[pcre-dev] [Bug 1767] PCRE Library Heap Overflow Vulnerabili…

Startseite
Diese Nachricht ist Teil des folgenden Threads:
M++++\Der komplette Thread sortiert nach Datum
MMMMMMadmin am <-
admin am ->
Nachricht löschen
Autor: admin
Datum:  
To: pcre-dev
Betreff: [pcre-dev] [Bug 1767] PCRE Library Heap Overflow Vulnerability
https://bugs.exim.org/show_bug.cgi?id=1767

Tomas Hoger <thoger@???> changed: 

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |thoger@???


--- Comment #3 from Tomas Hoger <thoger@???> ---
Problematic pattern can be simplified down to:

/((?J)(?'R'(?'R'(?'R'(?'R'(?'R'(?|(\k'R'))))))))/

Fix 8.39/9 sounds like it may be related, but I confirmed that the current svn
r1622 still crashes / reproduces valgrind errors on this pattern.

Apparently introduced in the named group handling code refactor in 8.34.

--
You are receiving this mail because:
You are on the CC list for the bug.
Diese Nachricht wurde auf der folgenden Mailing-List gepostet:
Pcre-dev
Mailing-List-Info | Nachrichten um die Zeit		<-[pcre-dev] [Bug 1783] New: An issue exists in the callout function of PCRE that leads to heap-buffer-overflow when strlen() inside pchars(pcre_uint8 *p, int length, FILE *f) calculates length and i[pcre-dev] [Bug 1743] Invalid memory accesses in pcretest.c->
Tahini and Hummus and Cumin Development Archives administriert von cumin AdminsLurker (Version 2.3)