[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

bug#51710: [PATCH] pcre: avoid overflow in PCRE JIT stack resizing

From: Paul Eggert
Subject: bug#51710: [PATCH] pcre: avoid overflow in PCRE JIT stack resizing
Date: Sun, 14 Nov 2021 12:54:58 -0800
User-agent: Mozilla/5.0 (X11; Linux x86_64; rv:91.0) Gecko/20100101 Thunderbird/91.2.1

As a result of the recent changes to get grep to use PCRE2 instead of old PCRE, the relevant code now looks like this:

 /* STACK_GROWTH_RATE is taken from PCRE's src/pcre2_jit_compile.c.
    Going over the jitstack_max limit could trigger an int
    overflow bug.  */
 int STACK_GROWTH_RATE = 8192;
 idx_t jitstack_max = MIN (IDX_MAX, SIZE_MAX - (STACK_GROWTH_RATE - 1));

 int e = pcre2_match (pc->cre, (PCRE2_SPTR) subject, search_bytes,
                      search_offset, options, pc->data, pc->mcontext);
     && pc->jit_stack_size <= jitstack_max / 2)
   ... code that computes pc->git_stack_size * 2 ...

This should avoid integer overflow in both grep and libpcre2, without imposing arbitrary limits on what PCRE2 can do. If this more-generous limit causes problems please let me know.

reply via email to

[Prev in Thread] Current Thread [Next in Thread]