Description of problem: Multiple buffer overflows leading to arbitrary code execution; see https://bugs.exim.org/show_bug.cgi?id=1636 Version-Release number of selected component (if applicable): pcre version 8.33 - 8.37 How reproducible: Always Steps to Reproduce: 1. Start 'pcretest' from pcre-tools 2. Run this regex: /^(?P=B)((?P=B)(?J:(?P<B>c)(?P<B>a(?P=B)))>WGXCREDITS)/ in the 're>' prompt Actual results: *** Error in `pcretest': free(): invalid next size (normal): 0x0000000001e8aa40 *** *** Error in `pcretest': malloc(): memory corruption: 0x0000000001e8aae0 *** Expected results: data>
Security bugs are handled by security team. This one happens when compiling the expression and as such it probably will not be handled as a security bug. See bug 1226918. *** This bug has been marked as a duplicate of bug 1226918 ***