/[pcre2]/code/trunk/ChangeLog
ViewVC logotype

Diff of /code/trunk/ChangeLog

Parent Directory Parent Directory | Revision Log Revision Log | View Patch Patch

revision 230 by zherczeg, Tue Mar 24 08:43:52 2015 UTC revision 231 by ph10, Tue Mar 24 10:21:34 2015 UTC
# Line 14  error. This bug was discovered by the LL Line 14  error. This bug was discovered by the LL
14    
15  4. Implemented pcre2_callout_enumerate().  4. Implemented pcre2_callout_enumerate().
16    
17  5. Fix JIT compilation of conditional blocks whose assertion  5. Fix JIT compilation of conditional blocks whose assertion is converted to
18     is converted to (*FAIL). E.g: /(?(?!))/.  (*FAIL). E.g: /(?(?!))/.
19    
20    6. The pattern /(?(?!)^)/ caused references to random memory. This bug was
21    discovered by the LLVM fuzzer.
22    
23    7. The assertion (?!) is optimized to (*FAIL). This was not handled correctly
24    when this assertion was used as a condition, for example (?(?!)a|b). In
25    pcre2_match() it worked by luck; in pcre2_dfa_match() it gave an incorrect
26    error about an unsupported item.
27    
28    
29  Version 10.10 06-March-2015  Version 10.10 06-March-2015
# Line 120  repeated outer group that has a zero min Line 128  repeated outer group that has a zero min
128  to be compiled, leading to the error "internal error: previously-checked  to be compiled, leading to the error "internal error: previously-checked
129  referenced subpattern not found" when an incorrect memory address was read.  referenced subpattern not found" when an incorrect memory address was read.
130  This bug was reported as "heap overflow", discovered by Kai Lu of Fortinet's  This bug was reported as "heap overflow", discovered by Kai Lu of Fortinet's
131  FortiGuard Labs.  FortiGuard Labs. (Added 24-March-2015: CVE-2015-2325 was given to this.)
132    
133  23. A pattern such as "((?+1)(\1))/" containing a forward reference subroutine  23. A pattern such as "((?+1)(\1))/" containing a forward reference subroutine
134  call within a group that also contained a recursive back reference caused  call within a group that also contained a recursive back reference caused
135  incorrect code to be compiled. This bug was reported as "heap overflow",  incorrect code to be compiled. This bug was reported as "heap overflow",
136  discovered by Kai Lu of Fortinet's FortiGuard Labs.  discovered by Kai Lu of Fortinet's FortiGuard Labs. (Added 24-March-2015:
137    CVE-2015-2326 was given to this.)
138    
139  24. Computing the size of the JIT read-only data in advance has been a source  24. Computing the size of the JIT read-only data in advance has been a source
140  of various issues, and new ones are still appear unfortunately. To fix  of various issues, and new ones are still appear unfortunately. To fix

Legend:
Removed from v.230  
changed lines
  Added in v.231

  ViewVC Help
Powered by ViewVC 1.1.5