Re: [pcre-dev] Typo about (?^)
On 2021-06-20 11:27, Philip Hazel wrote: A little bit further up from what you quoted, the docs say this: "The two "extended" options are not independent; unsetting either one cancels the effects of both of them." So (?-x) and (?-xx) are the same, and unset both (?x) and (?xx). I apologize for my carelessness. -- ## List details at https://lists.exim.org/mailman/listinfo/pcre-dev
[pcre-dev] [Bug 2776] pcre2_match.cin PCRE2 10.23 stack-overflow.
https://bugs.exim.org/show_bug.cgi?id=2776 Philip Hazel changed: What|Removed |Added Resolution|--- |INVALID Status|NEW |RESOLVED --- Comment #1 from Philip Hazel --- 10.23 is very old code (released in 2017). Since then, the way pcre2_match() works has been rewritten so as not to use the stack for backtracking. The current release is 10.37. Please try your test on the latest release. -- You are receiving this mail because: You are on the CC list for the bug. -- ## List details at https://lists.exim.org/mailman/listinfo/pcre-dev
[pcre-dev] [Bug 2774] pcretest.c in PCRE 8.40 allows remote attackers to cause a denial of service (heap-based buffer overflow)
https://bugs.exim.org/show_bug.cgi?id=2774 Philip Hazel changed: What|Removed |Added Status|NEW |RESOLVED Resolution|--- |WONTFIX --- Comment #1 from Philip Hazel --- PCRE1 is at end-of-life. The final 8.45 release has recently happened. -- You are receiving this mail because: You are on the CC list for the bug. -- ## List details at https://lists.exim.org/mailman/listinfo/pcre-dev
[pcre-dev] [Bug 2773] pcretest.c in PCRE 8.40 allows remote attackers to cause a denial of service (heap-based buffer overflow)
https://bugs.exim.org/show_bug.cgi?id=2773 Philip Hazel changed: What|Removed |Added Status|NEW |RESOLVED Resolution|--- |WONTFIX --- Comment #1 from Philip Hazel --- PCRE1 is at end-of-life. The final 8.45 release has recently happened. -- You are receiving this mail because: You are on the CC list for the bug. -- ## List details at https://lists.exim.org/mailman/listinfo/pcre-dev
[pcre-dev] [Bug 2775] pcre_exec.c in PCRE 8.40 allows remote attackers to cause stack-overflow.
https://bugs.exim.org/show_bug.cgi?id=2775 Philip Hazel changed: What|Removed |Added Resolution|--- |WONTFIX Status|NEW |RESOLVED --- Comment #1 from Philip Hazel --- PCRE1 is at end-of-life. The final 8.45 release has recently happened. In any case, stack overflow in PCRE1 is a well-known issue that can be dealt with by setting suitable limits. -- You are receiving this mail because: You are on the CC list for the bug. -- ## List details at https://lists.exim.org/mailman/listinfo/pcre-dev
[pcre-dev] [Bug 2776] New: pcre2_match.cin PCRE2 10.23 stack-overflow.
