[pcre-dev] [Bug 1777] Heap buffer overflow in main function …

Startseite
Nachricht löschen
Autor: admin
Datum:  
To: pcre-dev
Alte Treads: [pcre-dev] [Bug 1777] New: Heap buffer overflow in main function of pcretest.c
Betreff: [pcre-dev] [Bug 1777] Heap buffer overflow in main function of pcretest.c
https://bugs.exim.org/show_bug.cgi?id=1777

--- Comment #4 from Philip Hazel <ph10@???> ---
(In reply to Tomas Hoger from comment #3)
> This is not the first \O1 issue recently. One was also fixed in 8.38/10.
> Is there a reason to have pcretest use arbitrary ovector sizes (without any
> warning) even if they do not match documented API requirement?


Yes, there is a reason: it is testing how the library behaves when it is called
with parameters that do not match documented API requirements. After all, it is
the *library* that is the product, not pcretest. Fuzzing with pcretest has the
effect of testing pcretest as well as the library, which is good, but a bit
misleading. Some fuzzing testers are doing it by calling the library directly,
not via pcretest, which avoids this issue.

Having said all that, in PCRE2 it is impossible to run a match with an ovector
that is too small to hold even one set of match data.

--
You are receiving this mail because:
You are on the CC list for the bug.