Red Hat Bugzilla – Bug 384761
CVE-2006-7225 pcre miscalculation of memory requirements for malformed Posix character class
Last modified: 2010-09-24 07:31:55 EDT
From pcre changelog, version 6.7:
18. A valid (though odd) pattern that looked like a POSIX character
class but used an invalid character after [ (for example [[,abc,]]) caused
pcre_compile() to give the error "Failed: internal error: code overflow" or
in some cases to crash with a glibc free() error. This could even happen if
the pattern terminated after [[ but there just happened to be a sequence of
letters, a binary zero, and a closing ] in the memory that followed.
Red Hat would like to thank Ludwig Nussel for reporting this issue.
Created attachment 259901 [details]
Patch agains pcre 6.4 provided by Ludwig Nussel of SUSE
Now public via SUSE advisory, removing embargo
This issue was addressed in:
Red Hat Enterprise Linux: