Bug 1119356

Summary: Wrong compilation of zero-repeated groups with recursive back reference can cause crash
Product: Red Hat Enterprise Linux 7 Reporter: Petr Pisar <ppisar>
Component: pcreAssignee: Petr Pisar <ppisar>
Status: CLOSED ERRATA QA Contact: Jan Kepler <jkejda>
Severity: high Docs Contact:
Priority: unspecified    
Version: 7.1CC: isenfeld, jkejda, jorton, lmiksik, pbokoc
Target Milestone: rcKeywords: Patch
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
URL: http://bugs.exim.org/show_bug.cgi?id=1503
Whiteboard:
Fixed In Version: pcre-8.32-15.el7 Doc Type: Bug Fix
Doc Text:
Compiling zero-repeated groups with recursive back references no longer causes PCRE to crash.
Story Points: ---
Clone Of: 1119272 Environment:
Last Closed: 2015-11-19 05:15:06 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On:    
Bug Blocks: 1110700, 1191021, 1285408    
Attachments:
Description Flags
Upstream patch ported to 8.32 none

Description Petr Pisar 2014-07-14 15:20:02 UTC
+++ This bug was initially created as a clone of Bug #1119272 +++

There is a bug in pattern compiler than can lead to crash:

$ printf '%s\n%s\n' '/(((a\2)|(a*)\g<-1>))*a?/B' '' | pcretest 
PCRE version 8.33 2013-05-28

  re> Neoprávněný přístup do paměti (SIGSEGV)

It has been fixed by upstream with:

commit d35a6c663d37e072f4a5440f281f62aa6dc42418
Author: ph10 <ph10@2f5784b3-3f2a-0410-8824-cb99058d5e15>
Date:   Sat Jul 12 18:22:54 2014 +0000

    Fix compiler crash/misbehaviour for zero-repeated groups that include a
    recursive back reference.
    
    
    git-svn-id: svn://vcs.exim.org/pcre/code/trunk@1495 2f5784b3-3f2a-0410-8824-cb99058d5e15

--- Additional comment from Petr Pisar on 2014-07-14 13:44:50 GMT ---

All Fedoras are affected.
------

RHEL-7 is affected (pcre-8.32-12.el7.x86_64).

Comment 1 Petr Pisar 2014-07-14 15:20:56 UTC
Created attachment 917899 [details]
Upstream patch ported to 8.32

Comment 9 errata-xmlrpc 2015-11-19 05:15:06 UTC
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://rhn.redhat.com/errata/RHBA-2015-2142.html