <mtasaka@fedoraproject.org>
diff --git a/ext/mbstring/oniguruma/regexec.c b/ext/mbstring/oniguruma/regexec.c
@@ -3205,7 +3205,13 @@ forward_search_range(regex_t* reg, const UChar* str, const UChar* end, UChar* s,
     else {
       if (reg->dmax != ONIG_INFINITE_DISTANCE) {
 	*low = p - reg->dmax;
-	if (*low > s) {
+	if (p - str < reg->dmax) {
+	  *low = (UChar* )str;
+	  if (low_prev)
+	    *low_prev = onigenc_get_prev_char_head(reg->enc, str, *low);
+	}
+	else {
+ 	if (*low > s) {
 	  *low = onigenc_get_right_adjust_char_head_with_prev(reg->enc, s,
 							      *low, (const UChar** )low_prev);
 	  if (low_prev && IS_NULL(*low_prev))
@@ -3218,6 +3224,7 @@ forward_search_range(regex_t* reg, const UChar* str, const UChar* end, UChar* s,
 					       (pprev ? pprev : str), *low);
 	}
       }
+      }
     }
     /* no needs to adjust *high, *high is used as range check only */
     *high = p - reg->dmin;
