Bug 669413

Summary: pcre does not terminate on some unicode patterns
Product: Red Hat Enterprise Linux 5 Reporter: Ondrej Moriš <omoris>
Component: pcreAssignee: Petr Pisar <ppisar>
Status: CLOSED ERRATA QA Contact: Jan Kepler <jkejda>
Severity: high Docs Contact:
Priority: urgent    
Version: 5.6CC: dkutalek, jkejda, ovasik, psplicha, tis, tsmetana
Target Milestone: rcKeywords: Patch, Regression, ZStream
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: pcre-6.6-7.el5 Doc Type: Bug Fix
Doc Text:
A previous update enabled Unicode properties to support \p{..}, \P{..}, and \X escape sequences. However, compiling certain regular expressions which contained extended classes under a non-UTF-8 PCRE mode failed due to the compilation entering an infinite loop. This has been fixed in this update so that compiling such regular expressions completes as expected.
Story Points: ---
Clone Of: Environment:
Last Closed: 2013-09-30 17:58:23 EDT Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---
Bug Depends On:    
Bug Blocks: 680962    
Attachments:
Description Flags
Fix for looping on pattern compilation in non-UTF-8
none
Fix for looping on pattern compilation in non-UTF-8
none
Test case for the loop problem
none
Complete backport of infinite loop bugfix
none
Fix for looping on pattern compilation in non-UTF-8
none
Test case for the loop problem none

Comment 2 Petr Pisar 2011-01-13 11:11:46 EST
Created attachment 473362 [details]
Fix for looping on pattern compilation in non-UTF-8

I believe I found fix for the loop problem. This attachment should fix it.
Comment 3 Petr Pisar 2011-01-13 11:14:24 EST
Created attachment 473363 [details]
Fix for looping on pattern compilation in non-UTF-8

I believe I found fix for the loop problem. This attachment should fix it.
Comment 5 Petr Pisar 2011-01-13 11:36:41 EST
Created attachment 473365 [details]
Test case for the loop problem

This C program tests the loop problem. If the problem is fixed, the program
returns with success code in finite time. Otherwise it times out after 5 seconds and returns failure code.
Comment 6 Tuomo Soini 2011-01-14 06:24:17 EST
Created attachment 473502 [details]
Complete backport of infinite loop bugfix
Comment 7 Tuomo Soini 2011-01-14 06:26:32 EST
Your backport seem to be incomplete.

I attached more complete backport.

Test case which shows the difference is to change this pattern to test program:

const char pattern[] = "/ ([\\p{Nd}]) (abc) (?2) /";
Comment 8 Petr Pisar 2011-01-17 10:16:53 EST
Created attachment 473857 [details]
Fix for looping on pattern compilation in non-UTF-8

Annotated patch fixing both recursion and both bracket search.
Comment 9 Petr Pisar 2011-01-17 10:18:28 EST
Created attachment 473858 [details]
Test case for the loop problem

Test case with both mentioned patterns.
Comment 10 Petr Pisar 2011-01-17 10:23:06 EST
(In reply to comment #7)
> Your backport seem to be incomplete.
> 
Thank you very much. I would welcome a pointer to relevant discussion or VCS repository as upstream moved to new VCS and mailing list at the begin of year 2007 throwing previous development history away.

I checked whole pcre_compile.c for OP_XCLASS against pcre-6.7. I hope that's everything.
Comment 11 Tuomo Soini 2011-01-21 06:17:51 EST
No idea about VCS link or anything. Second test pattern was invented by Kim Heino when he looked at your backport and why our backport was different than your original one.
Comment 26 errata-xmlrpc 2013-09-30 17:58:23 EDT
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

http://rhn.redhat.com/errata/RHBA-2013-1298.html