Hi;
Am Tue, 14 May 2013 18:30:32 +0200
schrieb Ralf Junker <ralfjunker@???>:
> The following C code triggers an AV in pcre_dfa_exec(), followed by an
> application crash. I was unable to reproduce this with pcretest, but
> this C code triggers the problem reliably.
Attached patch fixes this.
Regards,
Christian
From 874c77520e81f88600df487914c8e2bc51c6831a Mon Sep 17 00:00:00 2001
From: Christian Persch <chpe@???>
Date: Wed, 15 May 2013 14:24:58 +0200
Subject: [PATCH] dfa: Fix invalid read
---
pcre_dfa_exec.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/pcre_dfa_exec.c b/pcre_dfa_exec.c
index 8211760..0fe10b5 100644
--- a/pcre_dfa_exec.c
+++ b/pcre_dfa_exec.c
@@ -636,7 +636,7 @@ for (;;)
const pcre_uchar *code;
int state_offset = current_state->offset;
int codevalue, rrc;
- unsigned int count;
+ int count;
#ifdef PCRE_DEBUG
printf ("%.*sProcessing state %d c=", rlevel*2-2, SP, state_offset);
--
1.7.12.503.g5976753.dirty
