Bug 1350331

Summary: Rebase rhino to fix integer overflow in regular expressions
Product: Red Hat Enterprise Linux 7 Reporter: Deepu K S <dkochuka>
Component: rhinoAssignee: Elliott Baron <ebaron>
Status: CLOSED ERRATA QA Contact: Anna Khaitovich <akhaitov>
Severity: medium Docs Contact: Vladimír Slávik <vslavik>
Priority: medium    
Version: 7.2CC: akhaitov, cristian.ciupitu, dbhole, dkochuka, ebaron, extras-qa, guillaume, vslavik
Target Milestone: rcKeywords: Patch, Rebase
Target Release: ---   
Hardware: x86_64   
OS: Linux   
Whiteboard:
Fixed In Version: 1.7R5 Doc Type: Rebase: Bug Fixes and Enhancements
Doc Text:
_rhino_ rebased to version 1.7R5 The _rhino_ package has been upgraded to upstream version 1.7R5, which provides a number of bug fixes and enhancements over the previous version. Notably, the former problem with an infinite loop while parsing regular expressions has been fixed. Applications using *Rhino* that previously encountered this bug now function correctly.
 Story Points: ---
Clone Of: 1000670
: 1446129 (view as bug list) Environment:
Red Hat Enterprise Linux 7.2 csslint-0.10.0-2.el7.noarch [EPEL] rhino-1.7R4-5.el7.noarch java-1.7.0-openjdk-1.7.0.101-2.6.6.1.el7_2.x86_64
Last Closed: 2017-08-01 20:28:52 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On: 1000670, 1011947    
Bug Blocks: 1390370    

Description Deepu K S 2016-06-27 07:33:59 UTC 
+++ This bug was initially created as a clone of Bug #1000670 +++

Description of problem:
csslint runs forever even for simple files.

Below rhino patch fixes the issue.

Bug 1011947 - Need patch on rhino 1.7
https://bugzilla.redhat.com/show_bug.cgi?id=1011947

52e25f784cd1b927d44383aa9afb358191df97e4 (https://github.com/mozilla/rhino/commit/52e25f784cd1b927d44383aa9afb358191df97e4).


Version-Release number of selected component (if applicable):
Red Hat Enterprise Linux 7.2
csslint-0.10.0-2.el7.noarch
rhino-1.7R4-5.el7.noarch

How reproducible:
Every time

Steps to Reproduce:
1. Create a CSS file:
cat > xxx.css << "EOF"
.xxx {
    font-size: 125%;
}
EOF
2. Run csslint on it:
csslint xxx.css

Actual results:
csslint hangs

Expected results:
csslint should finish

Additional info:
Other packages installed:
 - java-1.7.0-openjdk-1.7.0.101-2.6.6.1.el7_2.x86_64

# java -version
java version "1.7.0_101"
OpenJDK Runtime Environment (rhel-2.6.6.1.el7_2-x86_64 u101-b00)
OpenJDK 64-Bit Server VM (build 24.95-b01, mixed mode)

syntastic-css is affected by this.  Saving a CSS file in vim makes it go
ballistic.




--- Additional comment from Guillaume Kulakowski on 2013-08-26 10:52:58 EDT ---

Work fine on EPEL6 with :
> java -version
> java version "1.6.0_24"
> OpenJDK Runtime Environment (IcedTea6 1.11.11.90) (rhel-1.62.1.11.11.90.el6_4-x86_64)
> OpenJDK 64-Bit Server VM (build 20.0-b12, mixed mode)

Perhaps un upstream bug with JAVA 7. A new version 0.10.0 exists. I try to update rpm.

--- Additional comment from Guillaume Kulakowski on 2013-08-27 04:40:00 EDT ---

Same with 0.10.0. I report an upstream bug

--- Additional comment from Guillaume Kulakowski on 2013-09-02 05:34:26 EDT ---

It's a Rhino upstream bug : 
 - https://github.com/stubbornella/csslint/issues/321
 - https://github.com/mozilla/rhino/issues/107

Fixed with the new Rhino release.

--- Additional comment from Cristian Ciupitu on 2013-12-22 15:03:46 EST ---

It's still happening with csslint-0.10.0-1.fc20.noarch and rhino-1.7R4-6.fc20.noarch.

--- Additional comment from Guillaume Kulakowski on 2014-01-14 11:02:14 EST ---

From #1011947: a patch is coming...

--- Additional comment from Guillaume Kulakowski on 2014-01-15 01:29:13 EST ---

Fixed (see Bug 1000670).

--- Additional comment from Guillaume Kulakowski on 2014-01-15 01:30:45 EST ---

Sorry, see Bug 1011947
Comment 2 Guillaume Kulakowski 2016-10-25 07:31:46 UTC 
Hum,

I think that Java isn't the beeter implementation of CSSLint... I think orphan this package to replace it by node's csslint...

what do you think ?
Comment 3 Elliott Baron 2016-10-28 22:08:40 UTC 
I think we should still try to fix this issue with an updated Rhino. Other programs using Rhino could be affected by this bug.
Comment 4 Elliott Baron 2016-11-07 21:52:25 UTC 
I have updated the summary to reflect that we are requesting a rebase to fix this bug.
Comment 13 Anna Khaitovich 2017-03-14 11:44:02 UTC 
Tested on version 1.7R5
Test case link: https://tcms.engineering.redhat.com/run/303367/#caserun_15274053
Old FAILED & New PASSED => FIXED
Comment 16 errata-xmlrpc 2017-08-01 20:28:52 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHBA-2017:1894