public inbox for glibc-bugs-regex@sourceware.org
help / color / mirror / Atom feed
* [Bug regex/24114] regexec buffer read overrun in "grep -i '\(\(\)*.\)*\(\)\(\)\1'"
[not found] <bug-24114-132@http.sourceware.org/bugzilla/>
@ 2019-01-21 19:20 ` eggert at cs dot ucla.edu
0 siblings, 0 replies; only message in thread
From: eggert at cs dot ucla.edu @ 2019-01-21 19:20 UTC (permalink / raw)
To: glibc-bugs-regex
[-- Warning: decoded text below may be mangled, UTF-8 assumed --]
[-- Attachment #1: Type: text/plain; charset="UTF-8", Size: 178132 bytes --]
https://sourceware.org/bugzilla/show_bug.cgi?id=24114
eggert at cs dot ucla.edu changed:
What |Removed |Added
----------------------------------------------------------------------------
Component|libc |regex
--
You are receiving this mail because:
You are on the CC list for the bug.
>From glibc-bugs-regex-return-871-listarch-glibc-bugs-regex=sources.redhat.com@sourceware.org Thu Jan 31 03:20:08 2019
Return-Path: <glibc-bugs-regex-return-871-listarch-glibc-bugs-regex=sources.redhat.com@sourceware.org>
Delivered-To: listarch-glibc-bugs-regex@sources.redhat.com
Received: (qmail 44460 invoked by alias); 31 Jan 2019 03:20:07 -0000
Mailing-List: contact glibc-bugs-regex-help@sourceware.org; run by ezmlm
Precedence: bulk
List-Id: <glibc-bugs-regex.sourceware.org>
List-Subscribe: <mailto:glibc-bugs-regex-subscribe@sourceware.org>
List-Post: <mailto:glibc-bugs-regex@sourceware.org>
List-Help: <mailto:glibc-bugs-regex-help@sourceware.org>, <http://sourceware.org/lists.html#faqs>
Sender: glibc-bugs-regex-owner@sourceware.org
Delivered-To: mailing list glibc-bugs-regex@sourceware.org
Received: (qmail 44385 invoked by uid 48); 31 Jan 2019 03:20:03 -0000
From: "eggert at cs dot ucla.edu" <sourceware-bugzilla@sourceware.org>
To: glibc-bugs-regex@sourceware.org
Subject: [Bug regex/11053] Wrong results with backreferences
Date: Thu, 31 Jan 2019 03:20:00 -0000
X-Bugzilla-Reason: CC
X-Bugzilla-Type: changed
X-Bugzilla-Watch-Reason: None
X-Bugzilla-Product: glibc
X-Bugzilla-Component: regex
X-Bugzilla-Version: 2.11
X-Bugzilla-Keywords:
X-Bugzilla-Severity: normal
X-Bugzilla-Who: eggert at cs dot ucla.edu
X-Bugzilla-Status: ASSIGNED
X-Bugzilla-Resolution:
X-Bugzilla-Priority: P2
X-Bugzilla-Assigned-To: bonzini at gnu dot org
X-Bugzilla-Target-Milestone: ---
X-Bugzilla-Flags: security+
X-Bugzilla-Changed-Fields:
Message-ID: <bug-11053-132-ZjpoioS9xr@http.sourceware.org/bugzilla/>
In-Reply-To: <bug-11053-132@http.sourceware.org/bugzilla/>
References: <bug-11053-132@http.sourceware.org/bugzilla/>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
X-Bugzilla-URL: http://sourceware.org/bugzilla/
Auto-Submitted: auto-generated
MIME-Version: 1.0
X-SW-Source: 2019-01/txt/msg00001.txt.bz2
Content-length: 268
https://sourceware.org/bugzilla/show_bug.cgi?id=11053
--- Comment #8 from eggert at cs dot ucla.edu ---
Another test case for this bug can be found here:
https://debbugs.gnu.org/34238
--
You are receiving this mail because:
You are on the CC list for the bug.
>From glibc-bugs-regex-return-872-listarch-glibc-bugs-regex=sources.redhat.com@sourceware.org Thu Jan 31 17:20:08 2019
Return-Path: <glibc-bugs-regex-return-872-listarch-glibc-bugs-regex=sources.redhat.com@sourceware.org>
Delivered-To: listarch-glibc-bugs-regex@sources.redhat.com
Received: (qmail 112062 invoked by alias); 31 Jan 2019 17:17:41 -0000
Mailing-List: contact glibc-bugs-regex-help@sourceware.org; run by ezmlm
Precedence: bulk
List-Id: <glibc-bugs-regex.sourceware.org>
List-Subscribe: <mailto:glibc-bugs-regex-subscribe@sourceware.org>
List-Post: <mailto:glibc-bugs-regex@sourceware.org>
List-Help: <mailto:glibc-bugs-regex-help@sourceware.org>, <http://sourceware.org/lists.html#faqs>
Sender: glibc-bugs-regex-owner@sourceware.org
Delivered-To: mailing list glibc-bugs-regex@sourceware.org
Received: (qmail 79823 invoked by uid 55); 31 Jan 2019 17:13:54 -0000
From: "cvs-commit at gcc dot gnu.org" <sourceware-bugzilla@sourceware.org>
To: glibc-bugs-regex@sourceware.org
Subject: [Bug regex/23578] Invalid memory access if regex pattern contains NUL byte
Date: Thu, 31 Jan 2019 17:17:00 -0000
X-Bugzilla-Reason: CC
X-Bugzilla-Type: changed
X-Bugzilla-Watch-Reason: None
X-Bugzilla-Product: glibc
X-Bugzilla-Component: regex
X-Bugzilla-Version: 2.28
X-Bugzilla-Keywords:
X-Bugzilla-Severity: normal
X-Bugzilla-Who: cvs-commit at gcc dot gnu.org
X-Bugzilla-Status: RESOLVED
X-Bugzilla-Resolution: FIXED
X-Bugzilla-Priority: P3
X-Bugzilla-Assigned-To: fweimer at redhat dot com
X-Bugzilla-Target-Milestone: 2.29
X-Bugzilla-Flags: security-
X-Bugzilla-Changed-Fields:
Message-ID: <bug-23578-132-9ltoiUhHuX@http.sourceware.org/bugzilla/>
In-Reply-To: <bug-23578-132@http.sourceware.org/bugzilla/>
References: <bug-23578-132@http.sourceware.org/bugzilla/>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
X-Bugzilla-URL: http://sourceware.org/bugzilla/
Auto-Submitted: auto-generated
MIME-Version: 1.0
X-SW-Source: 2019-01/txt/msg00002.txt.bz2
Content-length: 42312
https://sourceware.org/bugzilla/show_bug.cgi?id=23578
--- Comment #6 from cvs-commit at gcc dot gnu.org <cvs-commit at gcc dot gnu.org> ---
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "GNU C Library master sources".
The annotated tag, glibc-2.29 has been created
at e7c9e41bb2407b0150997b382b49a5f3bb579bf9 (tag)
tagging 56c86f5dd516284558e106d04b92875d5b623b7a (commit)
replaces glibc-2.28.9000
tagged by Siddhesh Poyarekar
on Thu Jan 31 22:24:07 2019 +0530
- Log -----------------------------------------------------------------
The GNU C Library
=================
The GNU C Library version 2.29 is now available.
The GNU C Library is used as *the* C library in the GNU system and
in GNU/Linux systems, as well as many other systems that use Linux
as the kernel.
The GNU C Library is primarily designed to be a portable
and high performance C library. It follows all relevant
standards including ISO C11 and POSIX.1-2008. It is also
internationalized and has one of the most complete
internationalization interfaces known.
The GNU C Library webpage is at http://www.gnu.org/software/libc/
Packages for the 2.29 release may be downloaded from:
http://ftpmirror.gnu.org/libc/
http://ftp.gnu.org/gnu/libc/
The mirror list is at http://www.gnu.org/order/ftp.html
NEWS for version 2.29
====================
* The getcpu wrapper function has been added, which returns the currently
used CPU and NUMA node. This function is Linux-specific.
* A new convenience target has been added for distribution maintainers
to build and install all locales as directories with files. The new
target is run by issuing the following command in your build tree:
'make localedata/install-locale-files', with an optional DESTDIR
to set the install root if you wish to install into a non-default
configured location.
* Optimized generic exp, exp2, log, log2, pow, sinf, cosf, sincosf and tanf.
* The reallocarray function is now declared under _DEFAULT_SOURCE, not just
for _GNU_SOURCE, to match BSD environments.
* For powercp64le ABI, Transactional Lock Elision is now enabled iff kernel
indicates that it will abort the transaction prior to entering the kernel
(PPC_FEATURE2_HTM_NOSC on hwcap2). On older kernels the transaction is
suspended, and this caused some undefined side-effects issues by aborting
transactions manually. Glibc avoided it by abort transactions manually on
each syscall, but it lead to performance issues on newer kernels where the
HTM state is saved and restore lazily (the state being saved even when the
process actually does not use HTM).
* The functions posix_spawn_file_actions_addchdir_np and
posix_spawn_file_actions_addfchdir_np have been added, enabling
posix_spawn and posix_spawnp to run the new process in a different
directory. These functions are GNU extensions. The function
posix_spawn_file_actions_addchdir_np is similar to the Solaris function
of the same name.
* The popen and system do not run atfork handlers anymore (BZ#17490).
Although it is a possible POSIX violation, the POSIX rationale in
pthread_atfork documentation regarding atfork handlers is to handle
inconsistent mutex state after a fork call in a multi-threaded process.
In both popen and system there is no direct access to user-defined mutexes.
* Support for the C-SKY ABIV2 running on Linux has been added. This port
requires at least binutils-2.32, gcc-9.0, and linux-4.20. Two ABIs are
supported:
- C-SKY ABIV2 soft-float little-endian
- C-SKY ABIV2 hard-float little-endian
* strftime's default formatting of a locale's alternative year (%Ey)
has been changed to zero-pad the year to a minimum of two digits,
like "%y". This improves the display of Japanese era years during
the first nine years of a new era, and is expected to be harmless
for all other locales (only Japanese locales regularly have
alternative year numbers less than 10). Zero-padding can be
overridden with the '_' or '-' flags (which are GNU extensions).
* As a GNU extension, the '_' and '-' flags can now be applied to
"%EY" to control how the year number is formatted; they have the
same effect that they would on "%Ey".
Deprecated and removed features, and other changes affecting compatibility:
* The glibc.tune tunable namespace has been renamed to glibc.cpu and the
tunable glibc.tune.cpu has been renamed to glibc.cpu.name.
* The type of the pr_uid and pr_gid members of struct elf_prpsinfo, defined
in <sys/procfs.h>, has been corrected to match the type actually used by
the Linux kernel. This affects the size and layout of that structure on
MicroBlaze, MIPS (n64 ABI only), Nios II and RISC-V.
* For the MIPS n32 ABI, the type of the pr_sigpend and pr_sighold members of
struct elf_prstatus, and the pr_flag member of struct elf_prpsinfo,
defined in <sys/procfs.h>, has been corrected to match the type actually
used by the Linux kernel. This affects the size and layout of those
structures.
* An archaic GNU extension to scanf, under which '%as', '%aS', and '%a[...]'
meant to scan a string and allocate space for it with malloc, is now
restricted to programs compiled in C89 or C++98 mode with _GNU_SOURCE
defined. This extension conflicts with C99's use of '%a' to scan a
hexadecimal floating-point number, which is now available to programs
compiled as C99 or C++11 or higher, regardless of _GNU_SOURCE.
POSIX.1-2008 includes the feature of allocating a buffer for string input
with malloc, using the modifier letter 'm' instead. Programs using
'%as', '%aS', or '%a[...]' with the old GNU meaning should change to
'%ms', '%mS', or '%m[...]' respectively. Programs that wish to use the
C99 '%a' no longer need to avoid _GNU_SOURCE.
GCC's -Wformat warnings can detect most uses of this extension, as long
as all functions that call vscanf, vfscanf, or vsscanf are annotated with
__attribute__ ((format (scanf, ...))).
Changes to build and runtime requirements:
* Python 3.4 or later is required to build the GNU C Library.
* On most architectures, GCC 5 or later is required to build the GNU C
Library. (On powerpc64le, GCC 6.2 or later is still required, as before.)
Older GCC versions and non-GNU compilers are still supported when
compiling programs that use the GNU C Library.
Security related changes:
CVE-2018-19591: A file descriptor leak in if_nametoindex can lead to a
denial of service due to resource exhaustion when processing getaddrinfo
calls with crafted host names. Reported by Guido Vranken.
CVE-2019-6488: On x32, the size_t parameter may be passed in the lower
32 bits of a 64-bit register with with non-zero upper 32 bit. When it
happened, accessing the 32-bit size_t value as the full 64-bit register
in the assembly string/memory functions would cause a buffer overflow.
Reported by H.J. Lu.
CVE-2016-10739: The getaddrinfo function could successfully parse IPv4
addresses with arbitrary trailing characters, potentially leading to data
or command injection issues in applications.
Release Notes
=============
https://sourceware.org/glibc/wiki/Release/2.29
Contributors
============
This release was made possible by the contributions of many people.
The maintainers are grateful to everyone who has contributed
changes or bug reports. These include:
Adhemerval Zanella
Albert ARIBAUD (3ADEV)
Alexandra Hájková
Andreas K. Hüttel
Andreas Schwab
Anton Youdkevitch
Arjun Shankar
Assaf Gordon
Aurelien Jarno
Carlos O'Donell
Charles-Antoine Couret
DJ Delorie
Darius Rad
David S. Miller
Dmitry V. Levin
Florian Weimer
Fredrik Noring
Gabriel F. T. Gomes
H.J. Lu
Ilya Leoshkevich
Ilya Yu. Malakhov
Istvan Kurucsai
Jim Wilson
Joseph Myers
Justus Winter
Kemi Wang
Leonardo Sandoval
Mao Han
Martin Jansa
Martin Kuchta
Martin Sebor
Mingli Yu
Moritz Eckert
PanderMusubi
Paul Clarke
Paul Eggert
Paul Pluzhnikov
Pochang Chen
Rafael Avila de Espindola
Rafael Ãvila de EspÃndola
Rafal Luzynski
Rajalakshmi Srinivasaraghavan
Rogerio Alves
Samuel Thibault
Sergi Almacellas Abellana
Siddhesh Poyarekar
Stefan Liebler
Steve Ellcey
Szabolcs Nagy
TAMUKI Shoichi
Tobias Klauser
Tulio Magno Quites Machado Filho
Uroš Bizjak
Wilco Dijkstra
Zack Weinberg
Zong Li
-----BEGIN PGP SIGNATURE-----
iQEcBAABAgAGBQJcUyg2AAoJEHnEPfvxzyGHauAIAJmbTi6IHhY18D0NwFH002a/
Z/4L4jTd9/I8kaR+qYMGDi1tO+cTWtxO3jdlIU7/1VRdnL1h+HnlYTJlc64DVP9t
3W4lhSJRbK8HWlV0emmNHnBCgV6SxOMaMPN286WKLDTYI3OrOs16qkKneDqhWEoG
BS1rvxdkd27hOds3CY4xsgCFgeyo/aS+sqV2nMNdcpGBb1ZLNET3O3AkP155BwOF
utMl2xbQ5Ue17mOrw1TiOUJqvvf6FhNHFLT1dgBmgAVP+sXhjgL00co4sHh5xu5x
vJ1ju3KgzIYtxbiAIUTppia/nRFX4K8z+VL7f4aDeUm6cxuikECcpCVgH7if4gc=
=Fcnu
-----END PGP SIGNATURE-----
Adhemerval Zanella (43):
powerpc: Only enable TLE with PPC_FEATURE2_HTM_NOSC
Use libsupport for tst-spawn.c
Fix ifunc support with DT_TEXTREL segments (BZ#20480)
Fix misreported errno on preadv2/pwritev2 (BZ#23579)
libio: Flush stream at freopen (BZ#21037)
Fix build from commit 0b727ed
x86: Fix Haswell strong flags (BZ#23709)
Fix tst-preadvwritev2 build failure on HURD
posix: Add internal symbols for posix_spawn interface
support: Fix printf format for TEST_COMPARE_STRING
posix: Use posix_spawn on popen
posix: Use posix_spawn on system
Fix ChangeLog date from previous commit
posix: Fix segfault in maybe_script_execute
m68k: Fix sigaction kernel definition (BZ #23960)
alpha: Use Linux generic sigaction implementation
hppa: Remove kernel_sigaction.h
ia64: Remove kernel_sigaction.h
s390: Use generic kernel_sigaction.h
Fix BZ number for 43a45c2d82
Replace check_mul_overflow_size_t with __builtin_mul_overflow
termios: Define TIOCSER_TEMT with __USE_MISC (BZ#17783)
termios: Consolidate struct termios
termios: Consolidate termios c_cc symbolic constants
termios: Consolidate Input Modes definitions.
