[pcre-dev] [Bug 2380] PCRE 8.43 and Undefined Behavior sanit…

Top Page

Reply to this message
Author: admin
Date:  
To: pcre-dev
Subject: [pcre-dev] [Bug 2380] PCRE 8.43 and Undefined Behavior sanitizer findings
https://bugs.exim.org/show_bug.cgi?id=2380

--- Comment #4 from Jeffrey Walton <noloader@???> ---
(In reply to Philip Hazel from comment #3)
> Thank you for the patch. I have saved it and will apply it when next working
> on PCRE1.


No problems. It is a public domain gift to the project with no license or
terms. Use it how you like.

A number of other projects still depend on PCRE1. For example, Coreutils,
ClamAV, cURL, Git, Less, and Wget. That's why I need to move on some of these
items. Otherwise, I would just use PCRE2.

------

The one change I was not sure about is this. You may need to fiddle with it:

+++ pcretest.c
@@ -4445,7 +4445,7 @@

           if (extra != NULL)
             {
-            if (fwrite(extra->study_data, 1, true_study_size, f) <
+            if (extra->study_data && fwrite(extra->study_data, 1,
true_study_size, f) <
                 true_study_size)
               {
fprintf(outfile, "Write error on %s: %s\n", to_file,


This may be a better choice:

+ if (extra->study_data == NULL || fwrite(extra->study_data, 1,
true_study_size, f) < true_study_size)

--
You are receiving this mail because:
You are on the CC list for the bug.