Patch augeas for CVE-2025-2588 [MEDIUM] (#13207)

(cherry picked from commit a76e674)

Author: jslobodzian

SPECS/augeas/CVE-2025-2588.patch

@@ -0,0 +1,80 @@
+From 42632cb7d0103fbf871fb698e7648ba925eec254 Mon Sep 17 00:00:00 2001
+From: Alexander Bokovoy <abokovoy@redhat.com>
+Date: Mon, 24 Mar 2025 09:48:19 +0200
+Subject: [PATCH] CVE-2025-2588: return _REG_ENOSYS if no specific error was
+ set yet parse_regexp failed
+
+parse_regexp() supposed to set an error on the parser state in case of a
+failure. If no specific error was set, return _REG_ENOSYS to indicate a
+generic failure.
+
+Fixes: https://github.com/hercules-team/augeas/issues/671
+Fixes: https://github.com/hercules-team/augeas/issues/778
+Fixes: https://github.com/hercules-team/augeas/issues/852
+
+Signed-off-by: Alexander Bokovoy <abokovoy@redhat.com>
+---
+ src/fa.c       | 3 +++
+ src/fa.h       | 3 ++-
+ tests/fatest.c | 6 ++++++
+ 3 files changed, 11 insertions(+), 1 deletion(-)
+
+diff --git a/src/fa.c b/src/fa.c
+index 66ac70784..14f2472ad 100644
+--- a/src/fa.c
++++ b/src/fa.c
+@@ -32,6 +32,7 @@
+ #include <config.h>
+ #include <limits.h>
+ #include <ctype.h>
++#include <regex.h>
+ #include <stdbool.h>
+ 
+ #include "internal.h"
+@@ -3550,6 +3551,8 @@ static struct re *parse_regexp(struct re_parse *parse) {
+     return re;
+ 
+  error:
++    if (re == NULL && parse->error == REG_NOERROR)
++        parse->error = _REG_ENOSYS;
+     re_unref(re);
+     return NULL;
+ }
+diff --git a/src/fa.h b/src/fa.h
+index 1fd754ad0..89c9b17e9 100644
+--- a/src/fa.h
++++ b/src/fa.h
+@@ -81,7 +81,8 @@ extern int fa_minimization_algorithm;
+  *
+  * On success, FA points to the newly allocated automaton constructed for
+  * RE, and the function returns REG_NOERROR. Otherwise, FA is NULL, and the
+- * return value indicates the error.
++ * return value indicates the error. Special value _REG_ENOSYS indicates
++ * fa_compile() couldn't identify the syntax issue with regexp.
+  *
+  * The FA is case sensitive. Call FA_NOCASE to switch it to
+  * case-insensitive.
+diff --git a/tests/fatest.c b/tests/fatest.c
+index 0c9ca7696..6717af8f4 100644
+--- a/tests/fatest.c
++++ b/tests/fatest.c
+@@ -589,6 +589,7 @@ static void testExpandNoCase(CuTest *tc) {
+     const char *p1 = "aB";
+     const char *p2 = "[a-cUV]";
+     const char *p3 = "[^a-z]";
++    const char *wrong_regexp = "{&.{";
+     char *s;
+     size_t len;
+     int r;
+@@ -607,6 +608,11 @@ static void testExpandNoCase(CuTest *tc) {
+     CuAssertIntEquals(tc, 0, r);
+     CuAssertStrEquals(tc, "[^A-Za-z]", s);
+     free(s);
++
++    /* Test that fa_expand_nocase does return _REG_ENOSYS */
++    r = fa_expand_nocase(wrong_regexp, strlen(wrong_regexp), &s, &len);
++    CuAssertIntEquals(tc, _REG_ENOSYS, r);
++    free(s);
+ }
+ 
+ static void testNoCaseComplement(CuTest *tc) {

SPECS/augeas/augeas.spec

@@ -1,13 +1,15 @@
 Summary:        A library for changing configuration files
 Name:           augeas
 Version:        1.12.0
-Release:        5%{?dist}
+Release:        6%{?dist}
 License:        LGPLv2+
 Vendor:         Microsoft Corporation
 Distribution:   Mariner
 URL:            https://augeas.net/
 Source0:        http://download.augeas.net/%{name}-%{version}.tar.gz
 
+Patch0:         CVE-2025-2588.patch
+
 BuildRequires:  gcc
 BuildRequires:  libselinux-devel
 BuildRequires:  libxml2-devel
@@ -50,6 +52,7 @@ read files.
 
 %prep
 %setup -q
+%autopatch -p1
 
 %build
 %configure \
@@ -106,6 +109,9 @@ rm -f %{buildroot}%{_bindir}/dump
 %{_libdir}/pkgconfig/augeas.pc
 
 %changelog
+* Sun Mar 30 2025 Kshitiz Godara <kgodara@microsoft.com> - 1.12.0-6
+- Fix CVE-2025-2588 with an upstream patch
+
 * Wed Sep 20 2023 Jon Slobodzian <joslobo@microsoft.com> - 1.12.0-5
 - Recompile with stack-protection fixed gcc version (CVE-2023-4039)