termios: Consolidate Output Modes definitions
termios: Consolidate Baud Rate Selection definitions (BZ#23783)
termios: Consolidate control mode definitions
termios: Consolidate local mode definitions
termios: Consolidate tcflow symbolic constants
termios: Remove Linux _IOT_termios
termios: Add powerpc termios-misc
termios: Consolidate termios.h
posix: Clear close-on-exec for posix_spawn adddup2 (BZ#23640)
nptl: Remove tst-cancel-wrappers test and related macros
nptl: Fix testcases for new pthread cancellation mechanism
x86_64: Remove wrong THREAD_ATOMIC_* macros
i386: Remove bogus THREAD_ATOMIC_* macros
nptl: Cleanup cancellation macros
posix: Fix tst-spawn.c issue from commit 805334b26c
elf: Fix LD_AUDIT for modules with invalid version (BZ#24122)
hurd: Fix libsupport xsigstack build
[elf] Revert 8e889c5da3 (BZ#24122)
Albert ARIBAUD (3ADEV) (12):
Y2038: provide size of default time_t for target architecture
Fix date typo in ChangeLog
Y2038: Add 64-bit time for all architectures
Y2038: make __tz_convert compatible with 64-bit-time
Y2038: add function __localtime64
Fix __TIMERSIZE and @theglibcadj typos
Y2038: add function __localtime64_r
Y2038: add function __gmtime64
Y2038: add function __gmtime64_r
Y2038: add function __ctime64
Y2038: add function __ctime64_r
Y2038: make __difftime compatible with 64-bit time
Alexandra Hájková (1):
Add an additional test to resolv/tst-resolv-network.c
Andreas K. Hüttel (1):
resolv: IDNA tests: AAAA (28) is valid, no fallthrough to default
Andreas Schwab (16):
RISC-V: Don't use ps_get_thread_area in libthread_db (bug 23402)
Don't build libnsl for new ABIs
Remove leading space from testrun.sh
Add missing unwind information to ld.so on powerpc32 (bug 23707)
Fix stack overflow in tst-setcontext9 (bug 23717)
Don't reduce test timeout to less than default
Don't use PSEUDO_END for non-PSEUDO function
Add more checks for valid ld.so.cache file (bug 18093)
RISC-V: properly terminate call chain (bug 23125)
libanl: properly cleanup if first helper thread creation failed (bug
22927)
RISC-V: don't assume PI mutexes and robust futexes before 4.20 (bug
23864)
Move *-le.abilist to le/*.abilist
Remove support for abilist-pattern
Reindent nptl/pthread_rwlock_common.c
Fix rwlock stall with PREFER_WRITER_NONRECURSIVE_NP (bug 23861)
nscd: avoid assertion failure during persistent db check
Anton Youdkevitch (1):
aarch64: optimized memcpy implementation for thunderx2
Arjun Shankar (3):
Clean up iconv/gconv_int.h for unnecessary declarations
Remove unnecessary locking when reading iconv configuration [BZ #22062]
Unconditionally call __gconv_get_path when reading iconv configuration
Assaf Gordon (1):
regex: fix heap-use-after-free error
Aurelien Jarno (4):
Update Alpha libm-test-ulps
ARM: fix kernel assisted atomics with GCC 8 (bug 24034)
en_US: define date_fmt (bug 24046)
Only build libm with -fno-math-errno (bug 24024)
Carlos O'Donell (11):
Add version.h, and NEWS update to ChangeLog.
Add convenience target 'install-locale-files'.
Fix ChangeLog date.
Update be translations.
Update be translations.
Update translations for be.
Fix test failure with -DNDEBUG.
Fix tst-setcontext9 for optimized small stacks.
abilist.awk: Treat .tdata like .tbss and reject unknown combinations.
Add --no-hard-links option to localedef (bug 23923)
x86: Add Hygon Dhyana support.
Charles-Antoine Couret (1):
argp: do not call _IO_fwide() if _LIBC is not defined
DJ Delorie (10):
RISC-V: Fix rounding save/restore bug.
Regen RISC-V rvd ULPs
Improve ChangeLog message.
Add test-in-container infrastructure.
Fix IA64 links-dso-program link.
links-dso-program: Fix build-programs=no build case.
malloc: tcache double free check
test-container: add "su" command to run test as root, add unshare hints
malloc: Add another test for tcache double free check.
test-container: move postclean outside of namespace changes
Darius Rad (1):
RISC-V: Update nofpu ULPs
David S. Miller (2):
Regenerate sparc ulps.
Add VDSO support to sparc.
Dmitry V. Levin (1):
Fix a few typos in comments
Florian Weimer (61):
Linux: Rewrite __old_getdents64 [BZ #23497]
mbstowcs: Remove outdated comment
error, error_at_line: Add missing va_end calls
nscd: Deallocate existing user names in file parser
nss_files: Fix file stream leak in aliases lookup [BZ #23521]
error, warn, warnx: Use __fxprintf for wide printing [BZ #23519]
Fix attribution of previous change in ChangeLog
Makeconfig (ASFLAGS): Always append required assembler flags
Add --with-nonshared-cflags option to configure
math: Regenerate s390 ulps
malloc: Add ChangeLog for accidentally committed change
__readlink_chk: Assume HAVE_INLINED_SYSCALLS
__readlink_chk: Remove micro-optimization
Makeconfig: Do not sort and deduplicate +cflags [BZ # 17248]
Avoid running some tests if the file system does not support holes
nscd: Fix use-after-free in addgetnetgrentX [BZ #23520]
test-container: EPERM from unshare is UNSUPPORTED
regex: Add test tst-regcomp-truncated [BZ #23578]
reallocarray: Declare under _DEFAULT_SOURCE
misc: New test misc/tst-gethostid
resource: Update struct rusage comments [BZ #23689]
time/tst-mktime2: Improve test error reporting
conform: XFAIL siginfo_t si_band test on sparc64
stdlib/test-bz22786: Avoid spurious test failures using alias mappings
stdlib/tst-strtod-overflow: Switch to support_blob_repeat
support_blob_repeat: Call mkstemp directory for the backing file
stdlib/test-bz22786: Avoid memory leaks in the test itself
support/test-container.c: Include <libc-pointer-arith.h>
support/shell-container.c: Use support_copy_file_range
posix: New function posix_spawn_file_actions_addchdir_np [BZ #17405]
support: Implement TEST_COMPARE_STRING
malloc: Convert the unlink macro to the unlink_chunk function
malloc: Use current (C11-style) atomics for fastbin access
support: Print timestamps in timeout handler
malloc: tcache: Validate tc_idx before checking for double-frees [BZ
#23907]
CVE-2018-19591: if_nametoindex: Fix descriptor for overlong name [BZ
#23927]
support: Implement support_quote_string
support_quote_string: Do not use str parameter name
support: Add signal support to support_capture_subprocess_check
posix: Do not include testcases.h, ptestcases.h in source tree
scripts/abilist.awk: Handle special _end symbol for Hurd
support: Close original descriptors in support_capture_subprocess
support: Implement <support/descriptors.h> to track file descriptors
inet/tst-if_index-long: New test case for CVE-2018-19591 [BZ #23927]
posix: New function posix_spawn_file_actions_addfchdir_np [BZ #17405]
compat getdents64: Use correct offset for retry [BZ #23972]
timespec_get (posix): Fix copyright header
manual: Document thread/task IDs for Linux
support: Do not require overflow builtin in support/blob_repeat.c
localedata: Remove executable bit from localedata/locales/bi_VU [BZ
#23995]
locale: Rewrite locale/gen-translit.pl in Python
malloc: Always call memcpy in _int_realloc [BZ #24027]
nptl/tst-audit-threads: Switch to <support/test-driver.c>
intl: Do not return NULL on asprintf failure in gettext [BZ #24018]
Fix ChangeLog entry
Linux: Improve handling of resource limits in misc/tst-ttyname
manual: Use @code{errno} instead of @var{errno} [BZ #24063]
malloc: Revert fastbins to old-style atomics
resolv: Reformat inet_addr, inet_aton to GNU style
resolv: Do not send queries for non-host-names in nss_dns [BZ #24112]
CVE-2016-10739: getaddrinfo: Fully parse IPv4 address strings [BZ #20018]
Fredrik Noring (1):
MIPS: Use `.set mips2' to emulate LL/SC for the R5900 too
Gabriel F. T. Gomes (11):
Fix typo in the documentation of gcvt
Add tests for argp_error and argp_failure with floating-point parameters
Add test for warn, warnx, vwarn, and vwarnx with floating-point
parameters
Add tests with floating-point arguments for err* and verr* functions
Use TEST_COMPARE_STRING in recently added test
Convert tst-efgcvt to the new test framework
Prepare vfscanf to use __strtof128_internal
Remove redirection of _IO_vfprintf
Add *-ldbl.h headers to include/bits
Add tests for the long double version of ecvt and fcvt
Set behavior of sprintf-like functions with overlapping source and
destination
H.J. Lu (34):
x86: Rename get_common_indeces to get_common_indices
x86: Cleanup cpu-features-offsets.sym
x86: Don't include <init-arch.h> in assembly codes
x86: Move STATE_SAVE_OFFSET/STATE_SAVE_MASK to sysdep.h
test-container: Use xcopy_file_range for cross-device copy [BZ #23597]
i386: Use ENTRY and END in start.S [BZ #23606]
i386: Use _dl_runtime_[resolve|profile]_shstk for SHSTK [BZ #23716]
x86: Use RTM intrinsics in pthread mutex lock elision
x86: Use _rdtsc intrinsic for HP_TIMING_NOW
x86: Don't include <x86intrin.h>
x86: Support RDTSCP for benchtests
Check multiple NT_GNU_PROPERTY_TYPE_0 notes [BZ #23509]
x86/CET: Add a re-exec test with legacy bitmap
_dl_exception_create_format: Support %x/%lx/%zx
elf/dl-exception.c: Include <_itoa.h> for _itoa prototype
x86: Extend CPUID support in struct cpu_features
Add getcpu
Don't use __typeof__ (getcpu)
x86: Merge i386/x86_64 atomic-machine.h
manual/examples: Remove redundant "if not"
x86-64: Vectorize sincosf_poly and update s_sincosf-fma.c
Regenerate sysdeps/x86_64/fpu/libm-test-ulps
x86-64: Remove s_sincosf-sse2.S
riscv: Use __has_include__ to include <asm/syscalls.h> [BZ #24022]
soft-fp: Properly check _FP_W_TYPE_SIZE [BZ #24066]
Disable lazy binding on tests for minimal signal handler
x86-64 memchr/wmemchr: Properly handle the length parameter [BZ# 24097]
x86-64 memcmp/wmemcmp: Properly handle the length parameter [BZ# 24097]
x86-64 memcpy: Properly handle the length parameter [BZ# 24097]
x86-64 memrchr: Properly handle the length parameter [BZ# 24097]
x86-64 memset/wmemset: Properly handle the length parameter [BZ# 24097]
x86-64 strncmp family: Properly handle the length parameter [BZ# 24097]
x86-64 strncpy: Properly handle the length parameter [BZ# 24097]
x86-64 strnlen/wcsnlen: Properly handle the length parameter [BZ# 24097]
Ilya Leoshkevich (12):
S390: Use symbolic offsets for stack variables in 32-bit
_dl_runtime_resolve
S390: Use symbolic offsets for stack variables in 32-bit
_dl_runtime_profile
S390: Use symbolic offsets for stack variables in 64-bit
_dl_runtime_resolve
S390: Use symbolic offsets for stack variables in 64-bit
_dl_runtime_profile
S390: Do not clobber R0 in 32-bit _dl_runtime_resolve
S390: Do not clobber R0 in 32-bit _dl_runtime_profile
S390: Do not clobber R0 in 64-bit _dl_runtime_resolve
S390: Do not clobber R0 in 64-bit _dl_runtime_profile
S390: Test that lazy binding does not clobber R0
Move __fentry__ version definition to sysdeps/{i386,x86_64}
S390: Implement 64-bit __fentry__
S390: Fix unwind in 32-bit _mcount
Ilya Yu. Malakhov (1):
signal: Use correct type for si_band in siginfo_t [BZ #23562]
Istvan Kurucsai (3):
malloc: Additional checks for unsorted bin integrity I.
malloc: Add more integrity checks to mremap_chunk.
malloc: Check the alignment of mmapped chunks before unmapping.
Jim Wilson (1):
RISC-V: Update LP64D libm-test-ulps.
Joseph Myers (123):
Move SNAN_TESTS_TYPE_CAST out of math-tests.h.
Move SNAN_TESTS_PRESERVE_PAYLOAD out of math-tests.h.
Fix math/test-misc.c for undefined fenv.h macros.
Do not define various fenv.h macros for MIPS soft-float (bug 23479).
Consistently terminate libm-test-*.inc TEST lines with commas.
Move comment from libm-test-nextdown.inc to libm-test-nexttoward.inc.
Replace gen-libm-test.pl with gen-libm-test.py.
Move SNAN_TESTS_* out of math-tests.h.
Use Linux 4.18 in build-many-glibcs.py.
Update install.texi documentation of uses of Perl and Python.
Update syscall-names.list for Linux 4.18.
Add NT_VMCOREDD, AT_MINSIGSTKSZ from Linux 4.18 to elf.h.
Update struct signalfd_siginfo from Linux 4.18.
Update netinet/tcp.h from Linux 4.18.
Move ROUNDING_TESTS_* out of math-tests.h.
Don't redefine ROUNDING_TESTS_* in math/test-*-vlen*.h.
Move EXCEPTION_TESTS_* out of math-tests.h
Move EXCEPTION_ENABLE_SUPPORTED out of math-tests.h.
Update netinet/udp.h from Linux 4.18.
Move EXCEPTION_SET_FORCES_TRAP out of math-tests.h.
Split fenv_private.h out of math_private.h more consistently.
Make gen-libm-test.py treat plus_oflow and minus_oflow as non-finite.
Replace conform/list-header-symbols.pl with a Python script.
Do not include fenv_private.h in math_private.h.
Move fenv.h soft-float inlines from fenv_private.h to include/fenv.h.
Move float128 inlines from sysdeps/generic/math_private.h to
include/math.h.
Remove alpha math_private.h.
Add build-many-glibcs.py --enable-obsolete-* configs.
Add build-many-glibcs.py support for building more GCC libraries.
Remove x86_64 math_private.h asms.
Include most of elf/ modules-names in modules-names-tests.
Use floor functions not __floor functions in glibc libm.
Use rint functions not __rint functions in glibc libm.
Fix sys/procfs.h pr_uid, pr_gid type (bug 23649).
Fix MIPS n32 pr_sigpend, pr_sighold, pr_flag type (bug 23656).
Update siginfo constants from Linux kernel (bug 21286).
Use ceil functions not __ceil functions in glibc libm.
Fix ldbl-128ibm ceill, floorl inlining of ceil, floor.
Unify many bits/mman.h headers.
Invert sense of list of i686-class processors in
sysdeps/x86/cpu-features.h.
Use trunc functions not __trunc functions in glibc libm.
Unify some sys/procfs.h headers.
Unify more sys/procfs.h headers.
Complete sys/procfs.h unification.
Share MAP_* flags between more architectures.
