[Bug regex/24269] SIGPIPE

classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view
|

[Bug regex/24269] SIGPIPE

glaubitz at physik dot fu-berlin.de
https://sourceware.org/bugzilla/show_bug.cgi?id=24269

Florian Weimer <fweimer at redhat dot com> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |drepper.fsp at gmail dot com,
                   |                            |fweimer at redhat dot com
          Component|build                       |regex
              Flags|                            |security-

--- Comment #1 from Florian Weimer <fweimer at redhat dot com> ---
The SIGPIPE is spurious and comes from the wrong process.  The null byte
warning is immaterial as well.  This also reproduces the issue:

grep -E "$(printf '(|)(\\1\\1)*')"

It looks like an infinite recursion in check_dst_limits_calc_pos_1:

#0  0x00007f7559c776ad in check_dst_limits_calc_pos_1 (
    mctx=mctx@entry=0x7ffee83d11f0, boundaries=boundaries@entry=3,
    subexp_idx=subexp_idx@entry=0, from_node=5, bkref_idx=bkref_idx@entry=0)
    at regexec.c:1906
#1  0x00007f7559c7781a in check_dst_limits_calc_pos_1 (
    mctx=mctx@entry=0x7ffee83d11f0, boundaries=boundaries@entry=3,
    subexp_idx=subexp_idx@entry=0, from_node=6, bkref_idx=bkref_idx@entry=0)
    at regexec.c:1949
#2  0x00007f7559c7781a in check_dst_limits_calc_pos_1 (
    mctx=mctx@entry=0x7ffee83d11f0, boundaries=boundaries@entry=3,
    subexp_idx=subexp_idx@entry=0, from_node=5, bkref_idx=bkref_idx@entry=0)
    at regexec.c:1949
#3  0x00007f7559c7781a in check_dst_limits_calc_pos_1 (
    mctx=mctx@entry=0x7ffee83d11f0, boundaries=boundaries@entry=3,
    subexp_idx=subexp_idx@entry=0, from_node=6, bkref_idx=bkref_idx@entry=0)
    at regexec.c:1949
#4  0x00007f7559c7781a in check_dst_limits_calc_pos_1 (
    mctx=mctx@entry=0x7ffee83d11f0, boundaries=boundaries@entry=3,
    subexp_idx=subexp_idx@entry=0, from_node=5, bkref_idx=bkref_idx@entry=0)
    at regexec.c:1949
#5  0x00007f7559c7781a in check_dst_limits_calc_pos_1 (
    mctx=mctx@entry=0x7ffee83d11f0, boundaries=boundaries@entry=3,
    subexp_idx=subexp_idx@entry=0, from_node=6, bkref_idx=bkref_idx@entry=0)
    at regexec.c:1949
#6  0x00007f7559c7781a in check_dst_limits_calc_pos_1 (
    mctx=mctx@entry=0x7ffee83d11f0, boundaries=boundaries@entry=3,
    subexp_idx=subexp_idx@entry=0, from_node=5, bkref_idx=bkref_idx@entry=0)
    at regexec.c:1949
#7  0x00007f7559c7781a in check_dst_limits_calc_pos_1 (
    mctx=mctx@entry=0x7ffee83d11f0, boundaries=boundaries@entry=3,
    subexp_idx=subexp_idx@entry=0, from_node=6, bkref_idx=bkref_idx@entry=0)
    at regexec.c:1949

Line numbers are as of commit 34a5a1460e9c05d6035bfbde327ab6d45f78958b.

Not flagging as a security vulnerability because this needs a crafted pattern.

--
You are receiving this mail because:
You are on the CC list for the bug.