11191 – regexec.c: avoid overflow in computing sum of lengths

Bug 11191 - regexec.c: avoid overflow in computing sum of lengths

Summary: regexec.c: avoid overflow in computing sum of lengths

Status:	RESOLVED FIXED

Alias:	None

Product:	glibc
Classification:	Unclassified
Component:	regex (show other bugs)
Version:	2.12

Importance:	P2 normal
Target Milestone:	---
Assignee:	Ulrich Drepper

URL:
Keywords:

Depends on:
Blocks:

Reported:	2010-01-19 16:02 UTC by jim@meyering.net
Modified:	2010-01-22 20:22 UTC (History)
CC List:	2 users (show)

See Also:
Host:
Target:
Build:
Last reconfirmed:

Attachments
regexec.c: avoid overflow in computing sum of lengths (510 bytes, patch) 2010-01-19 16:04 UTC, jim@meyering.net	Details \| Diff
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description jim@meyering.net 2010-01-19 16:02:51 UTC

patch attached

Comment 1 jim@meyering.net 2010-01-19 16:04:59 UTC

Created attachment 4538 [details]
regexec.c: avoid overflow in computing sum of lengths

2010-01-19  Paul Eggert  <eggert@cs.ucla.edu>

	[BZ #11191]
	regexec.c: avoid overflow in computing sum of lengths
	* posix/regexec.c (re_search_2_stub): Check for overflow
	when adding the sizes of the two strings.

Comment 2 Ulrich Drepper 2010-01-22 20:22:42 UTC

Checked into git.