Fix a heap buffer overflow in pcretest causing infinite loop when matching globally with an ovector less than 2
This commit is contained in:
Petr Písař
parent
0e2bfdf9b8
commit
eabd8d5446
@ -0,0 +1,33 @@
|
||||
From 0fc2edb79b3815c6511fd75c36a57893e4acaee6 Mon Sep 17 00:00:00 2001
|
||||
From: ph10 <ph10@2f5784b3-3f2a-0410-8824-cb99058d5e15>
|
||||
Date: Sat, 27 Feb 2016 17:55:24 +0000
|
||||
Subject: [PATCH] Fix pcretest loop for global matching with an ovector size
|
||||
less than 2.
|
||||
MIME-Version: 1.0
|
||||
Content-Type: text/plain; charset=UTF-8
|
||||
Content-Transfer-Encoding: 8bit
|
||||
|
||||
git-svn-id: svn://vcs.exim.org/pcre/code/trunk@1637 2f5784b3-3f2a-0410-8824-cb99058d5e15
|
||||
|
||||
Petr Písař: Ported to 8.38.
|
||||
|
||||
diff --git a/pcretest.c b/pcretest.c
|
||||
index 63869fd..78ef517 100644
|
||||
--- a/pcretest.c
|
||||
+++ b/pcretest.c
|
||||
@@ -5617,6 +5617,12 @@ while (!done)
|
||||
break;
|
||||
}
|
||||
|
||||
+ if (use_size_offsets < 2)
|
||||
+ {
|
||||
+ fprintf(outfile, "Cannot do global matching with an ovector size < 2\n");
|
||||
+ break;
|
||||
+ }
|
||||
+
|
||||
/* If we have matched an empty string, first check to see if we are at
|
||||
the end of the subject. If so, the /g loop is over. Otherwise, mimic what
|
||||
Perl's /g options does. This turns out to be rather cunning. First we set
|
||||
--
|
||||
2.5.0
|
||||
|
||||
@ -77,6 +77,10 @@ Patch13: pcre-8.38-Fix-workspace-overflow-for-ACCEPT-with-deeply-nested.patch
|
||||
# groups with a nested back reference), bug #1295386, upstream bug #1767,
|
||||
# fixed in upstream after 8.38
|
||||
Patch14: pcre-8.38-Yet-another-duplicate-name-bugfix-by-overestimating-.patch
|
||||
# Fix a heap buffer overflow in pcretest causing infinite loop when matching
|
||||
# globally with an ovector less than 2, bug #1312786, upstream bug #1777,
|
||||
# fixed in upstream after 8.38
|
||||
Patch15: pcre-8.38-Fix-pcretest-loop-for-global-matching-with-an-ovecto.patch
|
||||
BuildRequires: readline-devel
|
||||
BuildRequires: autoconf
|
||||
BuildRequires: automake
|
||||
@ -140,6 +144,7 @@ Utilities demonstrating PCRE capabilities like pcregrep or pcretest.
|
||||
%patch12 -p1
|
||||
%patch13 -p1
|
||||
%patch14 -p1
|
||||
%patch15 -p1
|
||||
# Because of rpath patch
|
||||
libtoolize --copy --force
|
||||
autoreconf -vif
|
||||
@ -214,6 +219,8 @@ make %{?_smp_mflags} check VERBOSE=yes
|
||||
* Mon Feb 29 2016 Petr Pisar <ppisar@redhat.com> - 8.38-8
|
||||
- Fix CVE-2016-1283 (a heap buffer overflow in handling of nested duplicate
|
||||
named groups with a nested back reference) (bug #1295386)
|
||||
- Fix a heap buffer overflow in pcretest causing infinite loop when matching
|
||||
globally with an ovector less than 2 (bug #1312786)
|
||||
|
||||
* Thu Feb 11 2016 Petr Pisar <ppisar@redhat.com> - 8.38-7
|
||||
- Fix pcretest for expressions with a callout inside a look-behind assertion
|
||||
|
||||
Loading…
Reference in New Issue
Block a user