Fix a memory leak in pcre2_serialize_decode() when the input is invalid
This commit is contained in:
parent
9c421654ce
commit
2dafff6438
@ -0,0 +1,40 @@
|
|||||||
|
From 0fece4355e2a5d494936d285eb200314112c9a8b Mon Sep 17 00:00:00 2001
|
||||||
|
From: ph10 <ph10@6239d852-aaf2-0410-a92c-79f79f948069>
|
||||||
|
Date: Tue, 21 Mar 2017 16:25:01 +0000
|
||||||
|
Subject: [PATCH] Fix memory leak when deserializing invalid data (Bugzilla
|
||||||
|
2075).
|
||||||
|
MIME-Version: 1.0
|
||||||
|
Content-Type: text/plain; charset=UTF-8
|
||||||
|
Content-Transfer-Encoding: 8bit
|
||||||
|
|
||||||
|
git-svn-id: svn://vcs.exim.org/pcre2/code/trunk@693 6239d852-aaf2-0410-a92c-79f79f948069
|
||||||
|
|
||||||
|
Petr Písař: Ported to 10.23.
|
||||||
|
|
||||||
|
diff --git a/src/pcre2_serialize.c b/src/pcre2_serialize.c
|
||||||
|
index 0af26d8..d2cc603 100644
|
||||||
|
--- a/src/pcre2_serialize.c
|
||||||
|
+++ b/src/pcre2_serialize.c
|
||||||
|
@@ -7,7 +7,7 @@ and semantics are as close as possible to those of the Perl 5 language.
|
||||||
|
|
||||||
|
Written by Philip Hazel
|
||||||
|
Original API code Copyright (c) 1997-2012 University of Cambridge
|
||||||
|
- New API code Copyright (c) 2016 University of Cambridge
|
||||||
|
+ New API code Copyright (c) 2016-2017 University of Cambridge
|
||||||
|
|
||||||
|
-----------------------------------------------------------------------------
|
||||||
|
Redistribution and use in source and binary forms, with or without
|
||||||
|
@@ -214,7 +214,10 @@ for (i = 0; i < number_of_codes; i++)
|
||||||
|
if (dst_re->magic_number != MAGIC_NUMBER ||
|
||||||
|
dst_re->name_entry_size > MAX_NAME_SIZE + IMM2_SIZE + 1 ||
|
||||||
|
dst_re->name_count > MAX_NAME_COUNT)
|
||||||
|
+ {
|
||||||
|
+ memctl->free(dst_re, memctl->memory_data);
|
||||||
|
return PCRE2_ERROR_BADSERIALIZEDDATA;
|
||||||
|
+ }
|
||||||
|
|
||||||
|
/* At the moment only one table is supported. */
|
||||||
|
|
||||||
|
--
|
||||||
|
2.7.4
|
||||||
|
|
@ -51,6 +51,9 @@ Patch4: pcre2-10.23-Fix-pcre2test-bug-for-global-match-with-zero-termina.pat
|
|||||||
# Close serialization file in pcre2test after any error, upstream bug #2074,
|
# Close serialization file in pcre2test after any error, upstream bug #2074,
|
||||||
# in upstream after 10.23
|
# in upstream after 10.23
|
||||||
Patch5: pcre2-10.23-Close-serialization-file-in-pcre2test-after-any-erro.patch
|
Patch5: pcre2-10.23-Close-serialization-file-in-pcre2test-after-any-erro.patch
|
||||||
|
# Fix a memory leak in pcre2_serialize_decode() when the input is invalid,
|
||||||
|
# upstream bug #2075, in upsream after 10.23.
|
||||||
|
Patch6: pcre2-10.23-Fix-memory-leak-when-deserializing-invalid-data-Bugz.patch
|
||||||
BuildRequires: autoconf
|
BuildRequires: autoconf
|
||||||
BuildRequires: automake
|
BuildRequires: automake
|
||||||
BuildRequires: coreutils
|
BuildRequires: coreutils
|
||||||
@ -132,6 +135,7 @@ Utilities demonstrating PCRE2 capabilities like pcre2grep or pcre2test.
|
|||||||
%patch3 -p1
|
%patch3 -p1
|
||||||
%patch4 -p1
|
%patch4 -p1
|
||||||
%patch5 -p1
|
%patch5 -p1
|
||||||
|
%patch6 -p1
|
||||||
# Because of multilib patch
|
# Because of multilib patch
|
||||||
libtoolize --copy --force
|
libtoolize --copy --force
|
||||||
autoreconf -vif
|
autoreconf -vif
|
||||||
@ -232,6 +236,8 @@ make %{?_smp_mflags} check VERBOSE=yes
|
|||||||
%changelog
|
%changelog
|
||||||
* Wed Mar 22 2017 Petr Pisar <ppisar@redhat.com> - 10.23-4
|
* Wed Mar 22 2017 Petr Pisar <ppisar@redhat.com> - 10.23-4
|
||||||
- Close serialization file in pcre2test after any error (upstream bug #2074)
|
- Close serialization file in pcre2test after any error (upstream bug #2074)
|
||||||
|
- Fix a memory leak in pcre2_serialize_decode() when the input is invalid
|
||||||
|
(upstream bug #2075)
|
||||||
|
|
||||||
* Mon Mar 20 2017 Petr Pisar <ppisar@redhat.com> - 10.23-3
|
* Mon Mar 20 2017 Petr Pisar <ppisar@redhat.com> - 10.23-3
|
||||||
- Fix an internal error for a forward reference in a lookbehind with
|
- Fix an internal error for a forward reference in a lookbehind with
|
||||||
|
Loading…
Reference in New Issue
Block a user