Segfault (.bss overflow) in PCRE
Bug #1025670 reported by
Tim Starling
This bug affects 3 people
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
pcre3 (Ubuntu) |
Fix Released
|
High
|
Unassigned | ||
Precise |
Won't Fix
|
High
|
Unassigned |
Bug Description
A bug in PCRE was fixed upstream. The issue is a segfault with a pattern like /\x{300000}/ui, e.g.
pcregrep -ui '\x{300000}' < /dev/null
There was no bounds checking on access to some UCD character tables, and insufficient bounds checking in \x character construction. The fix was included in a commit that did a lot of other things:
http://
but I have split out the relevant single-line fix for your convenience. Patch attached.
Changed in pcre3 (Ubuntu Precise): | |
status: | New → In Progress |
importance: | Undecided → High |
assignee: | nobody → Brian Murray (brian-murray) |
Changed in pcre3 (Ubuntu): | |
status: | Confirmed → Fix Released |
importance: | Low → High |
To post a comment you must log in.
The attachment "Limit unicode codepoint to U+10FFFF" of this bug report has been identified as being a patch. The ubuntu-reviewers team has been subscribed to the bug report so that they can review the patch. In the event that this is in fact not a patch you can resolve this situation by removing the tag 'patch' from the bug report and editing the attachment so that it is not flagged as a patch. Additionally, if you are member of the ubuntu-reviewers team please also unsubscribe the team from this bug report.
[This is an automated message performed by a Launchpad user owned by Brian Murray. Please contact him regarding any issues with the action taken in this bug report.]