Use round functions not __round functions in glibc libm.
Use copysign functions not __copysign functions in glibc libm.
Remove unnecessary math_private.h includes.
Move MREMAP_* to bits/mman-shared.h.
Add more fma tests.
Fix libnldbl_nonshared.a references to internal libm symbols (bug 23735).
Use bits/mman-linux.h for hppa.
Use common bits/msq.h for more architectures.
Use common bits/sem.h for more architectures.
Use common bits/shm.h for more architectures.
Use single bits/msq.h for all architectures.
Use single bits/sem.h for all architectures.
Move SHMLBA to its own header.
Use single bits/shm.h for all architectures.
Do not allow divide-by-zero exception for pow(+/- 0, -Inf).
Handle surrogate pairs in c16rtomb (bug 23794, DR#488, C2X).
Stop c32rtomb and mbrtoc32 aliasing wcrtomb and mbrtowc (bug 23793).
Use Linux 4.19 in build-many-glibcs.py.
Update kernel version in syscall-names.list to 4.19.
Use gen-libm-test.py to generate ulps table for manual.
Add new ELF note types from Linux 4.19 to elf.h.
Add IN_MASK_CREATE from Linux 4.19 to sys/inotify.h.
Remove pre-Python-3.4 compatibility from build-many-glibcs.py.
Patch to require Python 3.4 or later to build glibc.
Use tempfile.TemporaryDirectory in conform/glibcconform.py.
Convert linknamespace tests from Perl to Python.
Update and correct SPARC configuration for supported socket syscalls (bug
23848).
Disable -Wformat-overflow= warnings for some printf tests.
Avoid printf ("%s", NULL) in posix/bug-regex22.c.
Correct SH kernel-features.h undefines (bug 23862).
Fix __ASSUME_MLOCK2 for ARM, MicroBlaze (bug 23867).
Remove __ASSUME_SOCKETCALL.
Replace conformtest.pl with conformtest.py.
Update conform/Makefile mkdir commands.
Remove redundant macro definitions from ia64 sfp-machine.h.
Fix i686 build with GCC 9.
Fix armv7 build with GCC 9.
Fix sparc64 build with GCC 9.
Add hidden_tls_def macros, fix powerpc-soft build with GCC 9.
Fix mips build with GCC 9.
Use unique identifiers in conformtest.
Separate conformtest subtest generation and execution.
Combine more conformtest tests into single execution of the compiler.
Fix Arm __ASSUME_COPY_FILE_RANGE (bug 23915).
Touch more glibc source files in build-many-glibcs.py.
Fix Hurd build with read-only source directory.
Do not copy glibc sources in build-many-glibcs.py.
Replace gen-as-const.awk by gen-as-const.py.
Make gen-as-const.py handle '--' consistently with awk script.
Stop test-in-container trying to run other-OS binaries.
Update miscellaneous files from upstream sources.
Update timezone code from tzcode 2018g.
Move tst-signal-numbers to Python.
Use gen-as-const.py to process .pysym files.
Remove x86 mathinline.h hypot inline.
Do not clobber sp in _hurd_stack_setup.
Remove x86 mathinline.h asinh, acosh, atanh inlines.
Add test that MAP_* constants agree with kernel.
Do not clobber r12 for ia64 syscalls.
Remove __ASSUME_ST_INO_64_BIT.
Remove x86 mathinline.h sinh, cosh, tanh inlines.
Remove x86 mathinline.h.
Require GCC 5 or later to build glibc (bug 23993).
Update longlong.h.
Update nios2, sparc32 localplt.data for difftime changes (bug 24023).
Use Linux 4.20 in build-many-glibcs.py.
Update timezone code from tzcode 2018i.
Update copyright dates with scripts/update-copyrights.
Update copyright dates not handled by scripts/update-copyrights.
Update miscellaneous files from upstream sources.
Update syscall-names.list for Linux 4.20.
Add HWCAP_SSBS from Linux 4.20 to AArch64 bits/hwcap.h.
Add PACKET_IGNORE_OUTGOING from Linux 4.20 to netpacket/packet.h.
Add IPV6_MULTICAST_ALL from Linux 4.20 to bits/in.h.
Update MIPS libm-test-ulps.
Update Linux kernel version in tst-mman-consts.py.
Update powerpc-nofpu libm-test-ulps.
Use binutils 2.32 branch in build-many-glibcs.py.
Justus Winter (1):
hurd: Handle "pid" magical lookup retry
Kemi Wang (1):
Mutex: Add pthread mutex tunables
Leonardo Sandoval (5):
benchtests: Set float type on --threshold argument
benchtests: keep comparing even if function timings do not match
benchtests: include --stats parameter
benchtests: send non-consumable data to stderr
x86-64: Optimize strcat/strncat, strcpy/strncpy and stpcpy/stpncpy with
AVX2
Mao Han (4):
Update config.guess and config.sub to current versions.
C-SKY: Add dynamic relocations to elf.h
Add statx conditionals for wordsize-32 *xstat.c
Add C-SKY port
Martin Jansa (2):
sysdeps/ieee754/soft-fp: ignore maybe-uninitialized with -O [BZ #19444]
sysdeps/ieee754: prevent maybe-uninitialized errors with -O [BZ #19444]
Martin Kuchta (1):
pthread_cond_broadcast: Fix waiters-after-spinning case [BZ #23538]
Martin Sebor (1):
Add support for GCC 9 attribute copy.
Mingli Yu (1):
Linux gethostid: Check for NULL value from gethostbyname_r [BZ #23679]
Moritz Eckert (1):
malloc: Mitigate null-byte overflow attacks
PanderMusubi (1):
bs_BA: Fix a small typo in comment (bug 24011).
Paul Clarke (1):
powerpc: Fix tiny bug in strncmp.c
Paul Eggert (21):
regex: fix memory leak in Gnulib
regex: Gnulib unibyte RRI uses bytes not chars
regex: port Gnulib code to z/OS POSIX environment
regex: fix uninitialized memory access
Fix tzfile low-memory assertion failure
Simplify tzfile fstat failure code
Merge mktime, timegm from upstream Gnulib
Fix mktime localtime offset confusion
mktime fix for Gnulib + coreutils
regex: __builtin_expect → __glibc_unlikely
regex: simplify by using intprops.h
mktime: fix EOVERFLOW bug
mktime: new test for mktime failure
mktime: simplify offset guess
mktime: make more room for overflow
mktime: fix bug with Y2038 DST transition
mktime: fix non-EOVERFLOW errno handling
mktime: DEBUG_MKTIME cleanup
regex: fix storage-exhaustion error
regex: simplify Gnulib port
regex: improve Gnulib port to AIX
Paul Pluzhnikov (4):
Fix BZ#23400 (creating temporary files in source tree), and undefined
behavior in test.
[BZ #20271] Add newlines in __libc_fatal calls.
stdlib: assert on NULL function pointer in atexit etc. [BZ #20544]
Fix potential stack overflow [BZ #23490]
Pochang Chen (1):
malloc: Verify size of top chunk.
Rafael Avila de Espindola (1):
Simplify an #if #else #endif
Rafael Ãvila de EspÃndola (6):
Enable VDSO on x86_64 statically linked programs [BZ #19767]
Enable VDSO on powerpc statically linked programs (bug 19767)
Enable VDSO for static linking on aarch64
Enable VDSO on i386 statically linked programs
Enable VDSO for static linking on arm
Enable VDSO for static linking on mips
Rafal Luzynski (12):
ChangeLog: Fix an obvious typo.
en_IN: Set the correct date format for "%x" (bug 17426).
Indian and similar locales: Set the correct date format (bug 17426).
Italian and Swiss locales: Use the correct separators (bug 10797).
it_CH/it_IT locales: Correct some LC_TIME formats (bug 10425).
kl_GL: Fix spelling of Sunday, should be "sapaat" (bug 20209).
kl_GL: Update the month names and date formats (bug 23740).
NEWS: Fix a minor typo ("incosistent" -> "inconsistent").
NEWS: Fix another typo ("multithread..." -> "multi-threaded...").
sq_AL: Use the correct date and time formats (bug 10496, 23724).
Multiple locales: Use the correct 12-hour time formats (bug 10496).
ChangeLog: Fix an obvious typo in the previous commit.
Rajalakshmi Srinivasaraghavan (3):
powerpc: Rearrange little endian specific files
powerpc: Remove powerpc specific sinf and cosf optimization
Speedup first memmem match
Rogerio Alves (2):
powerpc: Fix VSCR position in ucontext (bug 24088)
powerpc: fix tst-ucontext-ppc64-vscr test for POWER 5/6.
Samuel Thibault (36):
hurd: Add missing symbols for proper libc_get/setspecific
hurd: Avoid PLTs for __pthread_get/setspecific
hurd: XFAIL absence of C11 threads implementation
hurd: set interrupt timeout to 1 minute
hurd: Return EIO on non-responding interrupted servers
hurd: Fix race between calling RPC and handling a signal
hurd: Fix cancellation just before RPC call
hurd: Fix race between calling RPC and handling a signal
hurd: return EIEIO instead of EIO
hurd: Document how to translate EIEIO error message
hurd: Fix build
Merge branch 'master' of git://sourceware.org/git/glibc
hurd: Fix errno* generation
Merge branch 'master' into errno
hurd: Add pci RPC stubs
hurd: Support msync
hurd: Fix last-minute refactoring
Hurd: Implement chdir support in posix_spawn
Hurd: Fix ulinks in fd table reallocation
Hurd: export _hurd_port_move
hurd: Document dtable_cloexec size convention.
hurd: Fix spawni's user_link reallocation
hurd: Fix build with GCC 9
hurd: Fix F_*LK* fcntl with __USE_FILE_OFFSET64
hurd: Support lockf at offset 0 with size 0 or 1.
hurd: Fix returning value for fcntl(F_*LK*)
htl: Fix comparing attr with default values
Fix test-as-const-jmp_buf-ssp.c generation on gnu-i386
hurd: Implement support for posix_spawn_file_actions_addfchdir_np
hurd: Fix linknamespace of spawni
hurd: Fix 64bit fcntl lock implementation
hurd: advertise *_setpshared as not supported
hurd: Check at_flags passed to faccessat
hurd: Support AT_EMPTY_PATH
hurd: Fix initial sigaltstack state
hurd: Fix initial sigaltstack state
Sergi Almacellas Abellana (1):
Currency symbol should not preceed amount for [BZ #23791]
Siddhesh Poyarekar (14):
Rename the glibc.tune namespace to glibc.cpu
Add ChangeLog for the last commit
[benchtests] Fix compare_strings.py for python2
benchtests: Clean up the alloc_bufs
[aarch64] Fix value of MIN_PAGE_SIZE for testing
[benchtests] Add mandatory attributes to workload tests
[benchtests] Add workload test properties to schema
[aarch64] Add an ASIMD variant of strlen for falkor
Print strlen benchmark output in json
Reallocate buffers for every run in strlen
Update libc.pot
Update translations
Prepare for 2.29 release
Tag 2.29 release
Stefan Liebler (63):
Test stdlib/test-bz22786 exits now with unsupported if malloc fails.
Fix segfault in maybe_script_execute.
S390: Regenerate ULPs.
Adjust name of ld.so in test-container.c.
Fix race in pthread_mutex_lock while promoting to
PTHREAD_MUTEX_ELISION_NP [BZ #23275]
S390: Regenerate ULPs.
Add missing libnss_testX.so requirement for tst-nss-test3.
S390: Add configure check to detect z10 as mininum architecture level
set.
S390: Use hwcap instead of dl_hwcap in ifunc-resolvers.
S390: Unify 31/64bit memset.
S390: Refactor memset ifunc handling.
S390: Implement bzero with memset.
S390: Unify 31/64bit memcmp.
S390: Refactor memcmp ifunc handling.
S390: Unify 31/64bit memcpy.
S390: Refactor memcpy/mempcpy ifunc handling.
S390: Remove s390 specific implementation of bcopy.
S390: Use memcpy for forward cases in memmove.
S390: Add configure check to detect z13 as mininum architecture level
set.
S390: Add z13 memmove ifunc variant.
S390: Add z13 strstr ifunc variant.
S390: Add z13 memmem ifunc variant.
S390: Refactor strlen ifunc handling.
S390: Refactor strnlen ifunc handling.
S390: Refactor strcpy ifunc handling.
S390: Refactor stpcpy ifunc handling.
S390: Refactor strncpy ifunc handling.
S390: Refactor stpncpy ifunc handling.
S390: Refactor strcat ifunc handling.
S390: Refactor strncat ifunc handling.
S390: Refactor strcmp ifunc handling.
S390: Refactor strncmp ifunc handling.
S390: Refactor strchr ifunc handling.
S390: Refactor strchrnul ifunc handling.
S390: Refactor strrchr ifunc handling.
S390: Refactor strspn ifunc handling.
S390: Refactor strpbrk ifunc handling.
S390: Refactor strcspn ifunc handling.
S390: Refactor memchr ifunc handling.
S390: Refactor rawmemchr ifunc handling.
S390: Refactor memccpy ifunc handling.
S390: Refactor memrchr ifunc handling.
S390: Refactor wcslen ifunc handling.
S390: Refactor wcsnlen ifunc handling.
S390: Refactor wcscpy ifunc handling.
S390: Refactor wcpcpy ifunc handling.
S390: Refactor wcsncpy ifunc handling.
S390: Refactor wcpncpy ifunc handling.
S390: Refactor wcscat ifunc handling.
S390: Refactor wcsncat ifunc handling.
S390: Refactor wcscmp ifunc handling.
S390: Refactor wcsncmp ifunc handling.
S390: Refactor wcschr ifunc handling.
S390: Refactor wcschrnul ifunc handling.
S390: Refactor wcsrchr ifunc handling.
S390: Refactor wcsspn ifunc handling.
S390: Refactor wcspbrk ifunc handling.
S390: Refactor wcscspn ifunc handling.
S390: Refactor wmemchr ifunc handling.
S390: Refactor wmemset ifunc handling.
S390: Refactor wmemcmp ifunc handling.
S390: Refactor gconv_simple ifunc handling.
S390: Cleanup ifunc-resolve.h.
Steve Ellcey (1):
Remove extra space at end of line.
Szabolcs Nagy (17):
Clean up converttoint handling and document the semantics
Add new exp and exp2 implementations
Missed ChangeLog
Add new log implementation
Add new log2 implementation
Add new pow implementation
Fix the documentation comment of checkint in powf
Increase timeout of libio/tst-readline
Increase timeout of nss/tst-nss-files-hosts-multi
i64: fix missing exp2f, log2f and powf symbols in libm.a [BZ #23822]
Remove the error handling wrapper from exp and exp2
Remove the error handling wrapper from log
Remove the error handling wrapper from log2
Remove the error handling wrapper from pow
Fix powf overflow handling in non-nearest rounding mode [BZ #23961]
AArch64: Update dl-procinfo.c with new HWCAP
Fix the manual for old texinfo
TAMUKI Shoichi (4):
strftime: Consequently use the "L_" macro with character literals
manual: Fix the wording to "alternative" rather than "alternate"
strftime: Set the default width of "%Ey" to 2 [BZ #23758]
strftime: Pass the additional flags from "%EY" to "%Ey" [BZ #24096]
Tobias Klauser (1):
Add PF_XDP, AF_XDP and SOL_XDP from Linux 4.18 to bits/socket.h.
Tulio Magno Quites Machado Filho (4):
Fix _dl_profile_fixup data-dependency issue (Bug 23690)
powerpc: Add missing CFI register information (bug #23614)
Print cache size and geometry auxv types on LD_SHOW_AUXV=1
Add XFAIL_ROUNDING_IBM128_LIBGCC to more fma() tests
Uroš Bizjak (1):
alpha: Fix __remqu corrupting $f3 register
Wilco Dijkstra (13):
Simplify and speedup strstr/strcasestr first match
Improve performance of sincosf
Improve performance of sinf and cosf
Fix spaces in x86_64 ULP file
Use generic sinf/cosf in lgammaf_r
Speedup tanf range reduction
Update NEWS for sinf improvements
Remove unused math files
Fix strstr bug with huge needles (bug 23637)
[AArch64] Adjust writeback in non-zero memset
Refactor string benchtests
Improve bench-strlen
[AArch64] Add ifunc support for Ares
Zack Weinberg (11):
[manual] Job control is no longer optional.
