[Bug regex/1291] New: size-overflow bugs in the regex code

[Bug regex/1291] New: size-overflow bugs in the regex code

[eggert at gnu dot org]

The regex code currently misbehaves badly if there's an arithmetic
overflow when calculating sizes, e.g., when doubling buffer sizes.
I'll attach a patch for all the instances of this that I found.  These
patches are conservative, in the sense that when I couldn't determine
whether an overflow was possible, I inserted a run-time check.

-- 
           Summary: size-overflow bugs in the regex code
           Product: glibc
           Version: 2.3.5
            Status: NEW
          Severity: normal
          Priority: P2
         Component: regex
        AssignedTo: gotom at debian dot or dot jp
        ReportedBy: eggert at gnu dot org
                CC: glibc-bugs-regex at sources dot redhat dot com,glibc-
                    bugs at sources dot redhat dot com
 BugsThisDependsOn: 1285


http://sources.redhat.com/bugzilla/show_bug.cgi?id=1291

------- You are receiving this mail because: -------
You are on the CC list for the bug, or are watching someone who is.

[Bug regex/1291] size-overflow bugs in the regex code

[eggert at gnu dot org]

------- Additional Comments From eggert at gnu dot org  2005-09-02 22:52 -------
Created an attachment (id=645)
 --> (http://sources.redhat.com/bugzilla/attachment.cgi?id=645&action=view)
add some size-overflow checks to regex code


-- 


http://sources.redhat.com/bugzilla/show_bug.cgi?id=1291

------- You are receiving this mail because: -------
You are on the CC list for the bug, or are watching someone who is.

[Bug regex/1291] size-overflow bugs in the regex code

[drepper at redhat dot com]

-- 
Bug 1291 depends on bug 1285, which changed state.

Bug 1285 Summary: regex code should use 'bool' (plus some bug fixes)
http://sourceware.org/bugzilla/show_bug.cgi?id=1285

           What    |Old Value                   |New Value
----------------------------------------------------------------------------
             Status|NEW                         |WAITING
             Status|WAITING                     |RESOLVED
         Resolution|                            |WONTFIX

http://sourceware.org/bugzilla/show_bug.cgi?id=1291

------- You are receiving this mail because: -------
You are on the CC list for the bug, or are watching someone who is.

[Bug regex/1291] size-overflow bugs in the regex code

[bonzini at gnu dot org]

------- Additional Comments From bonzini at gnu dot org  2006-04-26 07:15 -------
Just to preempt Ulrich, with whom I agree in this case, the patch as is does not
apply.

Please redo the patch without the Idx type, as it could be a good thing to have.

-- 


http://sourceware.org/bugzilla/show_bug.cgi?id=1291

------- You are receiving this mail because: -------
You are on the CC list for the bug, or are watching someone who is.

[Bug regex/1291] size-overflow bugs in the regex code

[aj at suse dot de]

http://sourceware.org/bugzilla/show_bug.cgi?id=1291

Andreas Jaeger <aj at suse dot de> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |aj at suse dot de

--- Comment #4 from Andreas Jaeger <aj at suse dot de> 2012-12-01 16:47:23 UTC ---
Paul, could you redo the patch for current glibc, please?

-- 
Configure bugmail: http://sourceware.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.

[Bug regex/1291] size-overflow bugs in the regex code

[aj at suse dot de]

http://sourceware.org/bugzilla/show_bug.cgi?id=1291

Andreas Jaeger <aj at suse dot de> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Status|NEW                         |WAITING

--- Comment #3 from Andreas Jaeger <aj at suse dot de> 2012-02-06 14:08:08 UTC ---
Paul, could you recreate the patch so that it applies cleanly against the
current git head?

-- 
Configure bugmail: http://sourceware.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.