This is the mail archive of the
glibc-bugs@sourceware.org
mailing list for the glibc project.
[Bug regex/21163] New: Assertion failure in pop_fail_stack when executing a malformed regexp
- From: "fweimer at redhat dot com" <sourceware-bugzilla at sourceware dot org>
- To: glibc-bugs at sourceware dot org
- Date: Tue, 14 Feb 2017 18:54:22 +0000
- Subject: [Bug regex/21163] New: Assertion failure in pop_fail_stack when executing a malformed regexp
- Auto-submitted: auto-generated
https://sourceware.org/bugzilla/show_bug.cgi?id=21163
Bug ID: 21163
Summary: Assertion failure in pop_fail_stack when executing a
malformed regexp
Product: glibc
Version: 2.24
Status: NEW
Severity: normal
Priority: P2
Component: regex
Assignee: unassigned at sourceware dot org
Reporter: fweimer at redhat dot com
CC: drepper.fsp at gmail dot com
Target Milestone: ---
Flags: security-
Debian bug report:
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=779392
Reproducer from the Debian bug:
#include <assert.h>
#include <regex.h>
#include <stdio.h>
int main(int argc, char **argv)
{
int rc;
regex_t preg;
regmatch_t pmatch[2];
rc = regcomp(&preg, "()*)|\\1)*", REG_EXTENDED);
assert(rc == 0);
regexec(&preg, "", 2, pmatch, 0);
regfree(&preg);
return 0;
}
This was assigned CVE-2015-8985 even though it is debatable whether this is a
security bug.
--
You are receiving this mail because:
You are on the CC list for the bug.