Date: Mon, 24 Aug 2015 09:36:52 +0800 From: Guanxing Wen <wengx522@...il.com> To: oss-security@...ts.openwall.com Subject: CVE Request: PCRE Library Heap Overflow in compile_regex() Hi, MITRE PCRE library is prone to a vulnerability which leads to Heap Overflow. During the compilation of a malformed regular expression, more data is written on the malloced block than the expected size output by compile_regex(). The Heap Overflow vulnerability is caused by the following regular expression. /(?J:(?|(:(?|(?'R')(\z(?|(?'R')(\k'R')|((?'R')))k'R')|((?'R')))H'Ak'Rf)|s(?'R')))/ A dry run of this particular regular expression with pcretest will reports "double free or corruption (!prev)". But it is actually a heap overflow problem. The overflow only affects pcre 8.x branch, pcre2 branch is not affected. This is a different issue from http://www.openwall.com/lists/oss-security/2015/08/05/3 Reference: https://bugs.exim.org/show_bug.cgi?id=1672 Please allocate a CVE-ID for this. Thanks. Wen Guanxing from Venustech ADLAB
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