Bug 1119356 - Wrong compilation of zero-repeated groups with recursive back reference can cause crash
Summary: Wrong compilation of zero-repeated groups with recursive back reference can c...
Alias: None
Product: Red Hat Enterprise Linux 7
Classification: Red Hat
Component: pcre
Version: 7.1
Hardware: Unspecified
OS: Unspecified
Target Milestone: rc
: ---
Assignee: Petr Pisar
QA Contact: Jan Kepler
URL: http://bugs.exim.org/show_bug.cgi?id=...
Depends On:
Blocks: 1110700 1191021 CVE-2015-2327
TreeView+ depends on / blocked
Reported: 2014-07-14 15:20 UTC by Petr Pisar
Modified: 2016-04-27 07:39 UTC (History)
5 users (show)

Fixed In Version: pcre-8.32-15.el7
Doc Type: Bug Fix
Doc Text:
Compiling zero-repeated groups with recursive back references no longer causes PCRE to crash.
Clone Of: 1119272
Last Closed: 2015-11-19 05:15:06 UTC

Attachments (Terms of Use)
Upstream patch ported to 8.32 (5.43 KB, patch)
2014-07-14 15:20 UTC, Petr Pisar
no flags Details | Diff

System ID Priority Status Summary Last Updated
Red Hat Product Errata RHBA-2015:2142 normal SHIPPED_LIVE pcre bug fix update 2015-11-19 08:16:47 UTC
Red Hat Bugzilla 1285408 None None None Never

Internal Links: 1285408

Description Petr Pisar 2014-07-14 15:20:02 UTC
+++ This bug was initially created as a clone of Bug #1119272 +++

There is a bug in pattern compiler than can lead to crash:

$ printf '%s\n%s\n' '/(((a\2)|(a*)\g<-1>))*a?/B' '' | pcretest 
PCRE version 8.33 2013-05-28

  re> Neoprávněný přístup do paměti (SIGSEGV)

It has been fixed by upstream with:

commit d35a6c663d37e072f4a5440f281f62aa6dc42418
Author: ph10 <ph10@2f5784b3-3f2a-0410-8824-cb99058d5e15>
Date:   Sat Jul 12 18:22:54 2014 +0000

    Fix compiler crash/misbehaviour for zero-repeated groups that include a
    recursive back reference.
    git-svn-id: svn://vcs.exim.org/pcre/code/trunk@1495 2f5784b3-3f2a-0410-8824-cb99058d5e15

--- Additional comment from Petr Pisar on 2014-07-14 13:44:50 GMT ---

All Fedoras are affected.

RHEL-7 is affected (pcre-8.32-12.el7.x86_64).

Comment 1 Petr Pisar 2014-07-14 15:20:56 UTC
Created attachment 917899 [details]
Upstream patch ported to 8.32

Comment 9 errata-xmlrpc 2015-11-19 05:15:06 UTC
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.


Note You need to log in before you can comment on or make changes to this bug.