[pcre-dev] [Bug 2079] New: heapb based buffer overflow write…

Top Page

Reply to this message
Author: admin
Date:  
To: pcre-dev
New-Topics: [pcre-dev] [Bug 2079] heap based buffer overflow write in pcre2_get_error_message_32, [pcre-dev] [Bug 2079] heap based buffer overflow write in pcre2_get_error_message_32
Subject: [pcre-dev] [Bug 2079] New: heapb based buffer overflow write in pcre2_get_error_message_32
https://bugs.exim.org/show_bug.cgi?id=2079

            Bug ID: 2079
           Summary: heapb based buffer overflow write in
                    pcre2_get_error_message_32
           Product: PCRE
           Version: 10.23 (PCRE2)
          Hardware: x86-64
                OS: Linux
            Status: NEW
          Severity: security
          Priority: medium
         Component: Code
          Assignee: ph10@???
          Reporter: ago@???
                CC: pcre-dev@???


Created attachment 1007
--> https://bugs.exim.org/attachment.cgi?id=1007&action=edit
stacktrace

Hello,

I found an heap overflow write through fuzzing.
It was tested on version 10.23, compiled with clang-3.9.1

Output, included stacktrace in attachment.

Command to reproduce:
# pcretest -d -i -32 $FILE

Reproducer:
https://github.com/asarubbo/poc/blob/master/00220-pcre2-heapoverflow-pcre2_get_error_message_32

( I know that is preferable attach reproducer here, but this link won't expire
in the future )
If someone think that it will expire, feel free to download it and reattach it
here.

--
You are receiving this mail because:
You are on the CC list for the bug.