https://bugs.exim.org/show_bug.cgi?id=2776 Bug ID: 2776 Summary: pcre2_match.cin PCRE2 10.23 stack-overflow. Product: PCRE Version: 10.23 (PCRE2) Hardware: x86-64 OS: Linux Status: NEW Severity: bug Priority: medium Component: Code Assignee: philip.ha...@gmail.com Reporter: 670605...@qq.com CC: pcre-dev@exim.org ==32276==ERROR: AddressSanitizer: stack-overflow on address 0x7ffc062ae400 (pc 0x005f0982 bp 0x7ffc062bc4a0 sp 0x7ffc062ae400 T0) #0 0x5f0981 in match /pcre2-CVE-2017-8786/src/pcre2_match.c:578 #1 0x5f4302 in match /pcre2-CVE-2017-8786/src/pcre2_match.c:1017:9 #2 0x6035fd in match /pcre2-CVE-2017-8786/src/pcre2_match.c:2128:7 #3 0x5f4302 in match /pcre2-CVE-2017-8786/src/pcre2_match.c:1017:9 #4 0x6035fd in match /pcre2-CVE-2017-8786/src/pcre2_match.c:2128:7 #5 0x5f4302 in match /pcre2-CVE-2017-8786/src/pcre2_match.c:1017:9 #6 0x6035fd in match /pcre2-CVE-2017-8786/src/pcre2_match.c:2128:7 #7 0x5f4302 in match /pcre2-CVE-2017-8786/src/pcre2_match.c:1017:9 #8 0x6035fd in match /pcre2-CVE-2017-8786/src/pcre2_match.c:2128:7 #9 0x5f4302 in match /pcre2-CVE-2017-8786/src/pcre2_match.c:1017:9 #10 0x6035fd in match /pcre2-CVE-2017-8786/src/pcre2_match.c:2128:7 #11 0x5f4302 in match /pcre2-CVE-2017-8786/src/pcre2_match.c:1017:9 #12 0x6035fd in match /pcre2-CVE-2017-8786/src/pcre2_match.c:2128:7 #13 0x5f4302 in match /pcre2-CVE-2017-8786/src/pcre2_match.c:1017:9 #14 0x6035fd in match /pcre2-CVE-2017-8786/src/pcre2_match.c:2128:7 #15 0x5f4302 in match /pcre2-CVE-2017-8786/src/pcre2_match.c:1017:9 #16 0x6035fd in match /pcre2-CVE-2017-8786/src/pcre2_match.c:2128:7 #17 0x5f4302 in match /pcre2-CVE-2017-8786/src/pcre2_match.c:1017:9 #18 0x6035fd in match /pcre2-CVE-2017-8786/src/pcre2_match.c:2128:7 #19 0x5f4302 in match /pcre2-CVE-2017-8786/src/pcre2_match.c:1017:9 #20 0x6035fd in match /pcre2-CVE-2017-8786/src/pcre2_match.c:2128:7 #21 0x5f4302 in match /pcre2-CVE-2017-8786/src/pcre2_match.c:1017:9 #22 0x6035fd in match /pcre2-CVE-2017-8786/src/pcre2_match.c:2128:7 #23 0x5f4302 in match /pcre2-CVE-2017-8786/src/pcre2_match.c:1017:9 #24 0x6035fd in match /pcre2-CVE-2017-8786/src/pcre2_match.c:2128:7 #25 0x5f4302 in match /pcre2-CVE-2017-8786/src/pcre2_match.c:1017:9 #26 0x6035fd in match /pcre2-CVE-2017-8786/src/pcre2_match.c:2128:7 #27 0x5f4302 in match /pcre2-CVE-2017-8786/src/pcre2_match.c:1017:9 #28 0x6035fd in match /pcre2-CVE-2017-8786/src/pcre2_match.c:2128:7 #29 0x5f4302 in match /pcre2-CVE-2017-8786/src/pcre2_match.c:1017:9 #30 0x6035fd in match /pcre2-CVE-2017-8786/src/pcre2_match.c:2128:7 #31 0x5f4302 in match /pcre2-CVE-2017-8786/src/pcre2_match.c:1017:9 #32 0x6035fd in match /pcre2-CVE-2017-8786/src/pcre2_match.c:2128:7 #33 0x5f4302 in match /pcre2-CVE-2017-8786/src/pcre2_match.c:1017:9 #34 0x6035fd in match /pcre2-CVE-2017-8786/src/pcre2_match.c:2128:7 #35 0x5f4302 in match /pcre2-CVE-2017-8786/src/pcre2_match.c:1017:9 #36 0x6035fd in match /pcre2-CVE-2017-8786/src/pcre2_match.c:2128:7 #37 0x5f4302 