[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

bug#32271: heap buffer overflow in regexp.c, line 286

From: Assaf Gordon
Subject: bug#32271: heap buffer overflow in regexp.c, line 286
Date: Fri, 3 Aug 2018 19:58:46 -0600
User-agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Thunderbird/52.9.1

tags 32271 fixed
close 32271

On 02/08/18 09:15 AM, Jim Meyering wrote:
On Fri, Jul 27, 2018 at 12:13 PM, Assaf Gordon <address@hidden> wrote:
On 25/07/18 08:34 AM, project-repo wrote:

I let the fuzzer run again and it came up with a second heap buffer
overflow. This time in regexp.c, line 286. Here is a backtrace as
supplied by the address sanitizer:

The two attached patches should explain it in detail.

As these changes are somewhat subtle, I encourage everyone to
double-check them...

Fine work, yet again. Thank you!
I did spot one nit: the addition of two leading TAB bytes in the
latter patch. Should be 8 spaces, of course:

Thanks for the review.

Pushed here:


reply via email to

[Prev in Thread] Current Thread [Next in Thread]