This is the mail archive of the
libc-alpha@sourceware.org
mailing list for the glibc project.
[PATCH] regexec: do not infloop on calloc failure
- From: Jim Meyering <jim at meyering dot net>
- To: "GNU C. Library" <libc-alpha at sourceware dot org>
- Date: Mon, 27 Dec 2010 08:49:29 +0100
- Subject: [PATCH] regexec: do not infloop on calloc failure
Testing grep, I was surprised to be able to make it infloop.
Even more surprised to find that glibc's regex code was at fault.
Here's the fix:
>From 00d7a845c48a12163d2b053fa8923df01f27277b Mon Sep 17 00:00:00 2001
From: Jim Meyering <meyering@redhat.com>
Date: Mon, 27 Dec 2010 08:35:22 +0100
Subject: [PATCH] regexec: do not infloop on calloc failure
* posix/regexec.c (build_trtable): Return failure indication upon
calloc failure. Otherwise, re_search_internal could infloop on OOM.
---
ChangeLog | 6 ++++++
posix/regexec.c | 2 ++
2 files changed, 8 insertions(+), 0 deletions(-)
diff --git a/ChangeLog b/ChangeLog
index e86929e..752b912 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,9 @@
+2010-12-27 Jim Meyering <meyering@redhat.com>
+
+ [BZ #12348]
+ * posix/regexec.c (build_trtable): Return failure indication upon
+ calloc failure. Otherwise, re_search_internal could infloop on OOM.
+
2010-12-25 Ulrich Drepper <drepper@gmail.com>
[BZ #12201]
diff --git a/posix/regexec.c b/posix/regexec.c
index 7f7ae31..958ec9a 100644
--- a/posix/regexec.c
+++ b/posix/regexec.c
@@ -3373,6 +3373,8 @@ build_trtable (const re_dfa_t *dfa, re_dfastate_t *state)
{
state->trtable = (re_dfastate_t **)
calloc (sizeof (re_dfastate_t *), SBC_MAX);
+ if (BE (trtable == NULL, 0))
+ return 0;
return 1;
}
return 0;
--
1.7.3.4