Bug 669413 - pcre does not terminate on some unicode patterns
pcre does not terminate on some unicode patterns
Status: CLOSED ERRATA
Product: Red Hat Enterprise Linux 5
Classification: Red Hat
Component: pcre (Show other bugs)
5.6
Unspecified Unspecified
urgent Severity high
: rc
: ---
Assigned To: Petr Pisar
Jan Kepler
: Patch, Regression, ZStream
Depends On:
Blocks: 680962
  Show dependency treegraph
 
Reported: 2011-01-13 11:05 EST by Ondrej Moriš
Modified: 2013-09-30 17:58 EDT (History)
6 users (show)

See Also:
Fixed In Version: pcre-6.6-7.el5
Doc Type: Bug Fix
Doc Text:
A previous update enabled Unicode properties to support \p{..}, \P{..}, and \X escape sequences. However, compiling certain regular expressions which contained extended classes under a non-UTF-8 PCRE mode failed due to the compilation entering an infinite loop. This has been fixed in this update so that compiling such regular expressions completes as expected.
Story Points: ---
Clone Of:
Environment:
Last Closed: 2013-09-30 17:58:23 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)
Fix for looping on pattern compilation in non-UTF-8 (64 bytes, text/plain)
2011-01-13 11:11 EST, Petr Pisar
no flags Details
Fix for looping on pattern compilation in non-UTF-8 (3.18 KB, patch)
2011-01-13 11:14 EST, Petr Pisar
no flags Details | Diff
Test case for the loop problem (1.28 KB, text/plain)
2011-01-13 11:36 EST, Petr Pisar
no flags Details
Complete backport of infinite loop bugfix (1.90 KB, patch)
2011-01-14 06:24 EST, Tuomo Soini
no flags Details | Diff
Fix for looping on pattern compilation in non-UTF-8 (5.01 KB, patch)
2011-01-17 10:16 EST, Petr Pisar
no flags Details | Diff
Test case for the loop problem (1.43 KB, text/plain)
2011-01-17 10:18 EST, Petr Pisar
no flags Details

  None (edit)
Comment 2 Petr Pisar 2011-01-13 11:11:46 EST
Created attachment 473362 [details]
Fix for looping on pattern compilation in non-UTF-8

I believe I found fix for the loop problem. This attachment should fix it.
Comment 3 Petr Pisar 2011-01-13 11:14:24 EST
Created attachment 473363 [details]
Fix for looping on pattern compilation in non-UTF-8

I believe I found fix for the loop problem. This attachment should fix it.
Comment 5 Petr Pisar 2011-01-13 11:36:41 EST
Created attachment 473365 [details]
Test case for the loop problem

This C program tests the loop problem. If the problem is fixed, the program
returns with success code in finite time. Otherwise it times out after 5 seconds and returns failure code.
Comment 6 Tuomo Soini 2011-01-14 06:24:17 EST
Created attachment 473502 [details]
Complete backport of infinite loop bugfix
Comment 7 Tuomo Soini 2011-01-14 06:26:32 EST
Your backport seem to be incomplete.

I attached more complete backport.

Test case which shows the difference is to change this pattern to test program:

const char pattern[] = "/ ([\\p{Nd}]) (abc) (?2) /";
Comment 8 Petr Pisar 2011-01-17 10:16:53 EST
Created attachment 473857 [details]
Fix for looping on pattern compilation in non-UTF-8

Annotated patch fixing both recursion and both bracket search.
Comment 9 Petr Pisar 2011-01-17 10:18:28 EST
Created attachment 473858 [details]
Test case for the loop problem

Test case with both mentioned patterns.
Comment 10 Petr Pisar 2011-01-17 10:23:06 EST
(In reply to comment #7)
> Your backport seem to be incomplete.
> 
Thank you very much. I would welcome a pointer to relevant discussion or VCS repository as upstream moved to new VCS and mailing list at the begin of year 2007 throwing previous development history away.

I checked whole pcre_compile.c for OP_XCLASS against pcre-6.7. I hope that's everything.
Comment 11 Tuomo Soini 2011-01-21 06:17:51 EST
No idea about VCS link or anything. Second test pattern was invented by Kim Heino when he looked at your backport and why our backport was different than your original one.
Comment 26 errata-xmlrpc 2013-09-30 17:58:23 EDT
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

http://rhn.redhat.com/errata/RHBA-2013-1298.html

Note You need to log in before you can comment on or make changes to this bug.