[pcre-dev] [Bug 2330] Content "n\xff=" can crash libpcre whe…

Kezdőlap
Üzenet törlése
Szerző: admin
Dátum:  
Címzett: pcre-dev
Tárgy: [pcre-dev] [Bug 2330] Content "n\xff=" can crash libpcre when an application is matching the pattern \s*=
https://bugs.exim.org/show_bug.cgi?id=2330

Zoltan Herczeg <hzmester@???> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |hzmester@???


--- Comment #7 from Zoltan Herczeg <hzmester@???> ---
(In reply to Alex Murray from comment #6)
> So the issue then is in glib - my PoC reproduces what glib calls into pcre
> with - so glib needs to add validation that it is valid utf8 before calling
> into pcre then right?


Validation can be done by removing PCRE_NO_UTF8_CHECK option. If your input is
big this can take long time however. Furthermore if you perform a match
multiple times against the same subject string the checking is done the same
number of times which is not performance efficient.

(Note: next release of pcre2 will support invalid utf subject string when JIT
compiling is used)

--
You are receiving this mail because:
You are on the CC list for the bug.