[pcre-dev] [Bug 1503] PCRE Library Stack Overflow Vulnerabil…

Top Page
Delete this message
Author: Petr Pisar
Date:  
To: pcre-dev
Subject: [pcre-dev] [Bug 1503] PCRE Library Stack Overflow Vulnerability
------- You are receiving this mail because: -------
You are on the CC list for the bug.

http://bugs.exim.org/show_bug.cgi?id=1503

Petr Pisar <ppisar@???> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |ppisar@???





--- Comment #4 from Petr Pisar <ppisar@???> 2014-07-14 14:13:57 ---
The testoutput2 change is:

+/(((a\2)|(a*)\g<-1>))*a?/BZ
+------------------------------------------------------------------
+        Bra
+        Brazero
+        SCBra 1
+        Once
+        CBra 2
+        CBra 3
+        a
+        \2
+        Ket
+        Alt
+        CBra 4
+        a*
+        Ket
+        Recurse
+        Ket
+        Ket
+        KetRmax
+        a?+
+        Ket
+        End
+------------------------------------------------------------------
+


My question is why the trailing /a?/ generates 'a?+' in the output?

I try to back-port this patch, and after porting, 8.33 gives 'a?' only.


--
Configure bugmail: http://bugs.exim.org/userprefs.cgi?tab=email