https://bugs.exim.org/show_bug.cgi?id=1734
Bug ID: 1734
Summary: stack overflow in compile_branch
Product: PCRE
Version: 10.20 (PCRE2)
Hardware: x86
OS: Linux
Status: NEW
Severity: security
Priority: medium
Component: Code
Assignee: ph10@???
Reporter: hanno@???
CC: pcre-dev@???
Created attachment 849
-->
https://bugs.exim.org/attachment.cgi?id=849&action=edit
poc for stackoverflow
The attached file will cause a stack overflow in pcre2test (svn and 10.20
release version).
Address Sanitizer trace:
==18811==ERROR: AddressSanitizer: stack-buffer-overflow on address
0x7fffc12f92f8 at pc 0x00000053df6f bp 0x7fffc12f9190 sp 0x7fffc12f9188
WRITE of size 1 at 0x7fffc12f92f8 thread T0
#0 0x53df6e in compile_branch /f/pcre/pcre2-svn/src/pcre2_compile.c:7368:7
#1 0x519fc8 in compile_regex /f/pcre/pcre2-svn/src/pcre2_compile.c:7596:8
#2 0x514008 in pcre2_compile_8 /f/pcre/pcre2-svn/src/pcre2_compile.c:8566:7
#3 0x4f0f86 in pattern_info /f/pcre/pcre2-svn/src/pcre2test.c:3468:1
#4 0x4f0f86 in process_pattern /f/pcre/pcre2-svn/src/pcre2test.c:4774
#5 0x4f0f86 in main /f/pcre/pcre2-svn/src/pcre2test.c:7233
#6 0x7f93d5b52f9f in __libc_start_main
/var/tmp/portage/sys-libs/glibc-2.20-r2/work/glibc-2.20/csu/libc-start.c:289
#7 0x4188f5 in _start (/mnt/ram/pcre/pcre2test_svn+0x4188f5)
Found with afl/asan.
--
You are receiving this mail because:
You are on the CC list for the bug.