in match /pcre2-CVE-2017-8786/src/pcre2_match.c:1017:9 #38 0x6035fd in match /pcre2-CVE-2017-8786/src/pcre2_match.c:2128:7 #39 0x5f4302 in match /pcre2-CVE-2017-8786/src/pcre2_match.c:1017:9 #40 0x6035fd in match /pcre2-CVE-2017-8786/src/pcre2_match.c:2128:7 #41 0x5f4302 in match /pcre2-CVE-2017-8786/src/pcre2_match.c:1017:9 #42 0x6035fd in match /pcre2-CVE-2017-8786/src/pcre2_match.c:2128:7 #43 0x5f4302 in match /pcre2-CVE-2017-8786/src/pcre2_match.c:1017:9 #44 0x6035fd in match /pcre2-CVE-2017-8786/src/pcre2_match.c:2128:7 #45 0x5f4302 in match /pcre2-CVE-2017-8786/src/pcre2_match.c:1017:9 #46 0x6035fd in match /pcre2-CVE-2017-8786/src/pcre2_match.c:2128:7 #47 0x5f4302 in match /pcre2-CVE-2017-8786/src/pcre2_match.c:1017:9 #48 0x6035fd in match /pcre2-CVE-2017-8786/src/pcre2_match.c:2128:7 #49 0x5f4302 in match /pcre2-CVE-2017-8786/src/pcre2_match.c:1017:9 #50 0x6035fd in match /pcre2-CVE-2017-8786/src/pcre2_match.c:2128:7 #51 0x5f4302 in match /pcre2-CVE-2017-8786/src/pcre2_match.c:1017:9 #52 0x6035fd in match /pcre2-CVE-2017-8786/src/pcre2_match.c:2128:7 #53 0x5f4302 in match /pcre2-CVE-2017-8786/src/pcre2_match.c:1017:9 #54 0x6035fd in match /pcre2-CVE-2017-8786/src/pcre2_match.c:2128:7 #55 0x5f4302 in match /pcre2-CVE-2017-8786/src/pcre2_match.c:1017:9 #56 0x6035fd in match /pcre2-CVE-2017-8786/src/pcre2_match.c:2128:7 #57 0x5f4302 in match /pcre2-CVE-2017-8786/src/pcre2_match.c:1017:9 #58 0x6035fd in match /pcre2-CVE-2017-8786/src/pcre2_match.c:2128:7 #59 0x5f4302 in match /pcre2-CVE-2017-8786/src/pcre2_match.c:1017:9 #60 0x6035fd in match /pcre2-CVE-2017-8786/src/pcre2_match.c:2128:7 #61 0x5f4302 in
[pcre-dev] [Bug 2777] New: pcre2_match.cin PCRE2 10.23 stack-overflow.
https://bugs.exim.org/show_bug.cgi?id=2777 Bug ID: 2777 Summary: pcre2_match.cin PCRE2 10.23 stack-overflow. Product: PCRE Version: 10.23 (PCRE2) Hardware: x86-64 OS: Linux Status: NEW Severity: bug Priority: medium Component: Code Assignee: philip.ha...@gmail.com Reporter: 670605...@qq.com CC: pcre-dev@exim.org ==32276==ERROR: AddressSanitizer: stack-overflow on address 0x7ffc062ae400 (pc 0x005f0982 bp 0x7ffc062bc4a0 sp 0x7ffc062ae400 T0) #0 0x5f0981 in match /pcre2-CVE-2017-8786/src/pcre2_match.c:578 #1 0x5f4302 in match /pcre2-CVE-2017-8786/src/pcre2_match.c:1017:9 #2 0x6035fd in match /pcre2-CVE-2017-8786/src/pcre2_match.c:2128:7 #3 0x5f4302 in match /pcre2-CVE-2017-8786/src/pcre2_match.c:1017:9 #4 0x6035fd in match /pcre2-CVE-2017-8786/src/pcre2_match.c:2128:7 #5 0x5f4302 in match /pcre2-CVE-2017-8786/src/pcre2_match.c:1017:9 #6 0x6035fd in match /pcre2-CVE-2017-8786/src/pcre2_match.c:2128:7 #7 0x5f4302 in match /pcre2-CVE-2017-8786/src/pcre2_match.c:1017:9 #8 0x6035fd in match /pcre2-CVE-2017-8786/src/pcre2_match.c:2128:7 #9 0x5f4302 in match /pcre2-CVE-2017-8786/src/pcre2_match.c:1017:9 #10 0x6035fd in match /pcre2-CVE-2017-8786/src/pcre2_match.c:2128:7 #11 0x5f4302 in match /pcre2-CVE-2017-8786/src/pcre2_match.c:1017:9 #12 0x6035fd