[pcre-dev] [Bug 1667] PCRE Library Heap Overflow Vulnerabili…

Top Page
Delete this message
Author: admin
Date:  
To: pcre-dev
Subject: [pcre-dev] [Bug 1667] PCRE Library Heap Overflow Vulnerability
https://bugs.exim.org/show_bug.cgi?id=1667

Philip Hazel <ph10@???> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
         Resolution|---                         |FIXED
             Status|NEW                         |RESOLVED


--- Comment #1 from Philip Hazel <ph10@???> ---
This bug, and a similar one, are fixed in PCRE2 by some refactoring that
handles named and numbered groups in a different way. In PCRE1 (this code) I
have hacked in a fix that will sometimes over-allocate memory by a little bit,
but that is better than under-allocation. The fix is committed to the SVN
repository and will be in the 8.38 release, which will probably come out some
time in September.

--
You are receiving this mail because:
You are on the CC list for the bug.