pcre2/pcre2-10.42-jit-fail-early-in-ffcps_-if-subject.patch

34 lines
905 B
Diff
Raw Permalink Normal View History

From f2411acb3711a44497539d17b245bd366d9c26d7 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Carlo=20Marcelo=20Arenas=20Bel=C3=B3n?= <carenas@gmail.com>
Date: Mon, 12 Dec 2022 08:32:42 -0800
Subject: [PATCH] jit: fail early in ffcps_* if subject shorter than offs1
(#175)
FF_FUN would try loading a vector from an invalid address
triggering a crash.
Add the same check that is done in the x86/s390x implementations
and that was missing from the original code.
Fixes: #86
---
src/pcre2_jit_neon_inc.h | 2 ++
1 file changed, 2 insertions(+)
diff --git a/src/pcre2_jit_neon_inc.h b/src/pcre2_jit_neon_inc.h
index e74adf12..165602ed 100644
--- a/src/pcre2_jit_neon_inc.h
+++ b/src/pcre2_jit_neon_inc.h
@@ -183,6 +183,8 @@ restart:;
#endif
#if defined(FFCPS)
+if (str_ptr >= str_end)
+ return NULL;
sljit_u8 *p1 = str_ptr - diff;
#endif
sljit_s32 align_offset = ((uint64_t)str_ptr & 0xf);
--
2.45.1