/[pcre]/code/trunk/ChangeLog
ViewVC logotype

Diff of /code/trunk/ChangeLog

Parent Directory Parent Directory | Revision Log Revision Log | View Patch Patch

revision 1618 by ph10, Sat Dec 5 16:30:14 2015 UTC revision 1619 by ph10, Sat Dec 5 16:58:46 2015 UTC
# Line 35  Version 8.39 xx-xxxxxx-201x Line 35  Version 8.39 xx-xxxxxx-201x
35    
36  8.  An call of pcre_copy_named_substring() for a named substring whose number  8.  An call of pcre_copy_named_substring() for a named substring whose number
37      was greater than the space in the ovector could cause a crash.      was greater than the space in the ovector could cause a crash.
38    
39    9.  Yet another buffer overflow bug involved duplicate named groups with a
40        group that reset capture numbers (compare 8.38/7 below). Once again, I have
41        just allowed for more memory, even if not needed. (A proper fix is
42        implemented in PCRE2, but it involves a lot of refactoring.)
43    
44    
45  Version 8.38 23-November-2015  Version 8.38 23-November-2015
# Line 42  Version 8.38 23-November-2015 Line 47  Version 8.38 23-November-2015
47    
48  1.  If a group that contained a recursive back reference also contained a  1.  If a group that contained a recursive back reference also contained a
49      forward reference subroutine call followed by a non-forward-reference      forward reference subroutine call followed by a non-forward-reference
50      subroutine call, for example /.((?2)(?R)\1)()/, pcre2_compile() failed to      subroutine call, for example /.((?2)(?R)\1)()/, pcre_compile() failed to
51      compile correct code, leading to undefined behaviour or an internally      compile correct code, leading to undefined behaviour or an internally
52      detected error. This bug was discovered by the LLVM fuzzer.      detected error. This bug was discovered by the LLVM fuzzer.
53    

Legend:
Removed from v.1618  
changed lines
  Added in v.1619

  ViewVC Help
Powered by ViewVC 1.1.5