[pcre-dev] [Bug 2320] Buffer Overflow in PCRE2 jit

Top Page

Reply to this message
Author: admin
Date:  
To: pcre-dev
Old-Topics: [pcre-dev] [Bug 2320] New: Buffer Overflow in PCRE2 jit
Subject: [pcre-dev] [Bug 2320] Buffer Overflow in PCRE2 jit
https://bugs.exim.org/show_bug.cgi?id=2320

--- Comment #11 from Zoltan Herczeg <hzmester@???> ---
Sorry for the confusion. There was another issue which affected pcre2 only.

This was fixed in pcre1 as well:
https://lists.exim.org/lurker/message/20180921.073411.514f4081.en.html

I am not sure you can reproduce it with pcre1 test system, but there might be a
creative way to do it.

The problem is: you need to pass "\r\n\n" to pcre_exec, but with a buffer size
of 2, not 3. It is easy to do it in a C program, but the pcre1 jit test
infrastructure is unable to do it at the moment. I don't know whether it is
possible with pcretest.

Still there might be a way to do it without manipulating the buffer size, but I
didnm't have time to figure it out. It is a good regex challenge.

--
You are receiving this mail because:
You are on the CC list for the bug.