Use STRFMON_LDBL_IS_DBL instead of __ldbl_is_dbl.
Add __vfscanf_internal and __vfwscanf_internal with flags arguments.
Use SCANF_ISOC99_A instead of _IO_FLAGS2_SCANF_STD.
Use SCANF_LDBL_IS_DBL instead of __ldbl_is_dbl.
Add __v*printf_internal with flags arguments
Add __vsyslog_internal, with same flags as __v*printf_internal.
Use PRINTF_FORTIFY instead of _IO_FLAGS2_FORTIFY (bug 11319)
Use PRINTF_LDBL_IS_DBL instead of __ldbl_is_dbl.
Use C99-compliant scanf under _GNU_SOURCE with modern compilers.
Tests for minimal signal handler functionality in MINSIGSTKSZ space.
Zong Li (3):
elf: Fix the ld flags not be applied to tst-execstack-mod.so
soft-fp: Use temporary variable in FP_FRAC_SUB_3/FP_FRAC_SUB_4
soft-fp: Add implementation for 128 bit self-contained
-----------------------------------------------------------------------
--
You are receiving this mail because:
You are on the CC list for the bug.
>From glibc-bugs-regex-return-873-listarch-glibc-bugs-regex=sources.redhat.com@sourceware.org Thu Jan 31 21:19:46 2019
Return-Path: <glibc-bugs-regex-return-873-listarch-glibc-bugs-regex=sources.redhat.com@sourceware.org>
Delivered-To: listarch-glibc-bugs-regex@sources.redhat.com
Received: (qmail 8819 invoked by alias); 31 Jan 2019 21:19:45 -0000
Mailing-List: contact glibc-bugs-regex-help@sourceware.org; run by ezmlm
Precedence: bulk
List-Id: <glibc-bugs-regex.sourceware.org>
List-Subscribe: <mailto:glibc-bugs-regex-subscribe@sourceware.org>
List-Post: <mailto:glibc-bugs-regex@sourceware.org>
List-Help: <mailto:glibc-bugs-regex-help@sourceware.org>, <http://sourceware.org/lists.html#faqs>
Sender: glibc-bugs-regex-owner@sourceware.org
Delivered-To: mailing list glibc-bugs-regex@sourceware.org
Received: (qmail 8686 invoked by uid 55); 31 Jan 2019 21:19:33 -0000
From: "cvs-commit at gcc dot gnu.org" <sourceware-bugzilla@sourceware.org>
To: glibc-bugs-regex@sourceware.org
Subject: [Bug regex/24114] regexec buffer read overrun in "grep -i '\(\(\)*.\)*\(\)\(\)\1'"
Date: Thu, 31 Jan 2019 21:19:00 -0000
X-Bugzilla-Reason: CC
X-Bugzilla-Type: changed
X-Bugzilla-Watch-Reason: None
X-Bugzilla-Product: glibc
X-Bugzilla-Component: regex
X-Bugzilla-Version: 2.30
X-Bugzilla-Keywords:
X-Bugzilla-Severity: normal
X-Bugzilla-Who: cvs-commit at gcc dot gnu.org
X-Bugzilla-Status: NEW
X-Bugzilla-Resolution:
X-Bugzilla-Priority: P2
X-Bugzilla-Assigned-To: unassigned at sourceware dot org
X-Bugzilla-Target-Milestone: ---
X-Bugzilla-Flags:
X-Bugzilla-Changed-Fields:
Message-ID: <bug-24114-132-gYIBUD1hTR@http.sourceware.org/bugzilla/>
In-Reply-To: <bug-24114-132@http.sourceware.org/bugzilla/>
References: <bug-24114-132@http.sourceware.org/bugzilla/>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
X-Bugzilla-URL: http://sourceware.org/bugzilla/
Auto-Submitted: auto-generated
MIME-Version: 1.0
X-SW-Source: 2019-01/txt/msg00003.txt.bz2
Content-length: 1471
https://sourceware.org/bugzilla/show_bug.cgi?id=24114
--- Comment #1 from cvs-commit at gcc dot gnu.org <cvs-commit at gcc dot gnu.org> ---
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "GNU C Library master sources".
The branch, master has been updated
via 583dd860d5b833037175247230a328f0050dbfe9 (commit)
from 2bac7daa58da1a313bd452369b0508b31e146637 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=583dd860d5b833037175247230a328f0050dbfe9
commit 583dd860d5b833037175247230a328f0050dbfe9
Author: Paul Eggert <eggert@cs.ucla.edu>
Date: Mon Jan 21 11:08:13 2019 -0800
regex: fix read overrun [BZ #24114]
Problem found by AddressSanitizer, reported by Hongxu Chen in:
https://debbugs.gnu.org/34140
* posix/regexec.c (proceed_next_node):
Do not read past end of input buffer.
-----------------------------------------------------------------------
Summary of changes:
ChangeLog | 10 +++++++++-
posix/regexec.c | 6 ++++--
2 files changed, 13 insertions(+), 3 deletions(-)
--
You are receiving this mail because:
You are on the CC list for the bug.
>From glibc-bugs-regex-return-874-listarch-glibc-bugs-regex=sources.redhat.com@sourceware.org Thu Jan 31 21:21:16 2019
Return-Path: <glibc-bugs-regex-return-874-listarch-glibc-bugs-regex=sources.redhat.com@sourceware.org>
Delivered-To: listarch-glibc-bugs-regex@sources.redhat.com
Received: (qmail 16114 invoked by alias); 31 Jan 2019 21:21:16 -0000
Mailing-List: contact glibc-bugs-regex-help@sourceware.org; run by ezmlm
Precedence: bulk
List-Id: <glibc-bugs-regex.sourceware.org>
List-Subscribe: <mailto:glibc-bugs-regex-subscribe@sourceware.org>
List-Post: <mailto:glibc-bugs-regex@sourceware.org>
List-Help: <mailto:glibc-bugs-regex-help@sourceware.org>, <http://sourceware.org/lists.html#faqs>
Sender: glibc-bugs-regex-owner@sourceware.org
Delivered-To: mailing list glibc-bugs-regex@sourceware.org
Received: (qmail 15903 invoked by uid 48); 31 Jan 2019 21:21:03 -0000
From: "eggert at cs dot ucla.edu" <sourceware-bugzilla@sourceware.org>
To: glibc-bugs-regex@sourceware.org
Subject: [Bug regex/24114] regexec buffer read overrun in "grep -i '\(\(\)*.\)*\(\)\(\)\1'"
Date: Thu, 31 Jan 2019 21:21:00 -0000
X-Bugzilla-Reason: CC
X-Bugzilla-Type: changed
X-Bugzilla-Watch-Reason: None
X-Bugzilla-Product: glibc
X-Bugzilla-Component: regex
X-Bugzilla-Version: 2.29
X-Bugzilla-Keywords:
X-Bugzilla-Severity: normal
X-Bugzilla-Who: eggert at cs dot ucla.edu
X-Bugzilla-Status: RESOLVED
X-Bugzilla-Resolution: FIXED
X-Bugzilla-Priority: P2
X-Bugzilla-Assigned-To: unassigned at sourceware dot org
X-Bugzilla-Target-Milestone: 2.30
X-Bugzilla-Flags:
X-Bugzilla-Changed-Fields: bug_status version resolution target_milestone
Message-ID: <bug-24114-132-QPRGr90dBn@http.sourceware.org/bugzilla/>
In-Reply-To: <bug-24114-132@http.sourceware.org/bugzilla/>
References: <bug-24114-132@http.sourceware.org/bugzilla/>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
X-Bugzilla-URL: http://sourceware.org/bugzilla/
Auto-Submitted: auto-generated
MIME-Version: 1.0
X-SW-Source: 2019-01/txt/msg00004.txt.bz2
Content-length: 641
https://sourceware.org/bugzilla/show_bug.cgi?id=24114
eggert at cs dot ucla.edu changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|NEW |RESOLVED
Version|2.30 |2.29
Resolution|--- |FIXED
Target Milestone|--- |2.30
--- Comment #2 from eggert at cs dot ucla.edu ---
I installed the patch and am marking this bug as fixed in 2.30.
--
You are receiving this mail because:
You are on the CC list for the bug.
>From glibc-bugs-regex-return-875-listarch-glibc-bugs-regex=sources.redhat.com@sourceware.org Mon Feb 11 11:37:16 2019
Return-Path: <glibc-bugs-regex-return-875-listarch-glibc-bugs-regex=sources.redhat.com@sourceware.org>
Delivered-To: listarch-glibc-bugs-regex@sources.redhat.com
Received: (qmail 3821 invoked by alias); 11 Feb 2019 11:37:16 -0000
Mailing-List: contact glibc-bugs-regex-help@sourceware.org; run by ezmlm
Precedence: bulk
List-Id: <glibc-bugs-regex.sourceware.org>
List-Subscribe: <mailto:glibc-bugs-regex-subscribe@sourceware.org>
List-Post: <mailto:glibc-bugs-regex@sourceware.org>
List-Help: <mailto:glibc-bugs-regex-help@sourceware.org>, <http://sourceware.org/lists.html#faqs>
Sender: glibc-bugs-regex-owner@sourceware.org
Delivered-To: mailing list glibc-bugs-regex@sourceware.org
Received: (qmail 3773 invoked by uid 48); 11 Feb 2019 11:37:12 -0000
From: "fweimer at redhat dot com" <sourceware-bugzilla@sourceware.org>
To: glibc-bugs-regex@sourceware.org
Subject: [Bug regex/24114] regexec buffer read overrun in "grep -i '\(\(\)*.\)*\(\)\(\)\1'"
Date: Mon, 11 Feb 2019 11:37:00 -0000
X-Bugzilla-Reason: CC
X-Bugzilla-Type: changed
X-Bugzilla-Watch-Reason: None
X-Bugzilla-Product: glibc
X-Bugzilla-Component: regex
X-Bugzilla-Version: 2.29
X-Bugzilla-Keywords:
X-Bugzilla-Severity: normal
X-Bugzilla-Who: fweimer at redhat dot com
X-Bugzilla-Status: RESOLVED
X-Bugzilla-Resolution: FIXED
X-Bugzilla-Priority: P2
X-Bugzilla-Assigned-To: unassigned at sourceware dot org
X-Bugzilla-Target-Milestone: 2.30
X-Bugzilla-Flags:
X-Bugzilla-Changed-Fields: cc
Message-ID: <bug-24114-132-u81sTn1b74@http.sourceware.org/bugzilla/>
In-Reply-To: <bug-24114-132@http.sourceware.org/bugzilla/>
References: <bug-24114-132@http.sourceware.org/bugzilla/>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
X-Bugzilla-URL: http://sourceware.org/bugzilla/
Auto-Submitted: auto-generated
MIME-Version: 1.0
X-SW-Source: 2019-02/txt/msg00000.txt.bz2
Content-length: 397
https://sourceware.org/bugzilla/show_bug.cgi?id=24114
Florian Weimer <fweimer at redhat dot com> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |fweimer at redhat dot com
--
You are receiving this mail because:
You are on the CC list for the bug.
>From glibc-bugs-regex-return-876-listarch-glibc-bugs-regex=sources.redhat.com@sourceware.org Tue Feb 26 10:23:26 2019
Return-Path: <glibc-bugs-regex-return-876-listarch-glibc-bugs-regex=sources.redhat.com@sourceware.org>
Delivered-To: listarch-glibc-bugs-regex@sources.redhat.com
Received: (qmail 118305 invoked by alias); 26 Feb 2019 10:23:25 -0000
Mailing-List: contact glibc-bugs-regex-help@sourceware.org; run by ezmlm
Precedence: bulk
List-Id: <glibc-bugs-regex.sourceware.org>
List-Subscribe: <mailto:glibc-bugs-regex-subscribe@sourceware.org>
List-Post: <mailto:glibc-bugs-regex@sourceware.org>
List-Help: <mailto:glibc-bugs-regex-help@sourceware.org>, <http://sourceware.org/lists.html#faqs>
Sender: glibc-bugs-regex-owner@sourceware.org
Delivered-To: mailing list glibc-bugs-regex@sourceware.org
Received: (qmail 115888 invoked by uid 48); 26 Feb 2019 10:23:21 -0000
From: "fweimer at redhat dot com" <sourceware-bugzilla@sourceware.org>
To: glibc-bugs-regex@sourceware.org
Subject: [Bug regex/24269] SIGPIPE
Date: Tue, 26 Feb 2019 10:23:00 -0000
X-Bugzilla-Reason: CC
X-Bugzilla-Type: changed
X-Bugzilla-Watch-Reason: None
X-Bugzilla-Product: glibc
X-Bugzilla-Component: regex
X-Bugzilla-Version: unspecified
X-Bugzilla-Keywords:
X-Bugzilla-Severity: normal
X-Bugzilla-Who: fweimer at redhat dot com
X-Bugzilla-Status: UNCONFIRMED
X-Bugzilla-Resolution:
X-Bugzilla-Priority: P2
X-Bugzilla-Assigned-To: unassigned at sourceware dot org
X-Bugzilla-Target-Milestone: ---
X-Bugzilla-Flags: security-
X-Bugzilla-Changed-Fields: cc component flagtypes.name
Message-ID: <bug-24269-132-HFrL5vGAV6@http.sourceware.org/bugzilla/>
In-Reply-To: <bug-24269-132@http.sourceware.org/bugzilla/>
References: <bug-24269-132@http.sourceware.org/bugzilla/>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
X-Bugzilla-URL: http://sourceware.org/bugzilla/
Auto-Submitted: auto-generated
MIME-Version: 1.0
X-SW-Source: 2019-02/txt/msg00001.txt.bz2
Content-length: 3034
https://sourceware.org/bugzilla/show_bug.cgi?id=24269
Florian Weimer <fweimer at redhat dot com> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |drepper.fsp at gmail dot com,
| |fweimer at redhat dot com
Component|build |regex
Flags| |security-
--- Comment #1 from Florian Weimer <fweimer at redhat dot com> ---
The SIGPIPE is spurious and comes from the wrong process. The null byte
warning is immaterial as well. This also reproduces the issue:
grep -E "$(printf '(|)(\\1\\1)*')"
It looks like an infinite recursion in check_dst_limits_calc_pos_1:
#0 0x00007f7559c776ad in check_dst_limits_calc_pos_1 (
mctx=mctx@entry=0x7ffee83d11f0, boundaries=boundaries@entry=3,
subexp_idx=subexp_idx@entry=0, from_node=5, bkref_idx=bkref_idx@entry=0)
at regexec.c:1906
#1 0x00007f7559c7781a in check_dst_limits_calc_pos_1 (
mctx=mctx@entry=0x7ffee83d11f0, boundaries=boundaries@entry=3,
subexp_idx=subexp_idx@entry=0, from_node=6, bkref_idx=bkref_idx@entry=0)
at regexec.c:1949
#2 0x00007f7559c7781a in check_dst_limits_calc_pos_1 (
mctx=mctx@entry=0x7ffee83d11f0, boundaries=boundaries@entry=3,
subexp_idx=subexp_idx@entry=0, from_node=5, bkref_idx=bkref_idx@entry=0)
at regexec.c:1949
#3 0x00007f7559c7781a in check_dst_limits_calc_pos_1 (
mctx=mctx@entry=0x7ffee83d11f0, boundaries=boundaries@entry=3,
subexp_idx=subexp_idx@entry=0, from_node=6, bkref_idx=bkref_idx@entry=0)
at regexec.c:1949
#4 0x00007f7559c7781a in check_dst_limits_calc_pos_1 (
mctx=mctx@entry=0x7ffee83d11f0, boundaries=boundaries@entry=3,
subexp_idx=subexp_idx@entry=0, from_node=5, bkref_idx=bkref_idx@entry=0)
at regexec.c:1949
#5 0x00007f7559c7781a in check_dst_limits_calc_pos_1 (
mctx=mctx@entry=0x7ffee83d11f0, boundaries=boundaries@entry=3,
subexp_idx=subexp_idx@entry=0, from_node=6, bkref_idx=bkref_idx@entry=0)
at regexec.c:1949
#6 0x00007f7559c7781a in check_dst_limits_calc_pos_1 (
mctx=mctx@entry=0x7ffee83d11f0, boundaries=boundaries@entry=3,
subexp_idx=subexp_idx@entry=0, from_node=5, bkref_idx=bkref_idx@entry=0)
at regexec.c:1949
#7 0x00007f7559c7781a in check_dst_limits_calc_pos_1 (
mctx=mctx@entry=0x7ffee83d11f0, boundaries=boundaries@entry=3,
subexp_idx=subexp_idx@entry=0, from_node=6, bkref_idx=bkref_idx@entry=0)
at regexec.c:1949
Line numbers are as of commit 34a5a1460e9c05d6035bfbde327ab6d45f78958b.