in match /pcre2-CVE-2017-8786/src/pcre2_match.c:2128:7 #13 0x5f4302 in match /pcre2-CVE-2017-8786/src/pcre2_match.c:1017:9 #14 0x6035fd in match /pcre2-CVE-2017-8786/src/pcre2_match.c:2128:7 #15 0x5f4302 in match /pcre2-CVE-2017-8786/src/pcre2_match.c:1017:9 #16 0x6035fd in match /pcre2-CVE-2017-8786/src/pcre2_match.c:2128:7 #17 0x5f4302 in match /pcre2-CVE-2017-8786/src/pcre2_match.c:1017:9 #18 0x6035fd in match /pcre2-CVE-2017-8786/src/pcre2_match.c:2128:7 #19 0x5f4302 in match /pcre2-CVE-2017-8786/src/pcre2_match.c:1017:9 #20 0x6035fd in match /pcre2-CVE-2017-8786/src/pcre2_match.c:2128:7 #21 0x5f4302 in match /pcre2-CVE-2017-8786/src/pcre2_match.c:1017:9 #22 0x6035fd in match /pcre2-CVE-2017-8786/src/pcre2_match.c:2128:7 #23 0x5f4302 in match /pcre2-CVE-2017-8786/src/pcre2_match.c:1017:9 #24 0x6035fd in match /pcre2-CVE-2017-8786/src/pcre2_match.c:2128:7 #25 0x5f4302 in match /pcre2-CVE-2017-8786/src/pcre2_match.c:1017:9 #26 0x6035fd in match /pcre2-CVE-2017-8786/src/pcre2_match.c:2128:7 #27 0x5f4302 in match /pcre2-CVE-2017-8786/src/pcre2_match.c:1017:9 #28 0x6035fd in match /pcre2-CVE-2017-8786/src/pcre2_match.c:2128:7 #29 0x5f4302 in match /pcre2-CVE-2017-8786/src/pcre2_match.c:1017:9 #30 0x6035fd in match /pcre2-CVE-2017-8786/src/pcre2_match.c:2128:7 #31 0x5f4302 in match /pcre2-CVE-2017-8786/src/pcre2_match.c:1017:9 #32 0x6035fd in match /pcre2-CVE-2017-8786/src/pcre2_match.c:2128:7 #33 0x5f4302 in match /pcre2-CVE-2017-8786/src/pcre2_match.c:1017:9 #34 0x6035fd in match /pcre2-CVE-2017-8786/src/pcre2_match.c:2128:7 #35 0x5f4302 in match /pcre2-CVE-2017-8786/src/pcre2_match.c:1017:9 #36 0x6035fd in match /pcre2-CVE-2017-8786/src/pcre2_match.c:2128:7 #37 0x5f4302 in match /pcre2-CVE-2017-8786/src/pcre2_match.c:1017:9 #38 0x6035fd in match /pcre2-CVE-2017-8786/src/pcre2_match.c:2128:7 #39 0x5f4302 in match /pcre2-CVE-2017-8786/src/pcre2_match.c:1017:9 #40 0x6035fd in match /pcre2-CVE-2017-8786/src/pcre2_match.c:2128:7 #41 0x5f4302 in match /pcre2-CVE-2017-8786/src/pcre2_match.c:1017:9 #42 0x6035fd in match /pcre2-CVE-2017-8786/src/pcre2_match.c:2128:7 #43 0x5f4302 in match /pcre2-CVE-2017-8786/src/pcre2_match.c:1017:9 #44 0x6035fd in match /pcre2-CVE-2017-8786/src/pcre2_match.c:2128:7 #45 0x5f4302 in match /pcre2-CVE-2017-8786/src/pcre2_match.c:1017:9 #46 0x6035fd in match /pcre2-CVE-2017-8786/src/pcre2_match.c:2128:7 #47 0x5f4302 in match /pcre2-CVE-2017-8786/src/pcre2_match.c:1017:9 #48 0x6035fd in match /pcre2-CVE-2017-8786/src/pcre2_match.c:2128:7 #49 0x5f4302 in match /pcre2-CVE-2017-8786/src/pcre2_match.c:1017:9 #50 0x6035fd in match /pcre2-CVE-2017-8786/src/pcre2_match.c:2128:7 #51 0x5f4302 in match /pcre2-CVE-2017-8786/src/pcre2_match.c:1017:9 #52 0x6035fd in match /pcre2-CVE-2017-8786/src/pcre2_match.c:2128:7 #53 0x5f4302 in match /pcre2-CVE-2017-8786/src/pcre2_match.c:1017:9 #54 0x6035fd in match /pcre2-CVE-2017-8786/src/pcre2_match.c:2128:7 #55 0x5f4302 in match /pcre2-CVE-2017-8786/src/pcre2_match.c:1017:9 #56 0x6035fd in match /pcre2-CVE-2017-8786/src/pcre2_match.c:2128:7 #57 0x5f4302 in match /pcre2-CVE-2017-8786/src/pcre2_match.c:1017:9 #58 0x6035fd in match /pcre2-CVE-2017-8786/src/pcre2_match.c:2128:7 #59 0x5f4302 in match /pcre2-CVE-2017-8786/src/pcre2_match.c:1017:9 #60 0x6035fd in match /pcre2-CVE-2017-8786/src/pcre2_match.c:2128:7 #61 0x5f4302 in
