Bug 1350331 - Rebase rhino to fix integer overflow in regular expressions
Summary: Rebase rhino to fix integer overflow in regular expressions
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Red Hat Enterprise Linux 7
Classification: Red Hat
Component: rhino
Version: 7.2
Hardware: x86_64
OS: Linux
medium
medium
Target Milestone: rc
: ---
Assignee: Elliott Baron
QA Contact: Anna Khaitovich
Vladimír Slávik
URL:
Whiteboard:
Depends On: 1000670 1011947
Blocks: 1390370
TreeView+ depends on / blocked
 
Reported: 2016-06-27 07:33 UTC by Deepu K S
Modified: 2020-04-15 14:32 UTC (History)
8 users (show)

Fixed In Version: 1.7R5
Doc Type: Rebase: Bug Fixes and Enhancements
Doc Text:
_rhino_ rebased to version 1.7R5 The _rhino_ package has been upgraded to upstream version 1.7R5, which provides a number of bug fixes and enhancements over the previous version. Notably, the former problem with an infinite loop while parsing regular expressions has been fixed. Applications using *Rhino* that previously encountered this bug now function correctly.
Clone Of: 1000670
: 1446129 (view as bug list)
Environment:
Red Hat Enterprise Linux 7.2 csslint-0.10.0-2.el7.noarch [EPEL] rhino-1.7R4-5.el7.noarch java-1.7.0-openjdk-1.7.0.101-2.6.6.1.el7_2.x86_64
Last Closed: 2017-08-01 20:28:52 UTC
Target Upstream Version:


Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Red Hat Product Errata RHBA-2017:1894 0 normal SHIPPED_LIVE rhino bug fix update 2017-08-01 18:25:24 UTC

Description Deepu K S 2016-06-27 07:33:59 UTC
+++ This bug was initially created as a clone of Bug #1000670 +++

Description of problem:
csslint runs forever even for simple files.

Below rhino patch fixes the issue.

Bug 1011947 - Need patch on rhino 1.7
https://bugzilla.redhat.com/show_bug.cgi?id=1011947

52e25f784cd1b927d44383aa9afb358191df97e4 (https://github.com/mozilla/rhino/commit/52e25f784cd1b927d44383aa9afb358191df97e4).


Version-Release number of selected component (if applicable):
Red Hat Enterprise Linux 7.2
csslint-0.10.0-2.el7.noarch
rhino-1.7R4-5.el7.noarch

How reproducible:
Every time

Steps to Reproduce:
1. Create a CSS file:
cat > xxx.css << "EOF"
.xxx {
    font-size: 125%;
}
EOF
2. Run csslint on it:
csslint xxx.css

Actual results:
csslint hangs

Expected results:
csslint should finish

Additional info:
Other packages installed:
 - java-1.7.0-openjdk-1.7.0.101-2.6.6.1.el7_2.x86_64

# java -version
java version "1.7.0_101"
OpenJDK Runtime Environment (rhel-2.6.6.1.el7_2-x86_64 u101-b00)
OpenJDK 64-Bit Server VM (build 24.95-b01, mixed mode)

syntastic-css is affected by this.  Saving a CSS file in vim makes it go
ballistic.




--- Additional comment from Guillaume Kulakowski on 2013-08-26 10:52:58 EDT ---

Work fine on EPEL6 with :
> java -version
> java version "1.6.0_24"
> OpenJDK Runtime Environment (IcedTea6 1.11.11.90) (rhel-1.62.1.11.11.90.el6_4-x86_64)
> OpenJDK 64-Bit Server VM (build 20.0-b12, mixed mode)

Perhaps un upstream bug with JAVA 7. A new version 0.10.0 exists. I try to update rpm.

--- Additional comment from Guillaume Kulakowski on 2013-08-27 04:40:00 EDT ---

Same with 0.10.0. I report an upstream bug

--- Additional comment from Guillaume Kulakowski on 2013-09-02 05:34:26 EDT ---

It's a Rhino upstream bug : 
 - https://github.com/stubbornella/csslint/issues/321
 - https://github.com/mozilla/rhino/issues/107

Fixed with the new Rhino release.

--- Additional comment from Cristian Ciupitu on 2013-12-22 15:03:46 EST ---

It's still happening with csslint-0.10.0-1.fc20.noarch and rhino-1.7R4-6.fc20.noarch.

--- Additional comment from Guillaume Kulakowski on 2014-01-14 11:02:14 EST ---

From #1011947: a patch is coming...

--- Additional comment from Guillaume Kulakowski on 2014-01-15 01:29:13 EST ---

Fixed (see Bug 1000670).

--- Additional comment from Guillaume Kulakowski on 2014-01-15 01:30:45 EST ---

Sorry, see Bug 1011947

Comment 2 Guillaume Kulakowski 2016-10-25 07:31:46 UTC
Hum,

I think that Java isn't the beeter implementation of CSSLint... I think orphan this package to replace it by node's csslint...

what do you think ?

Comment 3 Elliott Baron 2016-10-28 22:08:40 UTC
I think we should still try to fix this issue with an updated Rhino. Other programs using Rhino could be affected by this bug.

Comment 4 Elliott Baron 2016-11-07 21:52:25 UTC
I have updated the summary to reflect that we are requesting a rebase to fix this bug.

Comment 13 Anna Khaitovich 2017-03-14 11:44:02 UTC
Tested on version 1.7R5
Test case link: https://tcms.engineering.redhat.com/run/303367/#caserun_15274053
Old FAILED & New PASSED => FIXED

Comment 16 errata-xmlrpc 2017-08-01 20:28:52 UTC
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHBA-2017:1894


Note You need to log in before you can comment on or make changes to this bug.