diff --git a/srcpkgs/quickjs/patches/patch-gh-issue-178-cve-2023-31922.patch b/srcpkgs/quickjs/patches/patch-gh-issue-178-cve-2023-31922.patch deleted file mode 100644 index 754924c6063946..00000000000000 --- a/srcpkgs/quickjs/patches/patch-gh-issue-178-cve-2023-31922.patch +++ /dev/null @@ -1,42 +0,0 @@ -From 056459314305f666aee132565df710c42f41ec04 Mon Sep 17 00:00:00 2001 -From: Nick Vatamaniuc -Date: Sun, 28 May 2023 01:50:46 -0400 -Subject: [PATCH] Fix stack overflow in CVE-2023-31922 - -isArray and proxy isArray can call each other indefinitely in a mutually -recursive loop. - -Add a stack overflow check in the js_proxy_isArray function before calling -JS_isArray(ctx, s->target). - -With ASAN the the poc.js from issue 178: - -``` -./qjs ./poc.js -InternalError: stack overflow - at isArray (native) - at (./poc.js:4) -``` - -Fix: https://github.com/bellard/quickjs/issues/178 ---- - quickjs.c | 6 ++++++ - 1 file changed, 6 insertions(+) - -diff --git a/quickjs.c b/quickjs.c -index 79160139..a3b0b55f 100644 ---- a/quickjs.c -+++ b/quickjs.c -@@ -45243,6 +45243,12 @@ static int js_proxy_isArray(JSContext *ctx, JSValueConst obj) - JSProxyData *s = JS_GetOpaque(obj, JS_CLASS_PROXY); - if (!s) - return FALSE; -+ -+ if (js_check_stack_overflow(ctx->rt, 0)) { -+ JS_ThrowStackOverflow(ctx); -+ return -1; -+ } -+ - if (s->is_revoked) { - JS_ThrowTypeErrorRevokedProxy(ctx); - return -1; diff --git a/srcpkgs/quickjs/template b/srcpkgs/quickjs/template index da651cba2cbc4d..28e2557c42eb6e 100644 --- a/srcpkgs/quickjs/template +++ b/srcpkgs/quickjs/template @@ -1,7 +1,7 @@ # Template file for 'quickjs' pkgname=quickjs -version=2021.03.27 -revision=4 +version=2023.12.09 +revision=1 build_style=gnu-makefile make_use_env=true make_build_args="CONFIG_LTO=" @@ -10,7 +10,7 @@ maintainer="Leah Neukirchen " license="MIT" homepage="https://bellard.org/quickjs/" distfiles="https://bellard.org/quickjs/quickjs-${version//./-}.tar.xz" -checksum=a45bface4c3379538dea8533878d694e289330488ea7028b105f72572fe7fe1a +checksum=e8afe386f875d0e52310ea91aa48e2b0e04182e821f19147794e3e272f4c8d8c if [ "$CROSS_BUILD" ]; then make_build_args+=" CROSS_PREFIX=${XBPS_CROSS_TRIPLET}-"