Bug 166333 - CAN-2005-2491 PCRE heap overflow
Summary: CAN-2005-2491 PCRE heap overflow
Alias: None
Product: Fedora
Classification: Fedora
Component: pcre (Show other bugs)
(Show other bugs)
Version: 4
Hardware: All Linux
Target Milestone: ---
Assignee: Ngo Than
QA Contact: Ben Levenson
Keywords: Security
Depends On:
Blocks: CVE-2005-2491
TreeView+ depends on / blocked
Reported: 2005-08-19 11:47 UTC by Mark J. Cox
Modified: 2008-01-29 09:40 UTC (History)
1 user (show)

Fixed In Version: 5.0-4.1
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2005-08-25 11:09:27 UTC
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)

Description Mark J. Cox 2005-08-19 11:47:08 UTC
+++ This bug was initially created as a clone of Bug #166330 +++

PCRE 6.2 was released recently which included a fix for a heap buffer overflow.
 PCRE is used by things such as Apache but only for configuration (therefore
making an exploit low severity).  A number of packages also include PCRE code
internally, I'll be adding separate bugs for those that contain PCRE and do not
use system PCRE later.

Changelog states:

1. There was no test for integer overflow of quantifier values. A construction
such as {1111111111111111} would give undefined results. What is worse, if
a minimum quantifier for a parenthesized subpattern overflowed and became
negative, the calculation of the memory size went wrong. This  could have led to
memory overwriting.

A minimal diff of the flaw is attached, the full 6.2 to 6.1 diff contains other
fixes that might be worth incorporating and a test for this flaw.

FC3 and FC4 affected

Comment 1 Ngo Than 2005-08-19 13:47:30 UTC
it's now fixed in pcre-4.5-3.1.1.fc3 and pcre-5.0-4.1.fc4

Comment 2 Fedora Update System 2005-08-24 15:43:33 UTC
From User-Agent: XML-RPC

pcre-4.5-3.1.1.fc3 has been pushed for FC3, which should resolve this issue.

If these issues are still present in this version, then please re-open this bug.

Comment 3 Fedora Update System 2005-08-24 15:43:37 UTC
From User-Agent: XML-RPC

%(package)s has been pushed for %(release)s, which should resolve this issue.

If these issues are still present in this version, then please re-open this bug.

Comment 4 Walter Justen 2005-08-25 11:09:27 UTC
Thanks for the bug report. This particular bug was fixed and a update package
was published for download. Please feel free to report any further bugs you find.

Note You need to log in before you can comment on or make changes to this bug.