Not flagging as a security vulnerability because this needs a crafted pattern.
--
You are receiving this mail because:
You are on the CC list for the bug.
>From glibc-bugs-regex-return-877-listarch-glibc-bugs-regex=sources.redhat.com@sourceware.org Tue Feb 26 10:36:52 2019
Return-Path: <glibc-bugs-regex-return-877-listarch-glibc-bugs-regex=sources.redhat.com@sourceware.org>
Delivered-To: listarch-glibc-bugs-regex@sources.redhat.com
Received: (qmail 105024 invoked by alias); 26 Feb 2019 10:36:52 -0000
Mailing-List: contact glibc-bugs-regex-help@sourceware.org; run by ezmlm
Precedence: bulk
List-Id: <glibc-bugs-regex.sourceware.org>
List-Subscribe: <mailto:glibc-bugs-regex-subscribe@sourceware.org>
List-Post: <mailto:glibc-bugs-regex@sourceware.org>
List-Help: <mailto:glibc-bugs-regex-help@sourceware.org>, <http://sourceware.org/lists.html#faqs>
Sender: glibc-bugs-regex-owner@sourceware.org
Delivered-To: mailing list glibc-bugs-regex@sourceware.org
Received: (qmail 104844 invoked by uid 48); 26 Feb 2019 10:36:48 -0000
From: "fweimer at redhat dot com" <sourceware-bugzilla@sourceware.org>
To: glibc-bugs-regex@sourceware.org
Subject: [Bug regex/24269] regexec: Infinite recursion in check_dst_limits_calc_pos_1
Date: Tue, 26 Feb 2019 10:36:00 -0000
X-Bugzilla-Reason: CC
X-Bugzilla-Type: changed
X-Bugzilla-Watch-Reason: None
X-Bugzilla-Product: glibc
X-Bugzilla-Component: regex
X-Bugzilla-Version: unspecified
X-Bugzilla-Keywords:
X-Bugzilla-Severity: normal
X-Bugzilla-Who: fweimer at redhat dot com
X-Bugzilla-Status: UNCONFIRMED
X-Bugzilla-Resolution:
X-Bugzilla-Priority: P2
X-Bugzilla-Assigned-To: unassigned at sourceware dot org
X-Bugzilla-Target-Milestone: ---
X-Bugzilla-Flags: security-
X-Bugzilla-Changed-Fields: short_desc
Message-ID: <bug-24269-132-GTHFFh9huZ@http.sourceware.org/bugzilla/>
In-Reply-To: <bug-24269-132@http.sourceware.org/bugzilla/>
References: <bug-24269-132@http.sourceware.org/bugzilla/>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
X-Bugzilla-URL: http://sourceware.org/bugzilla/
Auto-Submitted: auto-generated
MIME-Version: 1.0
X-SW-Source: 2019-02/txt/msg00002.txt.bz2
Content-length: 528
https://sourceware.org/bugzilla/show_bug.cgi?id=24269
Florian Weimer <fweimer at redhat dot com> changed:
What |Removed |Added
----------------------------------------------------------------------------
Summary|SIGPIPE |regexec: Infinite recursion
| |in
| |check_dst_limits_calc_pos_1
--
You are receiving this mail because:
You are on the CC list for the bug.
>From glibc-bugs-regex-return-878-listarch-glibc-bugs-regex=sources.redhat.com@sourceware.org Tue Feb 26 10:46:57 2019
Return-Path: <glibc-bugs-regex-return-878-listarch-glibc-bugs-regex=sources.redhat.com@sourceware.org>
Delivered-To: listarch-glibc-bugs-regex@sources.redhat.com
Received: (qmail 103400 invoked by alias); 26 Feb 2019 10:46:56 -0000
Mailing-List: contact glibc-bugs-regex-help@sourceware.org; run by ezmlm
Precedence: bulk
List-Id: <glibc-bugs-regex.sourceware.org>
List-Subscribe: <mailto:glibc-bugs-regex-subscribe@sourceware.org>
List-Post: <mailto:glibc-bugs-regex@sourceware.org>
List-Help: <mailto:glibc-bugs-regex-help@sourceware.org>, <http://sourceware.org/lists.html#faqs>
Sender: glibc-bugs-regex-owner@sourceware.org
Delivered-To: mailing list glibc-bugs-regex@sourceware.org
Received: (qmail 100973 invoked by uid 48); 26 Feb 2019 10:46:53 -0000
From: "mishra.dhiraj95 at gmail dot com" <sourceware-bugzilla@sourceware.org>
To: glibc-bugs-regex@sourceware.org
Subject: [Bug regex/24269] regexec: Infinite recursion in check_dst_limits_calc_pos_1
Date: Tue, 26 Feb 2019 10:46:00 -0000
X-Bugzilla-Reason: CC
X-Bugzilla-Type: changed
X-Bugzilla-Watch-Reason: None
X-Bugzilla-Product: glibc
X-Bugzilla-Component: regex
X-Bugzilla-Version: unspecified
X-Bugzilla-Keywords:
X-Bugzilla-Severity: normal
X-Bugzilla-Who: mishra.dhiraj95 at gmail dot com
X-Bugzilla-Status: UNCONFIRMED
X-Bugzilla-Resolution:
X-Bugzilla-Priority: P2
X-Bugzilla-Assigned-To: unassigned at sourceware dot org
X-Bugzilla-Target-Milestone: ---
X-Bugzilla-Flags: security-
X-Bugzilla-Changed-Fields:
Message-ID: <bug-24269-132-cKFP36KE2q@http.sourceware.org/bugzilla/>
In-Reply-To: <bug-24269-132@http.sourceware.org/bugzilla/>
References: <bug-24269-132@http.sourceware.org/bugzilla/>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
X-Bugzilla-URL: http://sourceware.org/bugzilla/
Auto-Submitted: auto-generated
MIME-Version: 1.0
X-SW-Source: 2019-02/txt/msg00003.txt.bz2
Content-length: 1800
https://sourceware.org/bugzilla/show_bug.cgi?id=24269
--- Comment #2 from Dhiraj <mishra.dhiraj95 at gmail dot com> ---
grep -E "$(printf '(|)(\\1\\1)*')"
==10544== Stack overflow in thread #1: can't grow stack to 0x1ffe801000
==10544==
==10544== Process terminating with default action of signal 11 (SIGSEGV)
==10544== Access not within mapped region at address 0x1FFE801FF8
==10544== Stack overflow in thread #1: can't grow stack to 0x1ffe801000
==10544== at 0x539FC7C: check_dst_limits_calc_pos_1 (regexec.c:1882)
==10544== If you believe this happened as a result of a stack
==10544== overflow in your program's main thread (unlikely but
==10544== possible), you can try to increase the size of the
==10544== main thread stack using the --main-stacksize= flag.
==10544== The main thread stack size used in this run was 8388608.
==10544== Stack overflow in thread #1: can't grow stack to 0x1ffe801000
==10544==
==10544== Process terminating with default action of signal 11 (SIGSEGV)
==10544== Access not within mapped region at address 0x1FFE801FE8
==10544== Stack overflow in thread #1: can't grow stack to 0x1ffe801000
==10544== at 0x4A2A650: _vgnU_freeres (vg_preloaded.c:59)
==10544== If you believe this happened as a result of a stack
==10544== overflow in your program's main thread (unlikely but
==10544== possible), you can try to increase the size of the
==10544== main thread stack using the --main-stacksize= flag.
==10544== The main thread stack size used in this run was 8388608.
--
You are receiving this mail because:
You are on the CC list for the bug.
>From glibc-bugs-regex-return-879-listarch-glibc-bugs-regex=sources.redhat.com@sourceware.org Tue Feb 26 11:01:55 2019
Return-Path: <glibc-bugs-regex-return-879-listarch-glibc-bugs-regex=sources.redhat.com@sourceware.org>
Delivered-To: listarch-glibc-bugs-regex@sources.redhat.com
Received: (qmail 4899 invoked by alias); 26 Feb 2019 11:01:55 -0000
Mailing-List: contact glibc-bugs-regex-help@sourceware.org; run by ezmlm
Precedence: bulk
List-Id: <glibc-bugs-regex.sourceware.org>
List-Subscribe: <mailto:glibc-bugs-regex-subscribe@sourceware.org>
List-Post: <mailto:glibc-bugs-regex@sourceware.org>
List-Help: <mailto:glibc-bugs-regex-help@sourceware.org>, <http://sourceware.org/lists.html#faqs>
Sender: glibc-bugs-regex-owner@sourceware.org
Delivered-To: mailing list glibc-bugs-regex@sourceware.org
Received: (qmail 4461 invoked by uid 48); 26 Feb 2019 11:01:47 -0000
From: "fweimer at redhat dot com" <sourceware-bugzilla@sourceware.org>
To: glibc-bugs-regex@sourceware.org
Subject: [Bug regex/24269] regexec: Infinite recursion in check_dst_limits_calc_pos_1 (CVE-2018-20796)
Date: Tue, 26 Feb 2019 11:01:00 -0000
X-Bugzilla-Reason: CC
X-Bugzilla-Type: changed
X-Bugzilla-Watch-Reason: None
X-Bugzilla-Product: glibc
X-Bugzilla-Component: regex
X-Bugzilla-Version: unspecified
X-Bugzilla-Keywords:
X-Bugzilla-Severity: normal
X-Bugzilla-Who: fweimer at redhat dot com
X-Bugzilla-Status: UNCONFIRMED
X-Bugzilla-Resolution:
X-Bugzilla-Priority: P2
X-Bugzilla-Assigned-To: unassigned at sourceware dot org
X-Bugzilla-Target-Milestone: ---
X-Bugzilla-Flags: security+
X-Bugzilla-Changed-Fields: short_desc alias flagtypes.name
Message-ID: <bug-24269-132-LMfsd7knC5@http.sourceware.org/bugzilla/>
In-Reply-To: <bug-24269-132@http.sourceware.org/bugzilla/>
References: <bug-24269-132@http.sourceware.org/bugzilla/>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
X-Bugzilla-URL: http://sourceware.org/bugzilla/
Auto-Submitted: auto-generated
MIME-Version: 1.0
X-SW-Source: 2019-02/txt/msg00004.txt.bz2
Content-length: 897
https://sourceware.org/bugzilla/show_bug.cgi?id=24269
Florian Weimer <fweimer at redhat dot com> changed:
What |Removed |Added
----------------------------------------------------------------------------
Summary|regexec: Infinite recursion |regexec: Infinite recursion
|in |in
|check_dst_limits_calc_pos_1 |check_dst_limits_calc_pos_1
| |(CVE-2018-20796)
Alias| |CVE-2018-20796
Flags|security- |security+
--- Comment #3 from Florian Weimer <fweimer at redhat dot com> ---
A CVE identifier has apparently been assigned to this bug even if it is clearly
not a security vulnerability.
--
You are receiving this mail because:
You are on the CC list for the bug.
>From glibc-bugs-regex-return-880-listarch-glibc-bugs-regex=sources.redhat.com@sourceware.org Tue Feb 26 11:04:27 2019
Return-Path: <glibc-bugs-regex-return-880-listarch-glibc-bugs-regex=sources.redhat.com@sourceware.org>
Delivered-To: listarch-glibc-bugs-regex@sources.redhat.com
Received: (qmail 11093 invoked by alias); 26 Feb 2019 11:04:26 -0000
Mailing-List: contact glibc-bugs-regex-help@sourceware.org; run by ezmlm
Precedence: bulk
List-Id: <glibc-bugs-regex.sourceware.org>
List-Subscribe: <mailto:glibc-bugs-regex-subscribe@sourceware.org>
List-Post: <mailto:glibc-bugs-regex@sourceware.org>
List-Help: <mailto:glibc-bugs-regex-help@sourceware.org>, <http://sourceware.org/lists.html#faqs>
Sender: glibc-bugs-regex-owner@sourceware.org
Delivered-To: mailing list glibc-bugs-regex@sourceware.org
Received: (qmail 10657 invoked by uid 48); 26 Feb 2019 11:04:20 -0000
From: "fweimer at redhat dot com" <sourceware-bugzilla@sourceware.org>
To: glibc-bugs-regex@sourceware.org
Subject: [Bug regex/24269] regexec: Infinite recursion in check_dst_limits_calc_pos_1 (CVE-2018-20796)
Date: Tue, 26 Feb 2019 11:04:00 -0000
X-Bugzilla-Reason: CC
X-Bugzilla-Type: changed
X-Bugzilla-Watch-Reason: None
X-Bugzilla-Product: glibc
X-Bugzilla-Component: regex
X-Bugzilla-Version: unspecified
X-Bugzilla-Keywords:
X-Bugzilla-Severity: normal
X-Bugzilla-Who: fweimer at redhat dot com
X-Bugzilla-Status: UNCONFIRMED
X-Bugzilla-Resolution:
X-Bugzilla-Priority: P2
X-Bugzilla-Assigned-To: unassigned at sourceware dot org
X-Bugzilla-Target-Milestone: ---
X-Bugzilla-Flags: security+
X-Bugzilla-Changed-Fields:
Message-ID: <bug-24269-132-OSWHcgFGhQ@http.sourceware.org/bugzilla/>
In-Reply-To: <bug-24269-132@http.sourceware.org/bugzilla/>
References: <bug-24269-132@http.sourceware.org/bugzilla/>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
X-Bugzilla-URL: http://sourceware.org/bugzilla/
Auto-Submitted: auto-generated
MIME-Version: 1.0
X-SW-Source: 2019-02/txt/msg00005.txt.bz2
Content-length: 269
https://sourceware.org/bugzilla/show_bug.cgi?id=24269
--- Comment #4 from Florian Weimer <fweimer at redhat dot com> ---
Reference: https://debbugs.gnu.org/cgi/bugreport.cgi?bug=34141
--
You are receiving this mail because:
You are on the CC list for the bug.
