[pcre-dev] [Bug 1503] PCRE Library Stack Overflow Vulnerabil…

Top Page
Delete this message
Author: Zoltan Herczeg
Date:  
To: pcre-dev
Subject: [pcre-dev] [Bug 1503] PCRE Library Stack Overflow Vulnerability
------- You are receiving this mail because: -------
You are on the CC list for the bug.

http://bugs.exim.org/show_bug.cgi?id=1503




--- Comment #5 from Zoltan Herczeg <hzmester@???> 2014-07-14 15:14:17 ---
Hi,

> My question is why the trailing /a?/ generates 'a?+' in the output?


The auto-possessification optimization.

> I try to back-port this patch, and after porting, 8.33 gives 'a?' only.


We have been redesigned that optimization recently. If you want to disable this
optimization, pass the O flag:

/(((a\2)|(a*)\g<-1>))*a?/BZO


--
Configure bugmail: http://bugs.exim.org/userprefs.cgi?tab=email