This is the mail archive of the
glibc-bugs@sourceware.org
mailing list for the glibc project.
[Bug regex/24114] regexec buffer read overrun in "grep -i '\(\(\)*.\)*\(\)\(\)\1'"
- From: "cvs-commit at gcc dot gnu.org" <sourceware-bugzilla at sourceware dot org>
- To: glibc-bugs at sourceware dot org
- Date: Sun, 17 Mar 2019 08:44:50 +0000
- Subject: [Bug regex/24114] regexec buffer read overrun in "grep -i '\(\(\)*.\)*\(\)\(\)\1'"
- Auto-submitted: auto-generated
- References: <bug-24114-131@http.sourceware.org/bugzilla/>
https://sourceware.org/bugzilla/show_bug.cgi?id=24114
--- Comment #5 from cvs-commit at gcc dot gnu.org <cvs-commit at gcc dot gnu.org> ---
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "GNU C Library master sources".
The branch, release/2.28/master has been updated
via 54e725e39d0190227b9bf975a7c3f80e8a81365a (commit)
via 2aee101ff6075dd97a99982a1ba29e21ec25c52f (commit)
from 4bf5ab3196bd27e48d87d4a1cd91efd39772e026 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=54e725e39d0190227b9bf975a7c3f80e8a81365a
commit 54e725e39d0190227b9bf975a7c3f80e8a81365a
Author: Aurelien Jarno <aurelien@aurel32.net>
Date: Sat Mar 16 22:59:56 2019 +0100
Record CVE-2019-9169 in NEWS and ChangeLog [BZ #24114]
(cherry picked from commit b626c5aa5d0673a9caa48fb79fba8bda237e6fa8)
https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=2aee101ff6075dd97a99982a1ba29e21ec25c52f
commit 2aee101ff6075dd97a99982a1ba29e21ec25c52f
Author: Paul Eggert <eggert@cs.ucla.edu>
Date: Mon Jan 21 11:08:13 2019 -0800
regex: fix read overrun [BZ #24114]
Problem found by AddressSanitizer, reported by Hongxu Chen in:
https://debbugs.gnu.org/34140
* posix/regexec.c (proceed_next_node):
Do not read past end of input buffer.
(cherry picked from commit 583dd860d5b833037175247230a328f0050dbfe9)
-----------------------------------------------------------------------
Summary of changes:
ChangeLog | 9 +++++++++
NEWS | 4 ++++
posix/regexec.c | 6 ++++--
3 files changed, 17 insertions(+), 2 deletions(-)
--
You are receiving this mail because:
You are on the CC list for the bug.