[pcre-dev] [Bug 2775] New: pcre_exec.c in PCRE 8.40 allows remote attackers to cause stack-overflow.
https://bugs.exim.org/show_bug.cgi?id=2775 Bug ID: 2775 Summary: pcre_exec.c in PCRE 8.40 allows remote attackers to cause stack-overflow. Product: PCRE Version: 8.40 Hardware: x86-64 OS: Linux Status: NEW Severity: bug Priority: medium Component: Code Assignee: philip.ha...@gmail.com Reporter: 670605...@qq.com CC: pcre-dev@exim.org ==40049==ERROR: AddressSanitizer: stack-overflow on address 0x7ffc02a50340 (pc 0x005bb01f bp 0x7ffc02a55b80 sp 0x7ffc02a50340 T0) #0 0x5bb01e in match /pcre-CVE-2017-7186/pcre_exec.c:516 #1 0x5bdbaa in match /pcre-CVE-2017-7186/pcre_exec.c:879:7 #2 0x5bea31 in match /pcre-CVE-2017-7186/pcre_exec.c:935:7 #3 0x5bea31 in match /pcre-CVE-2017-7186/pcre_exec.c:935:7 #4 0x5bea31 in match /pcre-CVE-2017-7186/pcre_exec.c:935:7 #5 0x5bea31 in match /pcre-CVE-2017-7186/pcre_exec.c:935:7 #6 0x5bea31 in match /pcre-CVE-2017-7186/pcre_exec.c:935:7 #7 0x5bea31 in match /pcre-CVE-2017-7186/pcre_exec.c:935:7 #8 0x5bea31 in match /pcre-CVE-2017-7186/pcre_exec.c:935:7 #9 0x5bea31 in match /pcre-CVE-2017-7186/pcre_exec.c:935:7 #10 0x5bea31 in match /pcre-CVE-2017-7186/pcre_exec.c:935:7 #11 0x5bea31 in match /pcre-CVE-2017-7186/pcre_exec.c:935:7 #12 0x5bea31 in match /pcre-CVE-2017-7186/pcre_exec.c:935:7 #13 0x5bea31 in match /pcre-CVE-2017-7186/pcre_exec.c:935:7 #14 0x5bea31 in match /pcre-CVE-2017-7186/pcre_exec.c:935:7 #15 0x5bea31 in match /pcre-CVE-2017-7186/pcre_exec.c:935:7 #16 0x5bea31 in match /pcre-CVE-2017-7186/pcre_exec.c:935:7 #17 0x5bea31 in match /pcre-CVE-2017-7186/pcre_exec.c:935:7 #18 0x5bea31 in match /pcre-CVE-2017-7186/pcre_exec.c:935:7 #19 0x5bea31 in match /pcre-CVE-2017-7186/pcre_exec.c:935:7 #20 0x5bea31 in match /pcre-CVE-2017-7186/pcre_exec.c:935:7 #21 0x5bea31 in match /pcre-CVE-2017-7186/pcre_exec.c:935:7 #22 0x5bea31 in match /pcre-CVE-2017-7186/pcre_exec.c:935:7 #23 0x5bea31 in match /pcre-CVE-2017-7186/pcre_exec.c:935:7 #24 0x5bea31 in match /pcre-CVE-2017-7186/pcre_exec.c:935:7 #25 0x5bea31 in match /pcre-CVE-2017-7186/pcre_exec.c:935:7 #26 0x5bea31 in match /pcre-CVE-2017-7186/pcre_exec.c:935:7 #27 0x5bea31 in match /pcre-CVE-2017-7186/pcre_exec.c:935:7 #28 0x5bea31 in match /pcre-CVE-2017-7186/pcre_exec.c:935:7 #29 0x5bea31 in match /pcre-CVE-2017-7186/pcre_exec.c:935:7 #30 0x5bea31 in match /pcre-CVE-2017-7186/pcre_exec.c:935:7 #31 0x5bea31 in match /pcre-CVE-2017-7186/pcre_exec.c:935:7 #32 0x5bea31 in match /pcre-CVE-2017-7186/pcre_exec.c:935:7 #33 0x5bea31 in match /pcre-CVE-2017-7186/pcre_exec.c:935:7 #34 0x5bea31 in match /pcre-CVE-2017-7186/pcre_exec.c:935:7 #35 0x5bea31 in match /pcre-CVE-2017-7186/pcre_exec.c:935:7 #36 0x5bea31 in match /pcre-CVE-2017-7186/pcre_exec.c:935:7 #37 0x5bea31 in match /pcre-CVE-2017-7186/pcre_exec.c:935:7 #38 0x5bea31 in match /pcre-CVE-2017-7186/pcre_exec.c:935:7 #39 0x5bea31 in match /pcre-CVE-2017-7186/pcre_exec.c:935:7 #40 0x5bea31 in match /pcre-CVE-2017-7186/pcre_exec.c:935:7 #41 0x5bea31 in match /pcre-CVE-2017-7186/pcre_exec.c:935:7 #42 0x5bea31 in match /pcre-CVE-2017-7186/pcre_exec.c:935:7 #43 0x5bea31 in match /pcre-CVE-2017-7186/pcre_exec.c:935:7 #44 0x5bea31 in match /pcre-CVE-2017-7186/pcre_exec.c:935:7 #45 0x5bea31 in match /pcre-CVE-2017-7186/pcre_exec.c:935:7 #46 0x5bea31 in match /pcre-CVE-2017-7186/pcre_exec.c:935:7 #47 0x5bea31 in match /pcre-CVE-2017-7186/pcre_exec.c:935:7 #48 0x5bea31 in match /pcre-CVE-2017-7186/pcre_exec.c:935:7 #49 0x5bea31 in match /pcre-CVE-2017-7186/pcre_exec.c:935:7 #50 0x5bea31 in match /pcre-CVE-2017-7186/pcre_exec.c:935:7 #51 0x5bea31 in match /pcre-CVE-2017-7186/pcre_exec.c:935:7 #52 0x5bea31 in match /pcre-CVE-2017-7186/pcre_exec.c:935:7 #53 0x5bea31 in match /pcre-CVE-2017-7186/pcre_exec.c:935:7 #54 0x5bea31 in match /pcre-CVE-2017-7186/pcre_exec.c:935:7 #55 0x5bea31 in match /pcre-CVE-2017-7186/pcre_exec.c:935:7 #56 0x5bea31 in match /pcre-CVE-2017-7186/pcre_exec.c:935:7 #57 0x5bea31 in match /pcre-CVE-2017-7186/pcre_exec.c:935:7 #58 0x5bea31 in match /pcre-CVE-2017-7186/pcre_exec.c:935:7 #59 0x5bea31 in match /pcre-CVE-2017-7186/pcre_exec.c:935:7 #60 0x5bea31 in match /pcre-CVE-2017-7186/pcre_exec.c:935:7 #61 0x5bea31 in match /pcre-CVE-2017-7186/pcre_exec.c:935:7 #62 0x5bea31 in match /pcre-CVE-2017-7186/pcre_exec.c:935:7 #63 0x5bea31 in match /pcre-CVE-2017-7186/pcre_exec.c:935:7 #64 0x5bea31 in match /pcre-CVE-2017-7186/pcre_exec.c:935:7 #65 0x5bea31 in match /pcre-CVE-2017-7186/pcre_exec.c:935:7 #66 0x5bea31 in match /pcre-CVE-2017-7186/pcre_exec.c:935:7 #67 0x5bea31 in match /pcre-CVE-2017-7186/pcre_exec.c:935:7 #68 0x5bea31 in
[pcre-dev] [Bug 2773] New: pcretest.c in PCRE 8.40 allows remote attackers to cause a denial of service (heap-based buffer overflow)
https://bugs.exim.org/show_bug.cgi?id=2773 Bug ID: 2773 Summary: pcretest.c in PCRE 8.40 allows remote attackers to cause a denial of service (heap-based buffer overflow) Product: PCRE Version: 8.40 Hardware: x86-64 OS: Linux Status: NEW Severity: bug Priority: medium Component: Code Assignee: philip.ha...@gmail.com Reporter: 670605...