https://bugs.exim.org/show_bug.cgi?id=2195
Bug ID: 2195
Summary: Use of uninitialized variable
Product: PCRE
Version: 8.41
Hardware: All
OS: All
Status: NEW
Severity: bug
Priority: medium
Component: Code
Assignee: ph10@???
Reporter: jayhugard@???
CC: pcre-dev@???
If SUPPORT_UTF is defined but SUPPORT_UCP is NOT defined, then OP_NOTI will
produce spurious results (bad case-insensitive match).
See rev# 1707 pcre_dfa_exec.c line 2290
(
https://vcs.pcre.org/pcre/code/tags/pcre-8.41/pcre_dfa_exec.c?revision=1707&view=markup)
The line
2290: unsigned int otherd;
should probably be
2290: pcre_uint32 otherd = NOTACHAR;
Otherwise, the value `otherd` (match-character-alt-case) will be undefined and
may incorrectly match the current character when the following conditions are
met:
- SUPPORT_UTF is defined
- SUPPORT_UCP is NOT defined
- md->poptions & PCRE_UTF8 != 0
- number of data items in current character >= 1 (not end of subject)
- match character >= 128
- current character == the uninitialized value of otherd
=> results in a false positive match
--
You are receiving this mail because:
You are on the CC list for the bug.
