1e2fe7e07d
This fixes CVE-2016-1283, which allows remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via a crafted regular expression. https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1283
18 lines
747 B
Diff
18 lines
747 B
Diff
Index: pcre_compile.c
|
|
===================================================================
|
|
--- a/pcre_compile.c (revision 1635)
|
|
+++ b/pcre_compile.c (revision 1636)
|
|
@@ -7311,7 +7311,12 @@
|
|
so far in order to get the number. If the name is not found, leave
|
|
the value of recno as 0 for a forward reference. */
|
|
|
|
- else
|
|
+ /* This patch (removing "else") fixes a problem when a reference is
|
|
+ to multiple identically named nested groups from within the nest.
|
|
+ Once again, it is not the "proper" fix, and it results in an
|
|
+ over-allocation of memory. */
|
|
+
|
|
+ /* else */
|
|
{
|
|
ng = cd->named_groups;
|
|
for (i = 0; i < cd->names_found; i++, ng++)
|