@qq.com CC: pcre-dev@exim.org ==28550==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x62d08400 at pc 0x0052a216 bp 0x7ffc5b356fa0 sp 0x7ffc5b356f98 READ of size 1 at 0x62d08400 thread T0 #0 0x52a215 in pchars /pcre/pcretest.c:2045:7 #1 0x52b18a in callout /pcre/pcretest.c:2272:9 #2 0x5b0dea in internal_dfa_exec /pcre/pcre_dfa_exec.c:3078:20 #3 0x58cb45 in pcre_dfa_exec /pcre/pcre_dfa_exec.c:3616:8 #4 0x5225f4 in main /pcre/pcretest.c:5205:9 #5 0x7f48c72d282f in __libc_start_main /build/glibc-LK5gWL/glibc-2.23/csu/../csu/libc-start.c:291 #6 0x419c88 in _start (/pcre-/pcretest+0x419c88) 0x62d08400 is located 0 bytes to the right of 32768-byte region [0x62d00400,0x62d08400) allocated by thread T0 here: #0 0x4d2718 in realloc /fuzzer/build/llvm_tools/llvm-4.0.0.src/projects/compiler-rt/lib/asan/asan_malloc_linux.cc:79 #1 0x51b809 in main /pcre/pcretest.c:4593:31 #2 0x7f48c72d282f in __libc_start_main /build/glibc-LK5gWL/glibc-2.23/csu/../csu/libc-start.c:291 SUMMARY: AddressSanitizer: heap-buffer-overflow /pcre/pcretest.c:2045:7 in pchars Shadow bytes around the buggy address: 0x0c5a7fff9030: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0x0c5a7fff9040: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0x0c5a7fff9050: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0x0c5a7fff9060: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0x0c5a7fff9070: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 =>0x0c5a7fff9080:[fa]fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa 0x0c5a7fff9090: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa 0x0c5a7fff90a0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa 0x0c5a7fff90b0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa 0x0c5a7fff90c0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa 0x0c5a7fff90d0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa Shadow byte legend (one shadow byte represents 8 application bytes): Addressable: 00 Partially addressable: 01 02 03 04 05 06 07 Heap left redzone: fa Freed heap region: fd Stack left redzone: f1 Stack mid redzone: f2 Stack right redzone: f3 Stack after return: f5 Stack use after scope: f8 Global redzone: f9 Global init order: f6 Poisoned by user:f7 Container overflow: fc Array cookie:ac Intra object redzone:bb ASan internal: fe Left alloca redzone: ca Right alloca redzone:cb ==28550==ABORTING -- You are receiving this mail because: You are on the CC list for the bug. -- ## List details at https://lists.exim.org/mailman/listinfo/pcre-dev
[pcre-dev] [Bug 2774] New: pcretest.c in PCRE 8.40 allows remote attackers to cause a denial of service (heap-based buffer overflow)
https://bugs.exim.org/show_bug.cgi?id=2774 Bug ID: 2774 Summary: pcretest.c in PCRE 8.40 allows remote attackers to cause a denial of service (heap-based buffer overflow) Product: PCRE Version: 8.40 Hardware: x86-64 OS: Linux Status: NEW Severity: bug Priority: medium Component: Code Assignee: philip.ha...@gmail.com Reporter: 670605...