[pcre-dev] [Bug 1767] PCRE Library Heap Overflow Vulnerabili…

Page principale
Supprimer ce message
Auteur: admin
Date:  
À: pcre-dev
Sujet: [pcre-dev] [Bug 1767] PCRE Library Heap Overflow Vulnerability
https://bugs.exim.org/show_bug.cgi?id=1767

Tomas Hoger <thoger@???> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |thoger@???


--- Comment #3 from Tomas Hoger <thoger@???> ---
Problematic pattern can be simplified down to:

/((?J)(?'R'(?'R'(?'R'(?'R'(?'R'(?|(\k'R'))))))))/

Fix 8.39/9 sounds like it may be related, but I confirmed that the current svn
r1622 still crashes / reproduces valgrind errors on this pattern.

Apparently introduced in the named group handling code refactor in 8.34.

--
You are receiving this mail because:
You are on the CC list for the bug.