From 623ee73d661e5ed8475cb264511f683407d87365 Mon Sep 17 00:00:00 2001
From: V3n3RiX <venerix@redcorelinux.org>
Date: Sun, 12 Apr 2020 03:41:30 +0100
Subject: gentoo Easter resync : 12.04.2020

---
 .../files/yaml-cpp-0.6.3-CVE-2017-11692.patch      | 44 ++++++++++++++++++++++
 1 file changed, 44 insertions(+)
 create mode 100644 dev-cpp/yaml-cpp/files/yaml-cpp-0.6.3-CVE-2017-11692.patch

(limited to 'dev-cpp/yaml-cpp/files')

diff --git a/dev-cpp/yaml-cpp/files/yaml-cpp-0.6.3-CVE-2017-11692.patch b/dev-cpp/yaml-cpp/files/yaml-cpp-0.6.3-CVE-2017-11692.patch
new file mode 100644
index 000000000000..fd7a7198c1c6
--- /dev/null
+++ b/dev-cpp/yaml-cpp/files/yaml-cpp-0.6.3-CVE-2017-11692.patch
@@ -0,0 +1,44 @@
+From c9460110e072df84b7dee3eb651f2ec5df75fb18 Mon Sep 17 00:00:00 2001
+From: Jesse Beder <jbeder@gmail.com>
+Date: Mon, 20 Jan 2020 18:05:15 -0600
+Subject: [PATCH] Fix reading empty token stack with a node with properties but
+ no scalar.
+
+E.g. `!2`.
+---
+ src/singledocparser.cpp             | 6 ++++++
+ test/integration/load_node_test.cpp | 5 +++++
+ 2 files changed, 11 insertions(+)
+
+diff --git a/src/singledocparser.cpp b/src/singledocparser.cpp
+index 52544dd6..47e9e047 100644
+--- a/src/singledocparser.cpp
++++ b/src/singledocparser.cpp
+@@ -79,6 +79,12 @@ void SingleDocParser::HandleNode(EventHandler& eventHandler) {
+   if (!anchor_name.empty())
+     eventHandler.OnAnchor(mark, anchor_name);
+ 
++  // after parsing properties, an empty node is again a possibility
++  if (m_scanner.empty()) {
++    eventHandler.OnNull(mark, anchor);
++    return;
++  }
++
+   const Token& token = m_scanner.peek();
+ 
+   if (token.type == Token::PLAIN_SCALAR && IsNullString(token.value)) {
+diff --git a/test/integration/load_node_test.cpp b/test/integration/load_node_test.cpp
+index 4f4f28e8..0e0dd6bc 100644
+--- a/test/integration/load_node_test.cpp
++++ b/test/integration/load_node_test.cpp
+@@ -257,5 +257,10 @@ TEST(NodeTest, LoadTagWithParenthesis) {
+     EXPECT_EQ(node.as<std::string>(), "foo");
+ }
+ 
++TEST(NodeTest, LoadTagWithNullScalar) {
++  Node node = Load("!2");
++  EXPECT_TRUE(node.IsNull());
++}
++
+ }  // namespace
+ }  // namespace YAML
-- 
cgit v1.2.3