[Bug regex/24114] regexec buffer read overrun in "grep -i '\(\(\)*.\)*\(\)\(\)\1'"

classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view

[Bug regex/24114] regexec buffer read overrun in "grep -i '\(\(\)*.\)*\(\)\(\)\1'"

glaubitz at physik dot fu-berlin.de

--- Comment #5 from cvs-commit at gcc dot gnu.org <cvs-commit at gcc dot gnu.org> ---
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "GNU C Library master sources".

The branch, release/2.28/master has been updated
       via  54e725e39d0190227b9bf975a7c3f80e8a81365a (commit)
       via  2aee101ff6075dd97a99982a1ba29e21ec25c52f (commit)
      from  4bf5ab3196bd27e48d87d4a1cd91efd39772e026 (commit)

Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.

- Log -----------------------------------------------------------------

commit 54e725e39d0190227b9bf975a7c3f80e8a81365a
Author: Aurelien Jarno <[hidden email]>
Date:   Sat Mar 16 22:59:56 2019 +0100

    Record CVE-2019-9169 in NEWS and ChangeLog [BZ #24114]

    (cherry picked from commit b626c5aa5d0673a9caa48fb79fba8bda237e6fa8)


commit 2aee101ff6075dd97a99982a1ba29e21ec25c52f
Author: Paul Eggert <[hidden email]>
Date:   Mon Jan 21 11:08:13 2019 -0800

    regex: fix read overrun [BZ #24114]

    Problem found by AddressSanitizer, reported by Hongxu Chen in:
    * posix/regexec.c (proceed_next_node):
    Do not read past end of input buffer.

    (cherry picked from commit 583dd860d5b833037175247230a328f0050dbfe9)


Summary of changes:
 ChangeLog       |    9 +++++++++
 NEWS            |    4 ++++
 posix/regexec.c |    6 ++++--
 3 files changed, 17 insertions(+), 2 deletions(-)

You are receiving this mail because:
You are on the CC list for the bug.