From: Oliver Kurth <okurth@vmware.com>
Date: Fri, 15 Sep 2017 18:22:59 +0000 (-0700)
Subject: Apply various ICU patches between ICU 4.4.1 and 57.1
X-Git-Tag: stable-10.2.0~579
X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=fb66ea0adcb4dceca686cb7cefb7f857ccf6e74b;p=thirdparty%2Fopen-vm-tools.git

Apply various ICU patches between ICU 4.4.1 and 57.1

Parts of ICU 3.8 and 4.4.1 are included in bora/lib/unicode.
ICU is now at version 57.1 (which would have been 5.7.1 in
its old version numbering scheme) and has had some
security-related patches during that time.

Directly updating the ICU bits in bora/lib/unicode with the
corresponding bits from ICU 57.1 no longer seems feasible
because the ICU code has made increasing use of C++
(including C++11), which is something that we'd like to avoid
in widely shared libraries like lib/unicode and lib/misc.

Picked out a handful of fixes (particularly security-relevant
changes) that are applicable to our forked copy:

* r28300: ticket:7783: error checking in U16_GET()
* r29214: ticket:8238: Implement max subpart policy for UTF7
    toUnicode, don't consume valid bytes after err
* r30175: ticket:8569: Terminate the UTF-7 byte buffer with
    MINUS when flushing
* r30326: ticket:8265: Fix race (=> U_FILE_ACCESS_ERROR) when
    loading full set of ICU data
* r31914: ticket:8235: do not call memcpy()/memmove()/...
    with a NULL/invalid source pointer
* r31948: ticket:9340: Use bit mask instead of cast to avoid
    buffer overflow
* r32021: ticket:9340: Fix potential out of bound error in
    ICU4C ISCII converter
* r32041: ticket:9432: fix value of UDATA_FILE_ACCESS_COUNT
* r32242: ticket:9481 : handled segmentation fault issue with
    uenum_next
* r32529: ticket:9601: from-UTF-8 m:n conversion: properly
    revert to pivoting for m:n matching
* r32574: ticket:9398: avoid use of utf8_countTrailBytes[],
    rewrite/optimize U8_COUNT_TRAIL_BYTES() &
    U8_NEXT_UNSAFE(), test _UNSAFE macros only with
    (mostly) well-formed UTF-8 text
* r32907: ticket:9687: Propagate the ambiguous alias warning
    when opening converter
* r37670: ticket:11776 Thread safety fixes in data loading.
* r37889: ticket:11765: fix utrans_stripRules() source
    overruns from a comment or an escape at the end of
    the source string; make U8_SET_CP_LIMIT() work with
    index after NUL terminator, consistent with
    U16_SET_CP_LIMIT(), although strictly speaking this
    behavior is undefined
* r38086: ticket:11979: Fix max char size for iso-2022-kr in
    icu4c
* r38185: ticket:12015: Update the array size to avoid buffer
    overflow

Diffs for the ICU changes (with associated links to their
tickets) can be found at:

  http://bugs.icu-project.org/trac/changeset/REVISION

where REVISION is the corresponding numeric value.

Notes:

* r32907 makes a slight change to ucnv_open's return value
  and isn't strictly necessary, but is included as a matter
  of correctness and because we would eventually need to
  handle the new behavior anyway.  Changed sites that
  checked directly against U_ZERO_ERROR to use
  U_SUCCESS/U_FAILURE instead.

* Included r30326 and r37670 (which both involve race
  conditions when loading ICU data), but we do not execute
  those code paths.
---

diff --git a/open-vm-tools/lib/misc/codeset.c b/open-vm-tools/lib/misc/codeset.c
index 5b1f714e5..7becb3851 100644
--- a/open-vm-tools/lib/misc/codeset.c
+++ b/open-vm-tools/lib/misc/codeset.c
@@ -654,12 +654,12 @@ found:
       ASSERT(memMappedData);
 
       udata_setCommonData(memMappedData, &uerr);
-      if (uerr != U_ZERO_ERROR) {
+      if (U_FAILURE(uerr)) {
          UnmapViewOfFile(memMappedData);
          goto exit;
       }
       udata_setAppData(ICU_DATA_ITEM, memMappedData, &uerr);
-      if (uerr != U_ZERO_ERROR) {
+      if (U_FAILURE(uerr)) {
          UnmapViewOfFile(memMappedData);
          goto exit;
       }
@@ -972,13 +972,13 @@ CodeSet_GenericToGenericDb(const char *codeIn,  // IN
 
    uerr = U_ZERO_ERROR;
    ucnv_setToUCallBack(cvin, toUCb, NULL, NULL, NULL, &uerr);
-   if (U_ZERO_ERROR != uerr) {
+   if (U_FAILURE(uerr)) {
       goto exit;
    }
 
    uerr = U_ZERO_ERROR;
    ucnv_setFromUCallBack(cvout, fromUCb, NULL, NULL, NULL, &uerr);
-   if (U_ZERO_ERROR != uerr) {
+   if (U_FAILURE(uerr)) {
       goto exit;
    }
 
@@ -1016,7 +1016,7 @@ CodeSet_GenericToGenericDb(const char *codeIn,  // IN
 		     bufPiv, &bufPivSource, &bufPivTarget, bufPivEnd,
 		     FALSE, TRUE, &uerr);
 
-      if (!U_FAILURE(uerr)) {
+      if (U_SUCCESS(uerr)) {
          /*
           * "This was a triumph. I'm making a note here: HUGE SUCCESS. It's
           * hard to overstate my satisfaction."
@@ -1668,7 +1668,7 @@ CodeSet_IsEncodingSupported(const char *name) // IN
 
 Bool
 CodeSet_Validate(const char *buf,   // IN: the string
-                 size_t size,	    // IN: length of string
+                 size_t size,       // IN: length of string
                  const char *code)  // IN: encoding
 {
 #if defined(NO_ICU)
@@ -1701,9 +1701,9 @@ CodeSet_Validate(const char *buf,   // IN: the string
 
    uerr = U_ZERO_ERROR;
    cv = ucnv_open(code, &uerr);
-   VERIFY(uerr == U_ZERO_ERROR);
+   VERIFY(U_SUCCESS(uerr));
    ucnv_setToUCallBack(cv, UCNV_TO_U_CALLBACK_STOP, NULL, NULL, NULL, &uerr);
-   VERIFY(uerr == U_ZERO_ERROR);
+   VERIFY(U_SUCCESS(uerr));
    ucnv_toUChars(cv, NULL, 0, buf, size, &uerr);
    ucnv_close(cv);