public inbox for glibc-bugs-regex@sourceware.org help / color / mirror / Atom feed
* [Bug regex/17070] regcomp with REG_EXTENDED uses unbounded CPU or RAM [not found] <bug-17070-132@http.sourceware.org/bugzilla/> @ 2014-06-19 14:45 ` fweimer at redhat dot com 2014-06-19 15:05 ` bugdal at aerifal dot cx 2015-02-24 12:40 ` fweimer at redhat dot com 2 siblings, 0 replies; 3+ messages in thread From: fweimer at redhat dot com @ 2014-06-19 14:45 UTC (permalink / raw) To: glibc-bugs-regex https://sourceware.org/bugzilla/show_bug.cgi?id=17070 Florian Weimer <fweimer at redhat dot com> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |fweimer at redhat dot com See Also| |https://sourceware.org/bugz | |illa/show_bug.cgi?id=12896 Flags| |security+ -- You are receiving this mail because: You are on the CC list for the bug. ^ permalink raw reply [flat|nested] 3+ messages in thread
* [Bug regex/17070] regcomp with REG_EXTENDED uses unbounded CPU or RAM [not found] <bug-17070-132@http.sourceware.org/bugzilla/> 2014-06-19 14:45 ` [Bug regex/17070] regcomp with REG_EXTENDED uses unbounded CPU or RAM fweimer at redhat dot com @ 2014-06-19 15:05 ` bugdal at aerifal dot cx 2015-02-24 12:40 ` fweimer at redhat dot com 2 siblings, 0 replies; 3+ messages in thread From: bugdal at aerifal dot cx @ 2014-06-19 15:05 UTC (permalink / raw) To: glibc-bugs-regex https://sourceware.org/bugzilla/show_bug.cgi?id=17070 Rich Felker <bugdal at aerifal dot cx> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |bugdal at aerifal dot cx --- Comment #1 from Rich Felker <bugdal at aerifal dot cx> --- I'm guessing -9 got interpreted as (size_t)-9, in which case that many states are really needed in the compiled regex. This is why POSIX allows implementations to place a limit on the number of repetitions supported in {n,m} (IIRC only up to 256 need to be supported) and why glibc should make use of this allowance. -- You are receiving this mail because: You are on the CC list for the bug. ^ permalink raw reply [flat|nested] 3+ messages in thread
* [Bug regex/17070] regcomp with REG_EXTENDED uses unbounded CPU or RAM [not found] <bug-17070-132@http.sourceware.org/bugzilla/> 2014-06-19 14:45 ` [Bug regex/17070] regcomp with REG_EXTENDED uses unbounded CPU or RAM fweimer at redhat dot com 2014-06-19 15:05 ` bugdal at aerifal dot cx @ 2015-02-24 12:40 ` fweimer at redhat dot com 2 siblings, 0 replies; 3+ messages in thread From: fweimer at redhat dot com @ 2015-02-24 12:40 UTC (permalink / raw) To: glibc-bugs-regex https://sourceware.org/bugzilla/show_bug.cgi?id=17070 Florian Weimer <fweimer at redhat dot com> changed: What |Removed |Added ---------------------------------------------------------------------------- See Also| |https://sourceware.org/bugz | |illa/show_bug.cgi?id=18013 Flags|security+ |security- --- Comment #2 from Florian Weimer <fweimer at redhat dot com> --- Per our Security Exceptions, this is not a security bug: https://sourceware.org/glibc/wiki/Security%20Exceptions Also see the relatted bugs. -- You are receiving this mail because: You are on the CC list for the bug. ^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2015-02-24 12:40 UTC | newest] Thread overview: 3+ messages (download: mbox.gz / follow: Atom feed) -- links below jump to the message on this page -- [not found] <bug-17070-132@http.sourceware.org/bugzilla/> 2014-06-19 14:45 ` [Bug regex/17070] regcomp with REG_EXTENDED uses unbounded CPU or RAM fweimer at redhat dot com 2014-06-19 15:05 ` bugdal at aerifal dot cx 2015-02-24 12:40 ` fweimer at redhat dot com
This is a public inbox, see mirroring instructions for how to clone and mirror all data and code used for this inbox; as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).