>From glibc-bugs-regex-return-881-listarch-glibc-bugs-regex=sources.redhat.com@sourceware.org Tue Feb 26 11:18:43 2019
Return-Path: <glibc-bugs-regex-return-881-listarch-glibc-bugs-regex=sources.redhat.com@sourceware.org>
Delivered-To: listarch-glibc-bugs-regex@sources.redhat.com
Received: (qmail 82872 invoked by alias); 26 Feb 2019 11:18:43 -0000
Mailing-List: contact glibc-bugs-regex-help@sourceware.org; run by ezmlm
Precedence: bulk
List-Id: <glibc-bugs-regex.sourceware.org>
List-Subscribe: <mailto:glibc-bugs-regex-subscribe@sourceware.org>
List-Post: <mailto:glibc-bugs-regex@sourceware.org>
List-Help: <mailto:glibc-bugs-regex-help@sourceware.org>, <http://sourceware.org/lists.html#faqs>
Sender: glibc-bugs-regex-owner@sourceware.org
Delivered-To: mailing list glibc-bugs-regex@sourceware.org
Received: (qmail 80447 invoked by uid 48); 26 Feb 2019 11:18:39 -0000
From: "mishra.dhiraj95 at gmail dot com" <sourceware-bugzilla@sourceware.org>
To: glibc-bugs-regex@sourceware.org
Subject: [Bug regex/24269] regexec: Infinite recursion in check_dst_limits_calc_pos_1 (CVE-2018-20796)
Date: Tue, 26 Feb 2019 11:18:00 -0000
X-Bugzilla-Reason: CC
X-Bugzilla-Type: changed
X-Bugzilla-Watch-Reason: None
X-Bugzilla-Product: glibc
X-Bugzilla-Component: regex
X-Bugzilla-Version: unspecified
X-Bugzilla-Keywords:
X-Bugzilla-Severity: normal
X-Bugzilla-Who: mishra.dhiraj95 at gmail dot com
X-Bugzilla-Status: UNCONFIRMED
X-Bugzilla-Resolution:
X-Bugzilla-Priority: P2
X-Bugzilla-Assigned-To: unassigned at sourceware dot org
X-Bugzilla-Target-Milestone: ---
X-Bugzilla-Flags: security+
X-Bugzilla-Changed-Fields:
Message-ID: <bug-24269-132-qw8FWzbEHB@http.sourceware.org/bugzilla/>
In-Reply-To: <bug-24269-132@http.sourceware.org/bugzilla/>
References: <bug-24269-132@http.sourceware.org/bugzilla/>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
X-Bugzilla-URL: http://sourceware.org/bugzilla/
Auto-Submitted: auto-generated
MIME-Version: 1.0
X-SW-Source: 2019-02/txt/msg00006.txt.bz2
Content-length: 464
https://sourceware.org/bugzilla/show_bug.cgi?id=24269
--- Comment #5 from Dhiraj <mishra.dhiraj95 at gmail dot com> ---
Florian, please correct me if i am wrong.
Reference: https://debbugs.gnu.org/cgi/bugreport.cgi?bug=34141
The above issue was found in SED with different testcase. However the bug which
i submitted is different, so why we are referring to CVE-2018-20796 ?
--
You are receiving this mail because:
You are on the CC list for the bug.
>From glibc-bugs-regex-return-882-listarch-glibc-bugs-regex=sources.redhat.com@sourceware.org Tue Feb 26 11:49:44 2019
Return-Path: <glibc-bugs-regex-return-882-listarch-glibc-bugs-regex=sources.redhat.com@sourceware.org>
Delivered-To: listarch-glibc-bugs-regex@sources.redhat.com
Received: (qmail 51165 invoked by alias); 26 Feb 2019 11:49:43 -0000
Mailing-List: contact glibc-bugs-regex-help@sourceware.org; run by ezmlm
Precedence: bulk
List-Id: <glibc-bugs-regex.sourceware.org>
List-Subscribe: <mailto:glibc-bugs-regex-subscribe@sourceware.org>
List-Post: <mailto:glibc-bugs-regex@sourceware.org>
List-Help: <mailto:glibc-bugs-regex-help@sourceware.org>, <http://sourceware.org/lists.html#faqs>
Sender: glibc-bugs-regex-owner@sourceware.org
Delivered-To: mailing list glibc-bugs-regex@sourceware.org
Received: (qmail 50977 invoked by uid 48); 26 Feb 2019 11:49:40 -0000
From: "fweimer at redhat dot com" <sourceware-bugzilla@sourceware.org>
To: glibc-bugs-regex@sourceware.org
Subject: [Bug regex/24269] regexec: Infinite recursion in check_dst_limits_calc_pos_1
Date: Tue, 26 Feb 2019 11:49:00 -0000
X-Bugzilla-Reason: CC
X-Bugzilla-Type: changed
X-Bugzilla-Watch-Reason: None
X-Bugzilla-Product: glibc
X-Bugzilla-Component: regex
X-Bugzilla-Version: unspecified
X-Bugzilla-Keywords:
X-Bugzilla-Severity: normal
X-Bugzilla-Who: fweimer at redhat dot com
X-Bugzilla-Status: UNCONFIRMED
X-Bugzilla-Resolution:
X-Bugzilla-Priority: P2
X-Bugzilla-Assigned-To: unassigned at sourceware dot org
X-Bugzilla-Target-Milestone: ---
X-Bugzilla-Flags: security-
X-Bugzilla-Changed-Fields: short_desc alias flagtypes.name
Message-ID: <bug-24269-132-LkFFF3HBvg@http.sourceware.org/bugzilla/>
In-Reply-To: <bug-24269-132@http.sourceware.org/bugzilla/>
References: <bug-24269-132@http.sourceware.org/bugzilla/>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
X-Bugzilla-URL: http://sourceware.org/bugzilla/
Auto-Submitted: auto-generated
MIME-Version: 1.0
X-SW-Source: 2019-02/txt/msg00007.txt.bz2
Content-length: 1116
https://sourceware.org/bugzilla/show_bug.cgi?id=24269
Florian Weimer <fweimer at redhat dot com> changed:
What |Removed |Added
----------------------------------------------------------------------------
Summary|regexec: Infinite recursion |regexec: Infinite recursion
|in |in
|check_dst_limits_calc_pos_1 |check_dst_limits_calc_pos_1
|(CVE-2018-20796) |
Alias|CVE-2018-20796 |
Flags|security+ |security-
--- Comment #6 from Florian Weimer <fweimer at redhat dot com> ---
(In reply to Dhiraj from comment #5)
> Florian, please correct me if i am wrong.
>
> Reference: https://debbugs.gnu.org/cgi/bugreport.cgi?bug=34141
>
> The above issue was found in SED with different testcase. However the bug
> which i submitted is different, so why we are referring to CVE-2018-20796 ?
Sorry, you are right, the bugs are different.
--
You are receiving this mail because:
You are on the CC list for the bug.
>From glibc-bugs-regex-return-883-listarch-glibc-bugs-regex=sources.redhat.com@sourceware.org Fri Mar 01 02:28:12 2019
Return-Path: <glibc-bugs-regex-return-883-listarch-glibc-bugs-regex=sources.redhat.com@sourceware.org>
Delivered-To: listarch-glibc-bugs-regex@sources.redhat.com
Received: (qmail 50443 invoked by alias); 1 Mar 2019 02:28:11 -0000
Mailing-List: contact glibc-bugs-regex-help@sourceware.org; run by ezmlm
Precedence: bulk
List-Id: <glibc-bugs-regex.sourceware.org>
List-Subscribe: <mailto:glibc-bugs-regex-subscribe@sourceware.org>
List-Post: <mailto:glibc-bugs-regex@sourceware.org>
List-Help: <mailto:glibc-bugs-regex-help@sourceware.org>, <http://sourceware.org/lists.html#faqs>
Sender: glibc-bugs-regex-owner@sourceware.org
Delivered-To: mailing list glibc-bugs-regex@sourceware.org
Received: (qmail 49675 invoked by uid 48); 1 Mar 2019 02:27:55 -0000
From: "vapier at gentoo dot org" <sourceware-bugzilla@sourceware.org>
To: glibc-bugs-regex@sourceware.org
Subject: [Bug regex/18986] ERE '0|()0|\1|0' causes regexec undefined behavior
Date: Fri, 01 Mar 2019 02:28:00 -0000
X-Bugzilla-Reason: CC
X-Bugzilla-Type: changed
X-Bugzilla-Watch-Reason: None
X-Bugzilla-Product: glibc
X-Bugzilla-Component: regex
X-Bugzilla-Version: 2.22
X-Bugzilla-Keywords:
X-Bugzilla-Severity: normal
X-Bugzilla-Who: vapier at gentoo dot org
X-Bugzilla-Status: RESOLVED
X-Bugzilla-Resolution: FIXED
X-Bugzilla-Priority: P2
X-Bugzilla-Assigned-To: adhemerval.zanella at linaro dot org
X-Bugzilla-Target-Milestone: ---
X-Bugzilla-Flags: security+
X-Bugzilla-Changed-Fields: alias
Message-ID: <bug-18986-132-kOnwEJSkP1@http.sourceware.org/bugzilla/>
In-Reply-To: <bug-18986-132@http.sourceware.org/bugzilla/>
References: <bug-18986-132@http.sourceware.org/bugzilla/>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
X-Bugzilla-URL: http://sourceware.org/bugzilla/
Auto-Submitted: auto-generated
MIME-Version: 1.0
X-SW-Source: 2019-03/txt/msg00000.txt.bz2
Content-length: 384
https://sourceware.org/bugzilla/show_bug.cgi?id=18986
Mike Frysinger <vapier at gentoo dot org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Alias| |CVE-2009-5155
--
You are receiving this mail because:
You are on the CC list for the bug.
>From glibc-bugs-regex-return-884-listarch-glibc-bugs-regex=sources.redhat.com@sourceware.org Fri Mar 01 10:39:15 2019
Return-Path: <glibc-bugs-regex-return-884-listarch-glibc-bugs-regex=sources.redhat.com@sourceware.org>
Delivered-To: listarch-glibc-bugs-regex@sources.redhat.com
Received: (qmail 65908 invoked by alias); 1 Mar 2019 10:39:14 -0000
Mailing-List: contact glibc-bugs-regex-help@sourceware.org; run by ezmlm
Precedence: bulk
List-Id: <glibc-bugs-regex.sourceware.org>
List-Subscribe: <mailto:glibc-bugs-regex-subscribe@sourceware.org>
List-Post: <mailto:glibc-bugs-regex@sourceware.org>
List-Help: <mailto:glibc-bugs-regex-help@sourceware.org>, <http://sourceware.org/lists.html#faqs>
Sender: glibc-bugs-regex-owner@sourceware.org
Delivered-To: mailing list glibc-bugs-regex@sourceware.org
Received: (qmail 62482 invoked by uid 48); 1 Mar 2019 10:39:11 -0000
From: "fweimer at redhat dot com" <sourceware-bugzilla@sourceware.org>
To: glibc-bugs-regex@sourceware.org
Subject: [Bug regex/18986] ERE '0|()0|\1|0' causes regexec undefined behavior
Date: Fri, 01 Mar 2019 10:39:00 -0000
X-Bugzilla-Reason: CC
X-Bugzilla-Type: changed
X-Bugzilla-Watch-Reason: None
X-Bugzilla-Product: glibc
X-Bugzilla-Component: regex
X-Bugzilla-Version: 2.22
X-Bugzilla-Keywords:
X-Bugzilla-Severity: normal
X-Bugzilla-Who: fweimer at redhat dot com
X-Bugzilla-Status: RESOLVED
X-Bugzilla-Resolution: FIXED
X-Bugzilla-Priority: P2
X-Bugzilla-Assigned-To: adhemerval.zanella at linaro dot org
X-Bugzilla-Target-Milestone: ---
X-Bugzilla-Flags: security+
X-Bugzilla-Changed-Fields: cc
Message-ID: <bug-18986-132-QGJ3R0cbZf@http.sourceware.org/bugzilla/>
In-Reply-To: <bug-18986-132@http.sourceware.org/bugzilla/>
References: <bug-18986-132@http.sourceware.org/bugzilla/>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
X-Bugzilla-URL: http://sourceware.org/bugzilla/
Auto-Submitted: auto-generated
MIME-Version: 1.0
X-SW-Source: 2019-03/txt/msg00001.txt.bz2
Content-length: 397
https://sourceware.org/bugzilla/show_bug.cgi?id=18986
Florian Weimer <fweimer at redhat dot com> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |fweimer at redhat dot com
--
You are receiving this mail because:
You are on the CC list for the bug.
>From glibc-bugs-regex-return-885-listarch-glibc-bugs-regex=sources.redhat.com@sourceware.org Tue Mar 05 10:29:50 2019
Return-Path: <glibc-bugs-regex-return-885-listarch-glibc-bugs-regex=sources.redhat.com@sourceware.org>
Delivered-To: listarch-glibc-bugs-regex@sources.redhat.com
Received: (qmail 2823 invoked by alias); 5 Mar 2019 10:29:49 -0000
Mailing-List: contact glibc-bugs-regex-help@sourceware.org; run by ezmlm
Precedence: bulk
List-Id: <glibc-bugs-regex.sourceware.org>
List-Subscribe: <mailto:glibc-bugs-regex-subscribe@sourceware.org>
List-Post: <mailto:glibc-bugs-regex@sourceware.org>
List-Help: <mailto:glibc-bugs-regex-help@sourceware.org>, <http://sourceware.org/lists.html#faqs>
Sender: glibc-bugs-regex-owner@sourceware.org
Delivered-To: mailing list glibc-bugs-regex@sourceware.org
Received: (qmail 2759 invoked by uid 48); 5 Mar 2019 10:29:46 -0000
From: "schwab@linux-m68k.org" <sourceware-bugzilla@sourceware.org>
To: glibc-bugs-regex@sourceware.org
Subject: [Bug regex/24269] regexec: Infinite recursion in check_dst_limits_calc_pos_1
Date: Tue, 05 Mar 2019 10:29:00 -0000
X-Bugzilla-Reason: CC
X-Bugzilla-Type: changed
X-Bugzilla-Watch-Reason: None
X-Bugzilla-Product: glibc
X-Bugzilla-Component: regex
X-Bugzilla-Version: unspecified
X-Bugzilla-Keywords:
X-Bugzilla-Severity: normal
X-Bugzilla-Who: schwab@linux-m68k.org
X-Bugzilla-Status: UNCONFIRMED
X-Bugzilla-Resolution:
X-Bugzilla-Priority: P2
X-Bugzilla-Assigned-To: unassigned at sourceware dot org
X-Bugzilla-Target-Milestone: ---
X-Bugzilla-Flags: security-
X-Bugzilla-Changed-Fields:
Message-ID: <bug-24269-132-mUf9RDveDM@http.sourceware.org/bugzilla/>
In-Reply-To: <bug-24269-132@http.sourceware.org/bugzilla/>
References: <bug-24269-132@http.sourceware.org/bugzilla/>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
X-Bugzilla-URL: http://sourceware.org/bugzilla/
Auto-Submitted: auto-generated
MIME-Version: 1.0
X-SW-Source: 2019-03/txt/msg00002.txt.bz2
Content-length: 229
https://sourceware.org/bugzilla/show_bug.cgi?id=24269
--- Comment #7 from Andreas Schwab <schwab@linux-m68k.org> ---
In which way do they differ?
--
You are receiving this mail because:
You are on the CC list for the bug.
>From glibc-bugs-regex-return-886-listarch-glibc-bugs-regex=sources.redhat.com@sourceware.org Tue Mar 05 10:33:48 2019
Return-Path: <glibc-bugs-regex-return-886-listarch-glibc-bugs-regex=sources.redhat.com@sourceware.org>
Delivered-To: listarch-glibc-bugs-regex@sources.redhat.com
Received: (qmail 21195 invoked by alias); 5 Mar 2019 10:33:47 -0000
Mailing-List: contact glibc-bugs-regex-help@sourceware.org; run by ezmlm
Precedence: bulk
List-Id: <glibc-bugs-regex.sourceware.org>
List-Subscribe: <mailto:glibc-bugs-regex-subscribe@sourceware.org>
List-Post: <mailto:glibc-bugs-regex@sourceware.org>
List-Help: <mailto:glibc-bugs-regex-help@sourceware.org>, <http://sourceware.org/lists.html#faqs>
Sender: glibc-bugs-regex-owner@sourceware.org
Delivered-To: mailing list glibc-bugs-regex@sourceware.org
Received: (qmail 21122 invoked by uid 48); 5 Mar 2019 10:33:43 -0000
From: "schwab@linux-m68k.org" <sourceware-bugzilla@sourceware.org>
To: glibc-bugs-regex@sourceware.org
Subject: [Bug regex/24114] regexec buffer read overrun in "grep -i '\(\(\)*.\)*\(\)\(\)\1'"
Date: Tue, 05 Mar 2019 10:33:00 -0000
X-Bugzilla-Reason: CC
X-Bugzilla-Type: changed
X-Bugzilla-Watch-Reason: None
X-Bugzilla-Product: glibc
X-Bugzilla-Component: regex
X-Bugzilla-Version: 2.29
X-Bugzilla-Keywords:
X-Bugzilla-Severity: normal
X-Bugzilla-Who: schwab@linux-m68k.org
X-Bugzilla-Status: RESOLVED
X-Bugzilla-Resolution: FIXED
X-Bugzilla-Priority: P2
X-Bugzilla-Assigned-To: unassigned at sourceware dot org
X-Bugzilla-Target-Milestone: 2.30
X-Bugzilla-Flags:
X-Bugzilla-Changed-Fields: alias
Message-ID: <bug-24114-132-b7OeBdP9Zt@http.sourceware.org/bugzilla/>
In-Reply-To: <bug-24114-132@http.sourceware.org/bugzilla/>
References: <bug-24114-132@http.sourceware.org/bugzilla/>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
X-Bugzilla-URL: http://sourceware.org/bugzilla/
Auto-Submitted: auto-generated
MIME-Version: 1.0
X-SW-Source: 2019-03/txt/msg00003.txt.bz2
Content-length: 381
https://sourceware.org/bugzilla/show_bug.cgi?id=24114
Andreas Schwab <schwab@linux-m68k.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Alias| |CVE-2019-9169
--
You are receiving this mail because:
You are on the CC list for the bug.
