Bugzilla will be upgraded to version 5.0. The upgrade date is tentatively scheduled for 2 December 2018, pending final testing and feedback.
Bug 1119356 - Wrong compilation of zero-repeated groups with recursive back reference can cause crash
Wrong compilation of zero-repeated groups with recursive back reference can c...
Status: CLOSED ERRATA
Product: Red Hat Enterprise Linux 7
Classification: Red Hat
Component: pcre (Show other bugs)
7.1
Unspecified Unspecified
unspecified Severity high
: rc
: ---
Assigned To: Petr Pisar
Jan Kepler
http://bugs.exim.org/show_bug.cgi?id=...
: Patch
Depends On:
Blocks: 1110700 1191021 CVE-2015-2327
  Show dependency treegraph
 
Reported: 2014-07-14 11:20 EDT by Petr Pisar
Modified: 2016-04-27 03:39 EDT (History)
5 users (show)

See Also:
Fixed In Version: pcre-8.32-15.el7
Doc Type: Bug Fix
Doc Text:
Compiling zero-repeated groups with recursive back references no longer causes PCRE to crash.
Story Points: ---
Clone Of: 1119272
Environment:
Last Closed: 2015-11-19 00:15:06 EST
Type: Bug
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)
Upstream patch ported to 8.32 (5.43 KB, patch)
2014-07-14 11:20 EDT, Petr Pisar
no flags Details | Diff


External Trackers
Tracker ID Priority Status Summary Last Updated
Red Hat Product Errata RHBA-2015:2142 normal SHIPPED_LIVE pcre bug fix update 2015-11-19 03:16:47 EST

  None (edit)
Description Petr Pisar 2014-07-14 11:20:02 EDT
+++ This bug was initially created as a clone of Bug #1119272 +++

There is a bug in pattern compiler than can lead to crash:

$ printf '%s\n%s\n' '/(((a\2)|(a*)\g<-1>))*a?/B' '' | pcretest 
PCRE version 8.33 2013-05-28

  re> Neoprávněný přístup do paměti (SIGSEGV)

It has been fixed by upstream with:

commit d35a6c663d37e072f4a5440f281f62aa6dc42418
Author: ph10 <ph10@2f5784b3-3f2a-0410-8824-cb99058d5e15>
Date:   Sat Jul 12 18:22:54 2014 +0000

    Fix compiler crash/misbehaviour for zero-repeated groups that include a
    recursive back reference.
    
    
    git-svn-id: svn://vcs.exim.org/pcre/code/trunk@1495 2f5784b3-3f2a-0410-8824-cb99058d5e15

--- Additional comment from Petr Pisar on 2014-07-14 13:44:50 GMT ---

All Fedoras are affected.
------

RHEL-7 is affected (pcre-8.32-12.el7.x86_64).
Comment 1 Petr Pisar 2014-07-14 11:20:56 EDT
Created attachment 917899 [details]
Upstream patch ported to 8.32
Comment 9 errata-xmlrpc 2015-11-19 00:15:06 EST
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://rhn.redhat.com/errata/RHBA-2015-2142.html

Note You need to log in before you can comment on or make changes to this bug.