[pcre-dev] [Bug 2337] possible integer overflow in function …

Top Page

Reply to this message
Author: admin
Date:  
To: pcre-dev
Subject: [pcre-dev] [Bug 2337] possible integer overflow in function find_minlength in pcre_study.c
https://bugs.exim.org/show_bug.cgi?id=2337

Philip Hazel <ph10@???> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Status|NEW                         |RESOLVED
         Resolution|---                         |WONTFIX


--- Comment #1 from Philip Hazel <ph10@???> ---
In principle, I think you are right. However, PCRE1 is in "fix only serious
bugs" mode, and I do not think this comes into that category. In PCRE2, the
minimum length field is 16-bits, and there is checking for overflow while it is
being computed. In PCRE1 the field is actually 32-bits wide. You would have to
work hard to craft a pattern that had a minimum matching length that would
overflow 32 bits, and even if you did, all that would happen is that the
recorded minimum matching length would be some smaller number, which is not
very serious.

Thank you for reporting the issue, but I do not intend to take any action.

--
You are receiving this mail because:
You are on the CC list for the bug.