It was reported that segmentation fault in surricata appeared when certain regex is processed by pcre_exec in libpcre3.
Created pcre tracking bugs for this issue:
Affects: fedora-all [bug 1320996]
Created suricata tracking bugs for this issue:
Affects: fedora-all [bug 1321002]
Created glib2 tracking bugs for this issue:
Affects: fedora-all [bug 1320998]
Created mingw-glib2 tracking bugs for this issue:
Affects: fedora-all [bug 1320999]
Affects: epel-7 [bug 1321001]
Created mingw-pcre tracking bugs for this issue:
Affects: fedora-all [bug 1320997]
Affects: epel-7 [bug 1321000]
Could you please provide reproducer? The debian bug report <https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=819050> is missing the "file" file content.
Moreover, the reporter claimed it happens with pcre-8.35 but not with 8.38. We have 8.38 in all supported Fedoras.
This was fixes with upstream commit:
Author: zherczeg <zherczeg@2f5784b3-3f2a-0410-8824-cb99058d5e15>
Date: Fri Apr 25 11:59:19 2014 +0000
Fixed an issue with nested table jumps.
git-svn-id: svn://vcs.exim.org/pcre/code/trunk@1475 2f5784b3-3f2a-0410-8824-cb99058d5e15
and fixed in subsequent pcre-8.36 release.
Reproducer from the commit:
$ printf '%s\n%s\n' '/(?:x|(?:(xx|yy)+|x|x|x|x|x)|a|a|a)bc/' 'acb' | ./pcretest -s++
PCRE version 8.35 2014-04-04
re> Segmentation fault (core dumped)
The following post indicates that this issue was introduced in pcre version 8.35 via the following commit:
and corrected in 8.36 using the following commit (the same one as pointed out in comment 8 above):
Only upstream version 8.35 was affected by this issue. Red Hat products do not currently contain any package that includes pcre version 8.35.