On 08/28/2014 11:47 PM, Santiago wrote: > El 16/08/14 a las 11:36, Paul Eggert escribió: >> > Santiago wrote: >>> > >Another solution would be to don't check if binary files are valid >>> > >(passing PCRE_NO_UTF8_CHECK to pcre_exec), but I don't know if that'd >>> > >avoid security holes >> > >> > It wouldn't. (We already tried it.) >> > > Another try. This patch is by far more efficient.
> * src/pcresearch.c (Pexecute): When pcre_exec returns an invalid > UTF8 character error, copies line_buf to an auxiliar buffer, s/auxiliar/auxiliary/ > removes invalid characters and evaluates against it. > * tests/pcre-infloop: Exit status is 1 again. > * tests/pcre-invalid-utf8-input: Check again if grep doesn't > abort. Also cheks for match after a second invalid character s/cheks/checks/ > + /* Change invalid UTF-8 characters (according to pcre_exec) to > '\0' */ > + while (e == PCRE_ERROR_BADUTF8){ Space before { > + line_utf8_clean[sub[0]+invalid_pos] = '\0'; Spaces around + -- Eric Blake eblake redhat com +1-919-301-3266 Libvirt virtualization library http://libvirt.org
signature.asc
Description: OpenPGP digital signature