[pcre-dev] [Bug 2049] New: infinite loop in pcre_dfa_exec.c

Top Page
This message is part of the following thread:
Mthe complete thread tree sorted by date
M 
admin at ->
Delete this message
Author: admin
Date:  
To: pcre-dev
Subject: [pcre-dev] [Bug 2049] New: infinite loop in pcre_dfa_exec.c
https://bugs.exim.org/show_bug.cgi?id=2049 

            Bug ID: 2049
           Summary: infinite loop in pcre_dfa_exec.c
           Product: PCRE
           Version: 8.40
          Hardware: x86-64
                OS: Linux
            Status: NEW
          Severity: bug
          Priority: medium
         Component: Code
          Assignee: ph10@???
          Reporter: ago@???
                CC: pcre-dev@???


Created attachment 989
--> https://bugs.exim.org/attachment.cgi?id=989&action=edit
stacktrace

Hello,

I found an infinite loop through fuzzing.
It was tested on version 8.40, compiled with clang-3.9.1

I don't know if it is related to 2047 and 2048.

Since pcre_dfa_exec.c is part of the library, you can consider this as a
security bug and change the severity.

Output, included stacktrace in attachment.

Command to reproduce:
# pcretest -16 -d $FILE

Reproducer:
https://github.com/asarubbo/poc/blob/master/00200-pcre-infiniteloop3

( I know that is preferable attach reproducer here, but this link won't expire
in the future )

--
You are receiving this mail because:
You are on the CC list for the bug.
This message was posted to the following mailing lists:
Pcre-dev
Mailing List Info | Nearby Messages		<-[pcre-dev] [Bug 2048] New: another infinite loop in pcre_exec.c[pcre-dev] [Bug 2050] New: two memory allocation failure in pcretest.c->
Tahini and Hummus and Cumin Development Archives administrated by cumin AdminsLurker (version 2.3)