* Salvatore Bonaccorso:
> Can you confirm that the packages at
> https://people.debian.org/~carnil/tmp/pcre3/jessie/ fix as well the
> case reported in #819050? The package at above link contain the
> proposed fixes which I submitted for the next Jessie point release and
> on top of it r1475 commit from upstream.
After installing libpcre3_8.35-3.3+deb8u3_amd64.deb, pcregrep no longer
crashes. Thank you very much.
> Can you otherwise provide a complete test case for #819050?
It turns out that this regex does not crash pcre on just any input. The
following line reproduces the bug for me using an with unpatched
libpcre3. Is this good enough?
echo /a/eaa | pcregrep
'\/(?:(?:s(?:ystem\/(?:logs|engine)\/[^\x2f]+?|e(?:rv(?:au|er)|ct)|gau\/.*?|alam|ucks|can|ke)|p(?:lugins\/content\/vote\/\.ssl\/[a-z0-9]|(?:rogcicic|atr)ic|osts?\/[a-z0-9]+)|(?=[a-z]*[0-9])(?=[0-9]*[a-z])(?!setup\d+\.exe$)[a-z0-9]{5,10}|a(?:d(?:min\/images\/\w+|obe)|(?:sala|kee)m|live)|(?:i(?:mage\/flags|nvoice)|xml\/load)\/[^\x2f]+|d(?:o(?:c(?:\/[a-z0-9]+)?|ne)|bust)|m(?:edia\/files\/\w+|arch)|~.+?\/\.[^\x2f]+\/.+?|c(?:onfig|hris|alc)|u(?:swinz\w+|pdate)|Ozonecrytedserver|w(?:or[dk]|insys)|fa(?:cture|soo)|n(?:otepad|ach)|k(?:be|ey|is)|(?:tes|ve)t|ArfBtxz|office|yhaooo|[a-z]|etna|link|\d+)\.exe$|(?:(?=[a-z0-9]*?[3456789][a-z0-9]*?[3456789])(?=[a-z0-9]*?[h-z])[a-z0-9]{3,31}\+|PasswordRecovery|RemoveWAT|Dejdisc|Host\d+|Msword)\.exe)'
Cheers,
-Hilko
