[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
bug#56108: 29.0.50; ASAN use-after-free in re_match_2_internal
From: |
Stefan Monnier |
Subject: |
bug#56108: 29.0.50; ASAN use-after-free in re_match_2_internal |
Date: |
Thu, 23 Jun 2022 17:29:13 -0400 |
User-agent: |
Gnus/5.13 (Gnus v5.13) Emacs/29.0.50 (gnu/linux) |
> Stefan, do you happen to know why some of the callers of
> compile_pattern don't call freeze_pattern to protect the new cache
> entry? Is it just an omission or do we miss something here?
Before `freeze_pattern`, the design was that nothing could happen while
running the regexp matcher (no GC, no execution of Lisp code).
Commit 938d252d1c6c5e2027aa250c649deb024154f936 changed that so that
searching inside a *buffer* could end up running ELisp code (and hence
also GC). AFAIK this still can't happen when searching in strings.
[ IIRC The need to run ELisp is so as to apply `syntax-table` text
properties on demand via `syntax-propertize`. ]
So I think freeze_pattern should be used in all cases where
`compile_pattern` is used to search inside a buffer, but it shouldn't be
necessary when searching within a string.
At least, that's my recollection.
Stefan
- bug#56108: 29.0.50; ASAN use-after-free in re_match_2_internal, (continued)
- bug#56108: 29.0.50; ASAN use-after-free in re_match_2_internal, Eli Zaretskii, 2022/06/20
- bug#56108: 29.0.50; ASAN use-after-free in re_match_2_internal, Gerd Möllmann, 2022/06/22
- bug#56108: 29.0.50; ASAN use-after-free in re_match_2_internal, Eli Zaretskii, 2022/06/22
- bug#56108: 29.0.50; ASAN use-after-free in re_match_2_internal, Gerd Möllmann, 2022/06/22
- bug#56108: 29.0.50; ASAN use-after-free in re_match_2_internal, Eli Zaretskii, 2022/06/22
- bug#56108: 29.0.50; ASAN use-after-free in re_match_2_internal, Gerd Möllmann, 2022/06/22
- bug#56108: 29.0.50; ASAN use-after-free in re_match_2_internal, Eli Zaretskii, 2022/06/22
- bug#56108: 29.0.50; ASAN use-after-free in re_match_2_internal, Gerd Möllmann, 2022/06/23
- bug#56108: 29.0.50; ASAN use-after-free in re_match_2_internal, Eli Zaretskii, 2022/06/23
- bug#56108: 29.0.50; ASAN use-after-free in re_match_2_internal, Eli Zaretskii, 2022/06/23
- bug#56108: 29.0.50; ASAN use-after-free in re_match_2_internal,
Stefan Monnier <=
- bug#56108: 29.0.50; ASAN use-after-free in re_match_2_internal, Eli Zaretskii, 2022/06/24
- bug#56108: 29.0.50; ASAN use-after-free in re_match_2_internal, Gerd Möllmann, 2022/06/24
- bug#56108: 29.0.50; ASAN use-after-free in re_match_2_internal, Gerd Möllmann, 2022/06/24
- bug#56108: 29.0.50; ASAN use-after-free in re_match_2_internal, Eli Zaretskii, 2022/06/24
- bug#56108: 29.0.50; ASAN use-after-free in re_match_2_internal, Eli Zaretskii, 2022/06/25
- bug#56108: 29.0.50; ASAN use-after-free in re_match_2_internal, Eli Zaretskii, 2022/06/27
- bug#56108: 29.0.50; ASAN use-after-free in re_match_2_internal, Gerd Möllmann, 2022/06/27
- bug#56108: 29.0.50; ASAN use-after-free in re_match_2_internal, Gerd Möllmann, 2022/06/23
- bug#56108: 29.0.50; ASAN use-after-free in re_match_2_internal, Eli Zaretskii, 2022/06/23
- bug#56108: 29.0.50; ASAN use-after-free in re_match_2_internal, Gerd Möllmann, 2022/06/23