Attachment 259921 Details for Bug 384781 – Patch agains pcre 6.4 provided by Ludwig Nussel of SUSE

[patch] Patch agains pcre 6.4 provided by Ludwig Nussel of SUSE

pcre-6.4-ver6.7issue26.diff (text/plain), 1.38 KB, created by Tomas Hoger on 2007-11-15 15:20:36 UTC

(hide)

Description:

Filename:

MIME Type:

Creator: Tomas Hoger

Created: 2007-11-15 15:20:36 UTC

Size: 1.38 KB

patch

obsolete

>26. If a subpattern containing a named recursion or subroutine reference such
>    as (?P>B) was quantified, for example (xxx(?P>B)){3}, the calculation of
>    the space required for the compiled pattern went wrong and gave too small a
>    value. Depending on the environment, this could lead to "Failed: internal
>    error: code overflow at offset 49" or "glibc detected double free or
>    corruption" errors.
>Index: pcre-6.4/pcre_compile.c
>===================================================================
>--- pcre-6.4.orig/pcre_compile.c
>+++ pcre-6.4/pcre_compile.c
>@@ -4506,6 +4506,7 @@ while ((c = *(++ptr)) != 0)
>         as to use the code for quantified brackets. We jump down and use the
>         code that handles this for real brackets. */
> 
>+        RECURSE_CHECK_QUANTIFIED:
>         if (ptr[1] == '+' || ptr[1] == '*' || ptr[1] == '?' || ptr[1] == '{')
>           {
>           length += 2 + 2 * LINK_SIZE;       /* to make bracketed */
>@@ -4569,13 +4570,14 @@ while ((c = *(++ptr)) != 0)
> 
>         if (*ptr == '=' || *ptr == '>')
>           {
>+          length += 1 + 1*LINK_SIZE;
>           while ((compile_block.ctypes[*(++ptr)] & ctype_word) != 0);
>           if (*ptr != ')')
>             {
>             errorcode = ERR42;
>             goto PCRE_ERROR_RETURN;
>             }
>-          break;
>+          goto RECURSE_CHECK_QUANTIFIED;
>           }
> 
>         /* Unknown character after (?P */

Actions: View | Diff

Attachments on bug 384781: 259921