https://bugs.exim.org/show_bug.cgi?id=2330
Alex Murray <alex.murray@???> changed:
What |Removed |Added
----------------------------------------------------------------------------
Resolution|ALREADY_FIXED |---
Status|RESOLVED |REOPENED
CC| |alex.murray@???
--- Comment #2 from Alex Murray <alex.murray@???> ---
I have reworked the PoC into one which works just with libpcre directly without
glib - and with this I can reproduce the crash with pcre-8.42.
I downloaded and compiled pcre-8.42 as follows:
$ tar xf pcre-8.42.tar.gz
$ cd pcre-8.42
$ ./configure --enable-unicode-properties
$ make
$ cd ..
$ cd PoC
$ gcc PoC.c ../pcre-8.42/.libs/libpcre.a -o PoC_8.42
$ gdb -q --ex=r --args ./PoC_8.42
Reading symbols from ./PoC_8.42...done.
Starting program: /home/amurray/lp1798725/PoC_PCRE/PoC_8.42
Content:
-------------------
n�=
-------------------
Pattern:
-------------------
\s*=
---------------------
Program received signal SIGSEGV, Segmentation fault.
0x00005555555637d2 in match (eptr=0x7fffffffe3c5 "\377=", ecode=<optimised
out>, mstart=0x7fffffffe3c5 "\377=", offset_top=2, md=0x7fffffffe200,
eptrb=0x0, rdepth=<optimised out>) at pcre_exec.c:5534
5534 if ((UCD_CATEGORY(c) == ucp_Z) == prop_fail_result)
(gdb) bt
#0 0x00005555555637d2 in match (eptr=0x7fffffffe3c5 "\377=", ecode=<optimised
out>, mstart=0x7fffffffe3c5 "\377=", offset_top=2, md=0x7fffffffe200,
eptrb=0x0, rdepth=<optimised out>) at pcre_exec.c:5534
#1 0x0000555555572ba9 in pcre_exec (argument_re=0x55555578d670,
extra_data=0x0, subject=<optimised out>, length=3, start_offset=0,
options=8192, offsets=0x55555578d6d0, offsetcount=3) at pcre_exec.c:6936
#2 0x0000555555554e87 in main ()
--
You are receiving this mail because:
You are on the CC list for the bug.
