https://bugs.exim.org/show_bug.cgi?id=2761
--- Comment #2 from S. Shuck ---
Thanks for investigating.
Maybe I'm not understanding the concept behind the restart feature, but I
respectfully disagree about it not being clever. Ideally we could use the
general-purpose workspace for all match
Hi ND,
On Sun, 6 Jun 2021 at 16:09, ND via Pcre-dev wrote:
>
>
> On 2021-06-06 05:53, Zoltán Herczeg wrote:
> > ND I think you have found a pretty nice Perl bug, maybe you could report
> > it to them.
>
> Zoltan, thank you for great investigation.
> Now I sure it looks like a Perl bug.
>
>
On 2021-06-06 05:53, Zoltán Herczeg wrote:
ND I think you have found a pretty nice Perl bug, maybe you could report
it to them.
Zoltan, thank you for great investigation.
Now I sure it looks like a Perl bug.
Everybody feel free to report it. My English is bad and I have much
difficulties
https://bugs.exim.org/show_bug.cgi?id=2765
Giuseppe D'Angelo changed:
What|Removed |Added
CC||dange...@gmail.com
--- Comment #4 from
https://bugs.exim.org/show_bug.cgi?id=2764
--- Comment #3 from Giuseppe D'Angelo ---
Hi Zoltan,
Thank you for the explanation (and the quick fix).
Given PCRE releases every ~6 months and this bug is affecting quite some users,
would you recommend that packagers, distributions etc. cherry pick
https://bugs.exim.org/show_bug.cgi?id=2767
Bug ID: 2767
Summary: can we add MaxNameCount and MaxNameLength in
pcre2_config as well as export function
Product: PCRE
Version: 10.37 (PCRE2)
Hardware: x86-64
https://bugs.exim.org/show_bug.cgi?id=2765
--- Comment #3 from chengxianglin <670605...@qq.com> ---
Created attachment 1391
--> https://bugs.exim.org/attachment.cgi?id=1391=edit
poc file
How to Reproduce this bug: cat poc | ./pcretest
--
You are receiving this mail because:
You are on the CC
I agree with Zoltan. I do not think this is a bug.
Regards,
Philip
On Sat, 5 Jun 2021 at 23:43, ND via Pcre-dev wrote:
>
> Here is pcretest listing:
>
>
> PCRE2 version 10.35 2020-05-09
> /(?:(a)?\1)+/
> aaa
> 0: aaa
>
>
> Expected result:
> 0: aa
>
> Perl result:
> 0: aa
>
> --
> ##
https://bugs.exim.org/show_bug.cgi?id=2765
--- Comment #2 from Philip Hazel ---
*** Bug 2766 has been marked as a duplicate of this bug. ***
--
You are receiving this mail because:
You are on the CC list for the bug.
--
## List details at https://lists.exim.org/mailman/listinfo/pcre-dev
https://bugs.exim.org/show_bug.cgi?id=2766
Philip Hazel changed:
What|Removed |Added
Status|NEW |RESOLVED
Resolution|---
https://bugs.exim.org/show_bug.cgi?id=2765
--- Comment #1 from Philip Hazel ---
PCRE1 (the 8.xx series) is at end of life. PCRE2 (the 10.xx series, first
released in 2015) is where current development is happening. There is unlikely
ever to be another 8.xx release. Also, pcretest is a local test
https://bugs.exim.org/show_bug.cgi?id=2766
Bug ID: 2766
Summary: pcretest.c in PCRE before 8.44 allows remote
attackers to cause a denial of service (heap-based
buffer overflow)
Product: PCRE
Version: 8.44
https://bugs.exim.org/show_bug.cgi?id=2765
Bug ID: 2765
Summary: pcretest.c in PCRE 8.44 allows remote attackers to
cause a denial of service (heap-based buffer overflow)
Product: PCRE
Version: 8.44
Hardware: x86-64
I did more investigation:
Perl:
/(?:(?:(a)b)?\1)+/ matches abaa
/(?:(?:(ab))?\1)+/ does not match ababab
These pattern / input pairs match in PCRE2. I am pretty sure (?:(P))? is
rewritten to ((?:P)?) in Perl, which is valid in some cases, but not in all
cases. ND I think you have found a
14 matches
Mail list logo