Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [day] [month] [year] [list] 
Date: Sat, 21 May 2016 15:21:38 +0200
From: Szabolcs Nagy <nsz@...t70.net>
To: musl@...ts.openwall.com
Cc: John Regehr <regehr@...utah.edu>
Subject: [PATCH] fix the use of uninitialized value in regcomp

the num_submatches field of some ast nodes was not initialized in
tre_add_tag_{left,right}, but was accessed later.

this was a benign bug since the uninitialized values were never used
(these values are created during tre_add_tags and copied around during
tre_expand_ast where they are also used in computations, but nothing
in the final tnfa depends on them).
---
 src/regex/regcomp.c | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/src/regex/regcomp.c b/src/regex/regcomp.c
index 5fad98b..65f2fd0 100644
--- a/src/regex/regcomp.c
+++ b/src/regex/regcomp.c
@@ -1106,6 +1106,7 @@ tre_add_tag_left(tre_mem_t mem, tre_ast_node_t *node, int tag_id)
   c->right->firstpos = NULL;
   c->right->lastpos = NULL;
   c->right->num_tags = 0;
+  c->right->num_submatches = 0;
   node->obj = c;
   node->type = CATENATION;
   return REG_OK;
@@ -1136,6 +1137,7 @@ tre_add_tag_right(tre_mem_t mem, tre_ast_node_t *node, int tag_id)
   c->left->firstpos = NULL;
   c->left->lastpos = NULL;
   c->left->num_tags = 0;
+  c->left->num_submatches = 0;
   node->obj = c;
   node->type = CATENATION;
   return REG_OK;
-- 
2.8.1

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.