https://bugs.exim.org/show_bug.cgi?id=2777
Mehmet gelisin <mehmetgelisin@???> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |mehmetgelisin@???
--- Comment #2 from Mehmet gelisin <mehmetgelisin@???> ---
I. Summary
PCRE is a regular expression C library inspired
http://www-look-4.com/ by the
regular expression capabilities in the Perl programming language. The PCRE
library is incorporated into
http://www.iu-bloomington.com/ a number of
prominent programs, such as Adobe Flash, Apache, Nginx, PHP.
PCRE library is prone to a vulnerability which leads to Heap Overflow. During
the compilation of
https://www.webb-dev.co.uk/ a malformed regular expression,
more data is written on the malloced block than the expected size output by
compile_regex. Exploits with advanced Heap
https://waytowhatsnext.com/
Fengshui techniques may allow an attacker to execute arbitrary code in the
context of the user running the affected application.
------------------------------------------------------------------
II. Description
http://www.acpirateradio.co.uk/
Latest version of PCRE is prone to a Heap Overflow vulnerability which could
caused by the following regular expression.
/(?J:(?|(:(?|(?'R')(\z(?|(?'R')(\k'R')|((?'R')))k'R')|((?'R')))H'Ak'Rf)|s(?'R')))/
http://www.logoarts.co.uk/
A dry run of this particular regular expression with pcretest will reports
"double free or corruption (!prev)".
But it is actually a heap overflow problem.
It is a similar problem as discussed.
http://www.slipstone.co.uk/
Following test is conveyed with svn updated version of pcre,
Here is the memory layout of re(its size is 248) just before the second
compile_regexp():
http://embermanchester.uk/
==============================================================
(gdb) x/256b 0x1f8a8a0
0x1f8a8a0: [0x45 0x52 0x43 0x50 0xf8 0x00 0x00 0x00
0x1f8a8a8: 0x00 0x00 0x00 0x00 0x00 0x04 0x00 0x00
0x1f8a8b0: 0xff 0xff 0xff 0xff 0xff 0xff 0xff 0xff
0x1f8a8b8: 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00
0x1f8a8c0: 0x00 0x00 0x40 0x00 0x04 0x00 0x05 0x00
http://connstr.net/
I. Summary
PCRE is a regular expression C library inspired by the regular expression
capabilities in the Perl programming language. The PCRE library is incorporated
into a number of prominent programs, such as Adobe Flash, Apache, Nginx, PHP.
PCRE library is prone to http://joerg.li/
a vulnerability which leads to Heap Overflow. During the compilation of a
malformed regular expression, more data is written on the malloced block than
the expected size output by compile_regex. Exploits with advanced Heap Fengshui
techniques may allow an attacker to execute arbitrary code in the context of
the user running the affected application. http://www.jopspeech.com/
------------------------------------------------------------------
II. Description
Latest version of PCRE is prone to a Heap Overflow vulnerability which could
caused by the following regular expression.
/(?J:(?|(:(?|(?'R')(\z(?|(?'R')(\k'R')|((?'R')))k'R')|((?'R')))H'Ak'Rf)|s(?'R')))/
http://www.wearelondonmade.com/
A dry run of this particular regular expression with pcretest will reports
"double free or corruption (!prev)".
But it is actually a heap overflow problem.
It is a similar problem as discussed.
Following test is conveyed with svn updated version of pcre,
Here is the memory layout of re(its size is 248) just before the second
compile_regexp():
==============================================================
(gdb) x/256b 0x1f8a8a0
http://www.compilatori.com/
0x1f8a8a0: [0x45 0x52 0x43 0x50 0xf8 0x00 0x00 0x00
0x1f8a8a8: 0x00 0x00 0x00 0x00 0x00 0x04 0x00 0x00
0x1f8a8b0: 0xff 0xff 0xff 0xff 0xff 0xff 0xff 0xff
0x1f8a8b8: 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00
0x1f8a8c0: 0x00 0x00 0x40 0x00 0x04 0x00 0x05 0x00
--
You are receiving this mail because:
You are on the CC list for the bug.
