[pcre-dev] [Bug 1667] PCRE Library Heap Overflow Vulnerabili…

Top Page
This message is part of the following thread:
Mthe complete thread tree sorted by date
Madmin at <-
 
Delete this message
Author: admin
Date:  
To: pcre-dev
Subject: [pcre-dev] [Bug 1667] PCRE Library Heap Overflow Vulnerability
https://bugs.exim.org/show_bug.cgi?id=1667

Philip Hazel <ph10@???> changed: 

           What    |Removed                     |Added
----------------------------------------------------------------------------
         Resolution|---                         |FIXED
             Status|NEW                         |RESOLVED


--- Comment #1 from Philip Hazel <ph10@???> ---
This bug, and a similar one, are fixed in PCRE2 by some refactoring that
handles named and numbered groups in a different way. In PCRE1 (this code) I
have hacked in a fix that will sometimes over-allocate memory by a little bit,
but that is better than under-allocation. The fix is committed to the SVN
repository and will be in the 8.38 release, which will probably come out some
time in September.

--
You are receiving this mail because:
You are on the CC list for the bug.
This message was posted to the following mailing lists:
Pcre-dev
Mailing List Info | Nearby Messages		<-[pcre-dev] [Bug 1667] New: PCRE Library Heap Overflow Vulnerability[pcre-dev] [Bug 1665] Switch -ql quiet files-with-matches should not show files with matches->
Tahini and Hummus and Cumin Development Archives administrated by cumin AdminsLurker (version 2.3)