>From glibc-bugs-regex-return-887-listarch-glibc-bugs-regex=sources.redhat.com@sourceware.org Tue Mar 05 10:46:04 2019
Return-Path: <glibc-bugs-regex-return-887-listarch-glibc-bugs-regex=sources.redhat.com@sourceware.org>
Delivered-To: listarch-glibc-bugs-regex@sources.redhat.com
Received: (qmail 7802 invoked by alias); 5 Mar 2019 10:46:03 -0000
Mailing-List: contact glibc-bugs-regex-help@sourceware.org; run by ezmlm
Precedence: bulk
List-Id: <glibc-bugs-regex.sourceware.org>
List-Subscribe: <mailto:glibc-bugs-regex-subscribe@sourceware.org>
List-Post: <mailto:glibc-bugs-regex@sourceware.org>
List-Help: <mailto:glibc-bugs-regex-help@sourceware.org>, <http://sourceware.org/lists.html#faqs>
Sender: glibc-bugs-regex-owner@sourceware.org
Delivered-To: mailing list glibc-bugs-regex@sourceware.org
Received: (qmail 5730 invoked by uid 48); 5 Mar 2019 10:46:00 -0000
From: "schwab@linux-m68k.org" <sourceware-bugzilla@sourceware.org>
To: glibc-bugs-regex@sourceware.org
Subject: [Bug regex/18986] ERE '0|()0|\1|0' causes regexec undefined behavior
Date: Tue, 05 Mar 2019 10:46:00 -0000
X-Bugzilla-Reason: CC
X-Bugzilla-Type: changed
X-Bugzilla-Watch-Reason: None
X-Bugzilla-Product: glibc
X-Bugzilla-Component: regex
X-Bugzilla-Version: 2.22
X-Bugzilla-Keywords:
X-Bugzilla-Severity: normal
X-Bugzilla-Who: schwab@linux-m68k.org
X-Bugzilla-Status: RESOLVED
X-Bugzilla-Resolution: FIXED
X-Bugzilla-Priority: P2
X-Bugzilla-Assigned-To: adhemerval.zanella at linaro dot org
X-Bugzilla-Target-Milestone: 2.28
X-Bugzilla-Flags: security+
X-Bugzilla-Changed-Fields: target_milestone
Message-ID: <bug-18986-132-JO53FYa2TH@http.sourceware.org/bugzilla/>
In-Reply-To: <bug-18986-132@http.sourceware.org/bugzilla/>
References: <bug-18986-132@http.sourceware.org/bugzilla/>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
X-Bugzilla-URL: http://sourceware.org/bugzilla/
Auto-Submitted: auto-generated
MIME-Version: 1.0
X-SW-Source: 2019-03/txt/msg00004.txt.bz2
Content-length: 372
https://sourceware.org/bugzilla/show_bug.cgi?id=18986
Andreas Schwab <schwab@linux-m68k.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Target Milestone|--- |2.28
--
You are receiving this mail because:
You are on the CC list for the bug.
>From glibc-bugs-regex-return-889-listarch-glibc-bugs-regex=sources.redhat.com@sourceware.org Sat Mar 09 00:32:11 2019
Return-Path: <glibc-bugs-regex-return-889-listarch-glibc-bugs-regex=sources.redhat.com@sourceware.org>
Delivered-To: listarch-glibc-bugs-regex@sources.redhat.com
Received: (qmail 51772 invoked by alias); 9 Mar 2019 00:32:10 -0000
Mailing-List: contact glibc-bugs-regex-help@sourceware.org; run by ezmlm
Precedence: bulk
List-Id: <glibc-bugs-regex.sourceware.org>
List-Subscribe: <mailto:glibc-bugs-regex-subscribe@sourceware.org>
List-Post: <mailto:glibc-bugs-regex@sourceware.org>
List-Help: <mailto:glibc-bugs-regex-help@sourceware.org>, <http://sourceware.org/lists.html#faqs>
Sender: glibc-bugs-regex-owner@sourceware.org
Delivered-To: mailing list glibc-bugs-regex@sourceware.org
Received: (qmail 51709 invoked by uid 48); 9 Mar 2019 00:32:07 -0000
From: "skvadrik at gmail dot com" <sourceware-bugzilla@sourceware.org>
To: glibc-bugs-regex@sourceware.org
Subject: [Bug regex/24316] regexec() violates POSIX longest match rule
Date: Sat, 09 Mar 2019 00:32:00 -0000
X-Bugzilla-Reason: CC
X-Bugzilla-Type: changed
X-Bugzilla-Watch-Reason: None
X-Bugzilla-Product: glibc
X-Bugzilla-Component: regex
X-Bugzilla-Version: 2.29
X-Bugzilla-Keywords:
X-Bugzilla-Severity: normal
X-Bugzilla-Who: skvadrik at gmail dot com
X-Bugzilla-Status: UNCONFIRMED
X-Bugzilla-Resolution:
X-Bugzilla-Priority: P2
X-Bugzilla-Assigned-To: unassigned at sourceware dot org
X-Bugzilla-Target-Milestone: ---
X-Bugzilla-Flags:
X-Bugzilla-Changed-Fields: cc
Message-ID: <bug-24316-132-gsAiij0c9T@http.sourceware.org/bugzilla/>
In-Reply-To: <bug-24316-132@http.sourceware.org/bugzilla/>
References: <bug-24316-132@http.sourceware.org/bugzilla/>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
X-Bugzilla-URL: http://sourceware.org/bugzilla/
Auto-Submitted: auto-generated
MIME-Version: 1.0
X-SW-Source: 2019-03/txt/msg00006.txt.bz2
Content-length: 408
https://sourceware.org/bugzilla/show_bug.cgi?id=24316
skvadrik at gmail dot com <skvadrik at gmail dot com> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |skvadrik at gmail dot com
--
You are receiving this mail because:
You are on the CC list for the bug.
>From glibc-bugs-regex-return-888-listarch-glibc-bugs-regex=sources.redhat.com@sourceware.org Sat Mar 09 00:32:02 2019
Return-Path: <glibc-bugs-regex-return-888-listarch-glibc-bugs-regex=sources.redhat.com@sourceware.org>
Delivered-To: listarch-glibc-bugs-regex@sources.redhat.com
Received: (qmail 51381 invoked by alias); 9 Mar 2019 00:32:01 -0000
Mailing-List: contact glibc-bugs-regex-help@sourceware.org; run by ezmlm
Precedence: bulk
List-Id: <glibc-bugs-regex.sourceware.org>
List-Subscribe: <mailto:glibc-bugs-regex-subscribe@sourceware.org>
List-Post: <mailto:glibc-bugs-regex@sourceware.org>
List-Help: <mailto:glibc-bugs-regex-help@sourceware.org>, <http://sourceware.org/lists.html#faqs>
Sender: glibc-bugs-regex-owner@sourceware.org
Delivered-To: mailing list glibc-bugs-regex@sourceware.org
Received: (qmail 51233 invoked by uid 48); 9 Mar 2019 00:31:57 -0000
From: "skvadrik at gmail dot com" <sourceware-bugzilla@sourceware.org>
To: glibc-bugs-regex@sourceware.org
Subject: [Bug regex/24316] New: regexec() violates POSIX longest match rule
Date: Sat, 09 Mar 2019 00:32:00 -0000
X-Bugzilla-Reason: CC
X-Bugzilla-Type: new
X-Bugzilla-Watch-Reason: None
X-Bugzilla-Product: glibc
X-Bugzilla-Component: regex
X-Bugzilla-Version: 2.29
X-Bugzilla-Keywords:
X-Bugzilla-Severity: normal
X-Bugzilla-Who: skvadrik at gmail dot com
X-Bugzilla-Status: UNCONFIRMED
X-Bugzilla-Resolution:
X-Bugzilla-Priority: P2
X-Bugzilla-Assigned-To: unassigned at sourceware dot org
X-Bugzilla-Target-Milestone: ---
X-Bugzilla-Flags:
X-Bugzilla-Changed-Fields: bug_id short_desc product version bug_status bug_severity priority component assigned_to reporter cc target_milestone attachments.created
Message-ID: <bug-24316-132@http.sourceware.org/bugzilla/>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
X-Bugzilla-URL: http://sourceware.org/bugzilla/
Auto-Submitted: auto-generated
MIME-Version: 1.0
X-SW-Source: 2019-03/txt/msg00005.txt.bz2
Content-length: 2803
https://sourceware.org/bugzilla/show_bug.cgi?id=24316
Bug ID: 24316
Summary: regexec() violates POSIX longest match rule
Product: glibc
Version: 2.29
Status: UNCONFIRMED
Severity: normal
Priority: P2
Component: regex
Assignee: unassigned at sourceware dot org
Reporter: skvadrik at gmail dot com
CC: drepper.fsp at gmail dot com
Target Milestone: ---
Created attachment 11665
--> https://sourceware.org/bugzilla/attachment.cgi?id=11665&action=edit
regexec_bug.c
Hi!
Not sure if this is a long-known issue, so reporting just in case.
Glibc implementation of regexec() violates POSIX longest match rule:
http://pubs.opengroup.org/onlinepubs/7908799/xbd/re.html
Consistent with the whole match being the longest
of the leftmost matches, each subpattern, from left
to right, matches the longest possible string.
For example, consider RE (a|ab)(bc|c) and string abc: first submatch group
should match (ab), and second group should match (c). However, glibc match is
different, as demonstrated by the following program (regexec_bug.c):
#include <sys/types.h>
#include <regex.h>
#include <stdio.h>
#include <stdlib.h>
static void test(const char *pattern, const char *string)
{
regex_t regex;
int nmatch = 0, e = 0;
regmatch_t *pmatch = 0;
e = regcomp(®ex, pattern, REG_EXTENDED);
if (e != 0) {
fprintf(stderr, "regcomp failed for RE %s\n", pattern);
goto end;
}
nmatch = regex.re_nsub + 1;
pmatch = malloc(sizeof(regmatch_t) * nmatch);
e = regexec(®ex, string, nmatch, pmatch, 0);
if (e != 0) {
fprintf(stderr, "regexec failed for RE %s\n", pattern);
goto end;
}
fprintf(stderr, "\nRE %s:\n", pattern);
for (int i = 0; i < nmatch; ++i) {
const regoff_t x = pmatch[i].rm_so, y = pmatch[i].rm_eo;
if (x != -1) {
fprintf(stderr, "%d: %.*s\n", i, y - x, string + x);
}
}
end:
free(pmatch);
regfree(®ex);
}
int main(void)
{
test("^(a|ab)(bc|c)$", "abc");
test("^(ab|a)(bc|c)$", "abc");
test("^(a|aa)*$", "aa");
test("^(aa|a)*$", "aa");
return 0;
}
$ gcc regexec_bug.c -Wall -O2 -g -oregexec_bug
Actual result:
$ ./regexec_bug
RE ^(a|ab)(bc|c)$:
0: abc
1: a
2: bc
RE ^(ab|a)(bc|c)$:
0: abc
1: ab
2: c
RE ^(a|aa)*$:
0: aa
1: a
RE ^(aa|a)*$:
0: aa
1: aa
Expected result:
$ ./regexec_bug
RE ^(a|ab)(bc|c)$:
0: abc
1: ab
2: c
RE ^(ab|a)(bc|c)$:
0: abc
1: ab
2: c
RE ^(a|aa)*$:
0: aa
1: aa
RE ^(aa|a)*$:
0: aa
1: aa
Exact glibc version:
glibc-2.29.9000-118-g86bdd49d93
--
You are receiving this mail because:
You are on the CC list for the bug.
>From glibc-bugs-regex-return-890-listarch-glibc-bugs-regex=sources.redhat.com@sourceware.org Sat Mar 09 10:49:06 2019
Return-Path: <glibc-bugs-regex-return-890-listarch-glibc-bugs-regex=sources.redhat.com@sourceware.org>
Delivered-To: listarch-glibc-bugs-regex@sources.redhat.com
Received: (qmail 117415 invoked by alias); 9 Mar 2019 10:48:49 -0000
Mailing-List: contact glibc-bugs-regex-help@sourceware.org; run by ezmlm
Precedence: bulk
List-Id: <glibc-bugs-regex.sourceware.org>
List-Subscribe: <mailto:glibc-bugs-regex-subscribe@sourceware.org>
List-Post: <mailto:glibc-bugs-regex@sourceware.org>
List-Help: <mailto:glibc-bugs-regex-help@sourceware.org>, <http://sourceware.org/lists.html#faqs>
Sender: glibc-bugs-regex-owner@sourceware.org
Delivered-To: mailing list glibc-bugs-regex@sourceware.org
Received: (qmail 117098 invoked by uid 48); 9 Mar 2019 10:48:43 -0000
From: "skvadrik at gmail dot com" <sourceware-bugzilla@sourceware.org>
To: glibc-bugs-regex@sourceware.org
Subject: [Bug regex/24316] regexec() violates POSIX longest match rule
Date: Sat, 09 Mar 2019 10:48:00 -0000
X-Bugzilla-Reason: CC
X-Bugzilla-Type: changed
X-Bugzilla-Watch-Reason: None
X-Bugzilla-Product: glibc
X-Bugzilla-Component: regex
X-Bugzilla-Version: 2.29
X-Bugzilla-Keywords:
X-Bugzilla-Severity: normal
X-Bugzilla-Who: skvadrik at gmail dot com
X-Bugzilla-Status: UNCONFIRMED
X-Bugzilla-Resolution:
X-Bugzilla-Priority: P2
X-Bugzilla-Assigned-To: unassigned at sourceware dot org
X-Bugzilla-Target-Milestone: ---
X-Bugzilla-Flags:
X-Bugzilla-Changed-Fields:
Message-ID: <bug-24316-132-JpAT0QGDsL@http.sourceware.org/bugzilla/>
In-Reply-To: <bug-24316-132@http.sourceware.org/bugzilla/>
References: <bug-24316-132@http.sourceware.org/bugzilla/>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
X-Bugzilla-URL: http://sourceware.org/bugzilla/
Auto-Submitted: auto-generated
MIME-Version: 1.0
X-SW-Source: 2019-03/txt/msg00007.txt.bz2
Content-length: 591
https://sourceware.org/bugzilla/show_bug.cgi?id=24316
--- Comment #1 from skvadrik at gmail dot com <skvadrik at gmail dot com> ---
Also, is there any formal description of regcomp()/regexec() implementation,
other than the source code itself? I can try to reverse-engineer it from the
source code, but it would be helpful to understand the original author's
design.
Commit 3b0bdc723579a7c6df2cace0115a6ca0977d73f9 points to Isamu Hasegawa
<isamu@yamato.ibm.com>, but that email address no longer exists.
--
You are receiving this mail because:
You are on the CC list for the bug.
