Thanks for reporting the issue. That Gnulib file is shared with glibc, so I
installed the attached obvious fix there and am cc'ing the glibc list.
>From f615e3fced100914b1ee4d690f380deb69a4be70 Mon Sep 17 00:00:00 2001
From: Paul Eggert
Date: Wed, 21 Aug 2019 09:29:09 -0700
Subject: [PATCH] Remove dead regex code
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
* posix/regex_internal.c (re_node_set_insert):
Remove unnecessary assignment. Reported by Tim Rühsen in:
https://lists.gnu.org/r/bug-gnulib/2019-08/msg00026.html
---
ChangeLog | 5 +
posix/regex_internal.c | 1 -
2 files changed, 5 insertions(+), 1 deletion(-)
diff --git a/ChangeLog b/ChangeLog
index 2db09d2f18..182aa13353 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,5 +1,10 @@
2019-08-21 Paul Eggert
+ Remove dead regex code
+ * posix/regex_internal.c (re_node_set_insert):
+ Remove unnecessary assignment. Reported by Tim Rühsen in:
+ https://lists.gnu.org/r/bug-gnulib/2019-08/msg00026.html
+
Fix bad pointer / leak in regex code
This was found by Coverity (CID 1484201). [BZ#24844]
* posix/regex_internal.c (create_cd_newstate): Fix use of bad
diff --git a/posix/regex_internal.c b/posix/regex_internal.c
index f53ded93a8..99fbb26ecb 100644
--- a/posix/regex_internal.c
+++ b/posix/regex_internal.c
@@ -1311,7 +1311,6 @@ re_node_set_insert (re_node_set *set, Idx elem)
first element separately to skip a check in the inner loop. */
if (elem < set->elems[0])
{
- idx = 0;
for (idx = set->nelem; idx > 0; idx--)
set->elems[idx] = set->elems[idx - 1];
}
--
2.21.0
