RHEL Engineering is moving the tracking of its product development work on RHEL 6 through RHEL 9 to Red Hat Jira (issues.redhat.com). If you're a Red Hat customer, please continue to file support cases via the Red Hat customer portal. If you're not, please head to the "RHEL project" in Red Hat Jira and file new tickets here. Individual Bugzilla bugs in the statuses "NEW", "ASSIGNED", and "POST" are being migrated throughout September 2023. Bugs of Red Hat partners with an assigned Engineering Partner Manager (EPM) are migrated in late September as per pre-agreed dates. Bugs against components "kernel", "kernel-rt", and "kpatch" are only migrated if still in "NEW" or "ASSIGNED". If you cannot log in to RH Jira, please consult article #7032570. That failing, please send an e-mail to the RH Jira admins at rh-issues@redhat.com to troubleshoot your issue as a user management inquiry. The email creates a ServiceNow ticket with Red Hat. Individual Bugzilla bugs that are migrated will be moved to status "CLOSED", resolution "MIGRATED", and set with "MigratedToJIRA" in "Keywords". The link to the successor Jira issue will be found under "Links", have a little "two-footprint" icon next to it, and direct you to the "RHEL project" in Red Hat Jira (issue links are of type "https://issues.redhat.com/browse/RHEL-XXXX", where "X" is a digit). This same link will be available in a blue banner at the top of the page informing you that that bug has been migrated.
Bug 1350331 - Rebase rhino to fix integer overflow in regular expressions
Summary: Rebase rhino to fix integer overflow in regular expressions
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Red Hat Enterprise Linux 7
Classification: Red Hat
Component: rhino
Version: 7.2
Hardware: x86_64
OS: Linux
medium
medium
Target Milestone: rc
: ---
Assignee: Elliott Baron
QA Contact: Anna Khaitovich
Vladimír Slávik
URL:
Whiteboard:
Depends On: 1000670 1011947
Blocks: 1390370
TreeView+ depends on / blocked
 
Reported: 2016-06-27 07:33 UTC by Deepu K S
Modified: 2020-04-15 14:32 UTC (History)
8 users (show)

Fixed In Version: 1.7R5
Doc Type: Rebase: Bug Fixes and Enhancements
Doc Text:
_rhino_ rebased to version 1.7R5 The _rhino_ package has been upgraded to upstream version 1.7R5, which provides a number of bug fixes and enhancements over the previous version. Notably, the former problem with an infinite loop while parsing regular expressions has been fixed. Applications using *Rhino* that previously encountered this bug now function correctly.
Clone Of: 1000670
: 1446129 (view as bug list)
Environment:
Red Hat Enterprise Linux 7.2 csslint-0.10.0-2.el7.noarch [EPEL] rhino-1.7R4-5.el7.noarch java-1.7.0-openjdk-1.7.0.101-2.6.6.1.el7_2.x86_64
Last Closed: 2017-08-01 20:28:52 UTC
Target Upstream Version:
Embargoed:

Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Red Hat Product Errata RHBA-2017:1894 0 normal SHIPPED_LIVE rhino bug fix update 2017-08-01 18:25:24 UTC

Description Deepu K S 2016-06-27 07:33:59 UTC 
+++ This bug was initially created as a clone of Bug #1000670 +++

Description of problem:
csslint runs forever even for simple files.

Below rhino patch fixes the issue.

Bug 1011947 - Need patch on rhino 1.7
https://bugzilla.redhat.com/show_bug.cgi?id=1011947

52e25f784cd1b927d44383aa9afb358191df97e4 (https://github.com/mozilla/rhino/commit/52e25f784cd1b927d44383aa9afb358191df97e4).


Version-Release number of selected component (if applicable):
Red Hat Enterprise Linux 7.2
csslint-0.10.0-2.el7.noarch
rhino-1.7R4-5.el7.noarch

How reproducible:
Every time

Steps to Reproduce:
1. Create a CSS file:
cat > xxx.css << "EOF"
.xxx {
    font-size: 125%;
}
EOF
2. Run csslint on it:
csslint xxx.css

Actual results:
csslint hangs

Expected results:
csslint should finish

Additional info:
Other packages installed:
 - java-1.7.0-openjdk-1.7.0.101-2.6.6.1.el7_2.x86_64

# java -version
java version "1.7.0_101"
OpenJDK Runtime Environment (rhel-2.6.6.1.el7_2-x86_64 u101-b00)
OpenJDK 64-Bit Server VM (build 24.95-b01, mixed mode)

syntastic-css is affected by this.  Saving a CSS file in vim makes it go
ballistic.




--- Additional comment from Guillaume Kulakowski on 2013-08-26 10:52:58 EDT ---

Work fine on EPEL6 with :
> java -version
> java version "1.6.0_24"
> OpenJDK Runtime Environment (IcedTea6 1.11.11.90) (rhel-1.62.1.11.11.90.el6_4-x86_64)
> OpenJDK 64-Bit Server VM (build 20.0-b12, mixed mode)

Perhaps un upstream bug with JAVA 7. A new version 0.10.0 exists. I try to update rpm.

--- Additional comment from Guillaume Kulakowski on 2013-08-27 04:40:00 EDT ---

Same with 0.10.0. I report an upstream bug

--- Additional comment from Guillaume Kulakowski on 2013-09-02 05:34:26 EDT ---

It's a Rhino upstream bug : 
 - https://github.com/stubbornella/csslint/issues/321
 - https://github.com/mozilla/rhino/issues/107

Fixed with the new Rhino release.

--- Additional comment from Cristian Ciupitu on 2013-12-22 15:03:46 EST ---

It's still happening with csslint-0.10.0-1.fc20.noarch and rhino-1.7R4-6.fc20.noarch.

--- Additional comment from Guillaume Kulakowski on 2014-01-14 11:02:14 EST ---

From #1011947: a patch is coming...

--- Additional comment from Guillaume Kulakowski on 2014-01-15 01:29:13 EST ---

Fixed (see Bug 1000670).

--- Additional comment from Guillaume Kulakowski on 2014-01-15 01:30:45 EST ---

Sorry, see Bug 1011947
Comment 2 Guillaume Kulakowski 2016-10-25 07:31:46 UTC 
Hum,

I think that Java isn't the beeter implementation of CSSLint... I think orphan this package to replace it by node's csslint...

what do you think ?
Comment 3 Elliott Baron 2016-10-28 22:08:40 UTC 
I think we should still try to fix this issue with an updated Rhino. Other programs using Rhino could be affected by this bug.
Comment 4 Elliott Baron 2016-11-07 21:52:25 UTC 
I have updated the summary to reflect that we are requesting a rebase to fix this bug.
Comment 13 Anna Khaitovich 2017-03-14 11:44:02 UTC 
Tested on version 1.7R5
Test case link: https://tcms.engineering.redhat.com/run/303367/#caserun_15274053
Old FAILED & New PASSED => FIXED
Comment 16 errata-xmlrpc 2017-08-01 20:28:52 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHBA-2017:1894
Note You need to log in before you can comment on or make changes to this bug.