[pcre-dev] [Bug 2124] New: Regular expression causes endless…

Top Page

Reply to this message
Author: admin
Date:  
To: pcre-dev
New-Topics: [pcre-dev] [Bug 2124] Regular expression causes endless? looping in pcre2_match_8
Subject: [pcre-dev] [Bug 2124] New: Regular expression causes endless? looping in pcre2_match_8
https://bugs.exim.org/show_bug.cgi?id=2124

            Bug ID: 2124
           Summary: Regular expression causes endless? looping in
                    pcre2_match_8
           Product: PCRE
           Version: 10.23 (PCRE2)
          Hardware: x86-64
                OS: Linux
            Status: NEW
          Severity: bug
          Priority: medium
         Component: Code
          Assignee: ph10@???
          Reporter: tony@???
                CC: pcre-dev@???


We hit a problem with PCRE2 in combination with ClamAV. We reported this to
ClamAV first (https://bugzilla.clamav.net/show_bug.cgi?id=11831), but
apparently the issue is actually in PCRE2. The command from the ClamAV
developer was "I found it to be looping in the function pcre2_match_8()", but I
haven't tried to verify this myself.

The ClamAV debug output has this, which shows the expression that's causing the
problem:

LibClamAV debug: cli_pcre_scanbuf: checking 0; running regex
/[A-Za-z0-9]+\s*=\s*(\x22|\x27)\s*(?:[A-Za-z0-9+\/]{4})*(?:[A-Za-z0-9+\/]{2}==|[A-Za-z0-9+\/]{3}=|[A-Za-z0-9+\/]{6})\s*(\x22|\x27)\s+/
LibClamAV debug: cli_pcre_scanbuf: triggered 0; running regex
/[A-Za-z0-9]+\s*=\s*(\x22|\x27)\s*(?:[A-Za-z0-9+\/]{4})*(?:[A-Za-z0-9+\/]{2}==|[A-Za-z0-9+\/]{3}=|[A-Za-z0-9+\/]{6})\s*(\x22|\x27)\s+/
(global)

We can easily reproduce within ClamAV, but I'm not familiar enough with PCRE2
to know how I could try to reproduce outside of that. I'm happy to try to
produce and provide exact steps if you could maybe give me a starting point for
doing that?

Let me know if there's any more info that we can provide.

--
You are receiving this mail because:
You are on the CC list for the bug.