@qq.com CC: pcre-dev@exim.org ==28550==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x62d08400 at pc 0x0052a216 bp 0x7ffc5b356fa0 sp 0x7ffc5b356f98 READ of size 1 at 0x62d08400 thread T0 #0 0x52a215 in pchars /pcre/pcretest.c:2045:7 #1 0x52b18a in callout /pcre/pcretest.c:2272:9 #2 0x5b0dea in internal_dfa_exec /pcre/pcre_dfa_exec.c:3078:20 #3 0x58cb45 in pcre_dfa_exec /pcre/pcre_dfa_exec.c:3616:8 #4 0x5225f4 in main /pcre/pcretest.c:5205:9 #5 0x7f48c72d282f in __libc_start_main /build/glibc-LK5gWL/glibc-2.23/csu/../csu/libc-start.c:291 #6 0x419c88 in _start (/pcre-/pcretest+0x419c88) 0x62d08400 is located 0 bytes to the right of 32768-byte region [0x62d00400,0x62d08400) allocated by thread T0 here: #0 0x4d2718 in realloc /fuzzer/build/llvm_tools/llvm-4.0.0.src/projects/compiler-rt/lib/asan/asan_malloc_linux.cc:79 #1 0x51b809 in main /pcre/pcretest.c:4593:31 #2 0x7f48c72d282f in __libc_start_main /build/glibc-LK5gWL/glibc-2.23/csu/../csu/libc-start.c:291 SUMMARY: AddressSanitizer: heap-buffer-overflow /pcre/pcretest.c:2045:7 in pchars Shadow bytes around the buggy address: 0x0c5a7fff9030: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0x0c5a7fff9040: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0x0c5a7fff9050: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0x0c5a7fff9060: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0x0c5a7fff9070: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 =>0x0c5a7fff9080:[fa]fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa 0x0c5a7fff9090: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa 0x0c5a7fff90a0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa 0x0c5a7fff90b0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa 0x0c5a7fff90c0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa 0x0c5a7fff90d0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa Shadow byte legend (one shadow byte represents 8 application bytes): Addressable: 00 Partially addressable: 01 02 03 04 05 06 07 Heap left redzone: fa Freed heap region: fd Stack left redzone: f1 Stack mid redzone: f2 Stack right redzone: f3 Stack after return: f5 Stack use after scope: f8 Global redzone: f9 Global init order: f6 Poisoned by user:f7 Container overflow: fc Array cookie:ac Intra object redzone:bb ASan internal: fe Left alloca redzone: ca Right alloca redzone:cb ==28550==ABORTING -- You are receiving this mail because: You are on the CC list for the bug. -- ## List details at https://lists.exim.org/mailman/listinfo/pcre-dev
Re: [pcre-dev] Typo about (?^)
A little bit further up from what you quoted, the docs say this: "The two "extended" options are not independent; unsetting either one cancels the effects of both of them." So (?-x) and (?-xx) are the same, and unset both (?x) and (?xx). Regards, Philip On Sat, 19 Jun 2021 at 16:57, ND via Pcre-dev wrote: > PCRE docs say: > > > If the first character following (? is a circumflex, it causes all of > > the above options to be unset. > Thus, (?^) is equivalent to (?-imnsx). > > > There is "xx" option. So may be docs have a typo? > > - "all of the above options" -> "all of the above options but xx" > - or "(?^) is equivalent to (?-imnsx)" -> "(?^) is equivalent to > (?-imnsxxx)" > > -- > ## List details at https://lists.exim.org/mailman/listinfo/pcre-dev > -- ## List details at https://lists.exim.org/mailman/listinfo/pcre-dev