>From glibc-bugs-regex-return-891-listarch-glibc-bugs-regex=sources.redhat.com@sourceware.org Wed Mar 13 06:30:56 2019
Return-Path: <glibc-bugs-regex-return-891-listarch-glibc-bugs-regex=sources.redhat.com@sourceware.org>
Delivered-To: listarch-glibc-bugs-regex@sources.redhat.com
Received: (qmail 95289 invoked by alias); 13 Mar 2019 06:30:56 -0000
Mailing-List: contact glibc-bugs-regex-help@sourceware.org; run by ezmlm
Precedence: bulk
List-Id: <glibc-bugs-regex.sourceware.org>
List-Subscribe: <mailto:glibc-bugs-regex-subscribe@sourceware.org>
List-Post: <mailto:glibc-bugs-regex@sourceware.org>
List-Help: <mailto:glibc-bugs-regex-help@sourceware.org>, <http://sourceware.org/lists.html#faqs>
Sender: glibc-bugs-regex-owner@sourceware.org
Delivered-To: mailing list glibc-bugs-regex@sourceware.org
Received: (qmail 95170 invoked by uid 48); 13 Mar 2019 06:30:53 -0000
From: "petersen at redhat dot com" <sourceware-bugzilla@sourceware.org>
To: glibc-bugs-regex@sourceware.org
Subject: [Bug regex/23393] Handle [a-z] and [A-Z] in consistent portable fashion regardless of locale.
Date: Wed, 13 Mar 2019 06:30:00 -0000
X-Bugzilla-Reason: CC
X-Bugzilla-Type: changed
X-Bugzilla-Watch-Reason: None
X-Bugzilla-Product: glibc
X-Bugzilla-Component: regex
X-Bugzilla-Version: 2.28
X-Bugzilla-Keywords:
X-Bugzilla-Severity: normal
X-Bugzilla-Who: petersen at redhat dot com
X-Bugzilla-Status: NEW
X-Bugzilla-Resolution:
X-Bugzilla-Priority: P2
X-Bugzilla-Assigned-To: carlos at redhat dot com
X-Bugzilla-Target-Milestone: ---
X-Bugzilla-Flags: security-
X-Bugzilla-Changed-Fields: cc
Message-ID: <bug-23393-132-2hEkDS5yk9@http.sourceware.org/bugzilla/>
In-Reply-To: <bug-23393-132@http.sourceware.org/bugzilla/>
References: <bug-23393-132@http.sourceware.org/bugzilla/>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
X-Bugzilla-URL: http://sourceware.org/bugzilla/
Auto-Submitted: auto-generated
MIME-Version: 1.0
X-SW-Source: 2019-03/txt/msg00008.txt.bz2
Content-length: 398
https://sourceware.org/bugzilla/show_bug.cgi?id=23393
Jens Petersen <petersen at redhat dot com> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |petersen at redhat dot com
--
You are receiving this mail because:
You are on the CC list for the bug.
>From glibc-bugs-regex-return-892-listarch-glibc-bugs-regex=sources.redhat.com@sourceware.org Sat Mar 16 22:25:24 2019
Return-Path: <glibc-bugs-regex-return-892-listarch-glibc-bugs-regex=sources.redhat.com@sourceware.org>
Delivered-To: listarch-glibc-bugs-regex@sources.redhat.com
Received: (qmail 26776 invoked by alias); 16 Mar 2019 22:25:24 -0000
Mailing-List: contact glibc-bugs-regex-help@sourceware.org; run by ezmlm
Precedence: bulk
List-Id: <glibc-bugs-regex.sourceware.org>
List-Subscribe: <mailto:glibc-bugs-regex-subscribe@sourceware.org>
List-Post: <mailto:glibc-bugs-regex@sourceware.org>
List-Help: <mailto:glibc-bugs-regex-help@sourceware.org>, <http://sourceware.org/lists.html#faqs>
Sender: glibc-bugs-regex-owner@sourceware.org
Delivered-To: mailing list glibc-bugs-regex@sourceware.org
Received: (qmail 26605 invoked by uid 55); 16 Mar 2019 22:25:21 -0000
From: "cvs-commit at gcc dot gnu.org" <sourceware-bugzilla@sourceware.org>
To: glibc-bugs-regex@sourceware.org
Subject: [Bug regex/24114] regexec buffer read overrun in "grep -i '\(\(\)*.\)*\(\)\(\)\1'"
Date: Sat, 16 Mar 2019 22:25:00 -0000
X-Bugzilla-Reason: CC
X-Bugzilla-Type: changed
X-Bugzilla-Watch-Reason: None
X-Bugzilla-Product: glibc
X-Bugzilla-Component: regex
X-Bugzilla-Version: 2.29
X-Bugzilla-Keywords:
X-Bugzilla-Severity: normal
X-Bugzilla-Who: cvs-commit at gcc dot gnu.org
X-Bugzilla-Status: RESOLVED
X-Bugzilla-Resolution: FIXED
X-Bugzilla-Priority: P2
X-Bugzilla-Assigned-To: unassigned at sourceware dot org
X-Bugzilla-Target-Milestone: 2.30
X-Bugzilla-Flags:
X-Bugzilla-Changed-Fields:
Message-ID: <bug-24114-132-T3TajyqOte@http.sourceware.org/bugzilla/>
In-Reply-To: <bug-24114-132@http.sourceware.org/bugzilla/>
References: <bug-24114-132@http.sourceware.org/bugzilla/>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
X-Bugzilla-URL: http://sourceware.org/bugzilla/
Auto-Submitted: auto-generated
MIME-Version: 1.0
X-SW-Source: 2019-03/txt/msg00009.txt.bz2
Content-length: 1284
https://sourceware.org/bugzilla/show_bug.cgi?id=24114
--- Comment #3 from cvs-commit at gcc dot gnu.org <cvs-commit at gcc dot gnu.org> ---
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "GNU C Library master sources".
The branch, master has been updated
via b626c5aa5d0673a9caa48fb79fba8bda237e6fa8 (commit)
from 066ae81ec9b1a5bb8f8b93f4defb089f7b315833 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=b626c5aa5d0673a9caa48fb79fba8bda237e6fa8
commit b626c5aa5d0673a9caa48fb79fba8bda237e6fa8
Author: Aurelien Jarno <aurelien@aurel32.net>
Date: Sat Mar 16 22:59:56 2019 +0100
Record CVE-2019-9169 in NEWS and ChangeLog [BZ #24114]
-----------------------------------------------------------------------
Summary of changes:
ChangeLog | 1 +
NEWS | 4 ++++
2 files changed, 5 insertions(+), 0 deletions(-)
--
You are receiving this mail because:
You are on the CC list for the bug.
>From glibc-bugs-regex-return-893-listarch-glibc-bugs-regex=sources.redhat.com@sourceware.org Sat Mar 16 22:32:47 2019
Return-Path: <glibc-bugs-regex-return-893-listarch-glibc-bugs-regex=sources.redhat.com@sourceware.org>
Delivered-To: listarch-glibc-bugs-regex@sources.redhat.com
Received: (qmail 49496 invoked by alias); 16 Mar 2019 22:32:47 -0000
Mailing-List: contact glibc-bugs-regex-help@sourceware.org; run by ezmlm
Precedence: bulk
List-Id: <glibc-bugs-regex.sourceware.org>
List-Subscribe: <mailto:glibc-bugs-regex-subscribe@sourceware.org>
List-Post: <mailto:glibc-bugs-regex@sourceware.org>
List-Help: <mailto:glibc-bugs-regex-help@sourceware.org>, <http://sourceware.org/lists.html#faqs>
Sender: glibc-bugs-regex-owner@sourceware.org
Delivered-To: mailing list glibc-bugs-regex@sourceware.org
Received: (qmail 49405 invoked by uid 55); 16 Mar 2019 22:32:43 -0000
From: "cvs-commit at gcc dot gnu.org" <sourceware-bugzilla@sourceware.org>
To: glibc-bugs-regex@sourceware.org
Subject: [Bug regex/24114] regexec buffer read overrun in "grep -i '\(\(\)*.\)*\(\)\(\)\1'"
Date: Sat, 16 Mar 2019 22:32:00 -0000
X-Bugzilla-Reason: CC
X-Bugzilla-Type: changed
X-Bugzilla-Watch-Reason: None
X-Bugzilla-Product: glibc
X-Bugzilla-Component: regex
X-Bugzilla-Version: 2.29
X-Bugzilla-Keywords:
X-Bugzilla-Severity: normal
X-Bugzilla-Who: cvs-commit at gcc dot gnu.org
X-Bugzilla-Status: RESOLVED
X-Bugzilla-Resolution: FIXED
X-Bugzilla-Priority: P2
X-Bugzilla-Assigned-To: unassigned at sourceware dot org
X-Bugzilla-Target-Milestone: 2.30
X-Bugzilla-Flags:
X-Bugzilla-Changed-Fields:
Message-ID: <bug-24114-132-Xcd00LfHIs@http.sourceware.org/bugzilla/>
In-Reply-To: <bug-24114-132@http.sourceware.org/bugzilla/>
References: <bug-24114-132@http.sourceware.org/bugzilla/>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
X-Bugzilla-URL: http://sourceware.org/bugzilla/
Auto-Submitted: auto-generated
MIME-Version: 1.0
X-SW-Source: 2019-03/txt/msg00010.txt.bz2
Content-length: 2016
https://sourceware.org/bugzilla/show_bug.cgi?id=24114
--- Comment #4 from cvs-commit at gcc dot gnu.org <cvs-commit at gcc dot gnu.org> ---
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "GNU C Library master sources".
The branch, release/2.29/master has been updated
via 10dd17da710fd32aaf1f2187544d80064b8c4ee0 (commit)
via 4d0b1b0f61bfba034e9e76a1d76acc59c975238f (commit)
from bc6f839fb4066be83272c735e662850af2595777 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=10dd17da710fd32aaf1f2187544d80064b8c4ee0
commit 10dd17da710fd32aaf1f2187544d80064b8c4ee0
Author: Aurelien Jarno <aurelien@aurel32.net>
Date: Sat Mar 16 22:59:56 2019 +0100
Record CVE-2019-9169 in NEWS and ChangeLog [BZ #24114]
(cherry picked from commit b626c5aa5d0673a9caa48fb79fba8bda237e6fa8)
https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=4d0b1b0f61bfba034e9e76a1d76acc59c975238f
commit 4d0b1b0f61bfba034e9e76a1d76acc59c975238f
Author: Paul Eggert <eggert@cs.ucla.edu>
Date: Mon Jan 21 11:08:13 2019 -0800
regex: fix read overrun [BZ #24114]
Problem found by AddressSanitizer, reported by Hongxu Chen in:
https://debbugs.gnu.org/34140
* posix/regexec.c (proceed_next_node):
Do not read past end of input buffer.
(cherry picked from commit 583dd860d5b833037175247230a328f0050dbfe9)
-----------------------------------------------------------------------
Summary of changes:
ChangeLog | 9 +++++++++
NEWS | 4 ++++
posix/regexec.c | 6 ++++--
3 files changed, 17 insertions(+), 2 deletions(-)
--
You are receiving this mail because:
You are on the CC list for the bug.
>From glibc-bugs-regex-return-894-listarch-glibc-bugs-regex=sources.redhat.com@sourceware.org Sun Mar 17 08:44:54 2019
Return-Path: <glibc-bugs-regex-return-894-listarch-glibc-bugs-regex=sources.redhat.com@sourceware.org>
Delivered-To: listarch-glibc-bugs-regex@sources.redhat.com
Received: (qmail 93862 invoked by alias); 17 Mar 2019 08:44:54 -0000
Mailing-List: contact glibc-bugs-regex-help@sourceware.org; run by ezmlm
Precedence: bulk
List-Id: <glibc-bugs-regex.sourceware.org>
List-Subscribe: <mailto:glibc-bugs-regex-subscribe@sourceware.org>
List-Post: <mailto:glibc-bugs-regex@sourceware.org>
List-Help: <mailto:glibc-bugs-regex-help@sourceware.org>, <http://sourceware.org/lists.html#faqs>
Sender: glibc-bugs-regex-owner@sourceware.org
Delivered-To: mailing list glibc-bugs-regex@sourceware.org
Received: (qmail 93807 invoked by uid 55); 17 Mar 2019 08:44:51 -0000
From: "cvs-commit at gcc dot gnu.org" <sourceware-bugzilla@sourceware.org>
To: glibc-bugs-regex@sourceware.org
Subject: [Bug regex/24114] regexec buffer read overrun in "grep -i '\(\(\)*.\)*\(\)\(\)\1'"
Date: Sun, 17 Mar 2019 08:44:00 -0000
X-Bugzilla-Reason: CC
X-Bugzilla-Type: changed
X-Bugzilla-Watch-Reason: None
X-Bugzilla-Product: glibc
X-Bugzilla-Component: regex
X-Bugzilla-Version: 2.29
X-Bugzilla-Keywords:
X-Bugzilla-Severity: normal
X-Bugzilla-Who: cvs-commit at gcc dot gnu.org
X-Bugzilla-Status: RESOLVED
X-Bugzilla-Resolution: FIXED
X-Bugzilla-Priority: P2
X-Bugzilla-Assigned-To: unassigned at sourceware dot org
X-Bugzilla-Target-Milestone: 2.30
X-Bugzilla-Flags:
X-Bugzilla-Changed-Fields:
Message-ID: <bug-24114-132-TSJQZMdyas@http.sourceware.org/bugzilla/>
In-Reply-To: <bug-24114-132@http.sourceware.org/bugzilla/>
References: <bug-24114-132@http.sourceware.org/bugzilla/>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
X-Bugzilla-URL: http://sourceware.org/bugzilla/
Auto-Submitted: auto-generated
MIME-Version: 1.0
X-SW-Source: 2019-03/txt/msg00011.txt.bz2
Content-length: 2016
https://sourceware.org/bugzilla/show_bug.cgi?id=24114
--- Comment #5 from cvs-commit at gcc dot gnu.org <cvs-commit at gcc dot gnu.org> ---
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "GNU C Library master sources".
The branch, release/2.28/master has been updated
via 54e725e39d0190227b9bf975a7c3f80e8a81365a (commit)
via 2aee101ff6075dd97a99982a1ba29e21ec25c52f (commit)
from 4bf5ab3196bd27e48d87d4a1cd91efd39772e026 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=54e725e39d0190227b9bf975a7c3f80e8a81365a
commit 54e725e39d0190227b9bf975a7c3f80e8a81365a
Author: Aurelien Jarno <aurelien@aurel32.net>
Date: Sat Mar 16 22:59:56 2019 +0100
Record CVE-2019-9169 in NEWS and ChangeLog [BZ #24114]
(cherry picked from commit b626c5aa5d0673a9caa48fb79fba8bda237e6fa8)
https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=2aee101ff6075dd97a99982a1ba29e21ec25c52f
commit 2aee101ff6075dd97a99982a1ba29e21ec25c52f
Author: Paul Eggert <eggert@cs.ucla.edu>
Date: Mon Jan 21 11:08:13 2019 -0800
regex: fix read overrun [BZ #24114]
Problem found by AddressSanitizer, reported by Hongxu Chen in:
https://debbugs.gnu.org/34140
* posix/regexec.c (proceed_next_node):
Do not read past end of input buffer.
(cherry picked from commit 583dd860d5b833037175247230a328f0050dbfe9)
-----------------------------------------------------------------------
Summary of changes:
ChangeLog | 9 +++++++++
NEWS | 4 ++++
posix/regexec.c | 6 ++++--
3 files changed, 17 insertions(+), 2 deletions(-)
--
You are receiving this mail because:
You are on the CC list for the bug.
>From glibc-bugs-regex-return-895-listarch-glibc-bugs-regex=sources.redhat.com@sourceware.org Thu Mar 21 08:26:42 2019
Return-Path: <glibc-bugs-regex-return-895-listarch-glibc-bugs-regex=sources.redhat.com@sourceware.org>
Delivered-To: listarch-glibc-bugs-regex@sources.redhat.com
Received: (qmail 41184 invoked by alias); 21 Mar 2019 08:26:41 -0000
Mailing-List: contact glibc-bugs-regex-help@sourceware.org; run by ezmlm
Precedence: bulk
List-Id: <glibc-bugs-regex.sourceware.org>
List-Subscribe: <mailto:glibc-bugs-regex-subscribe@sourceware.org>
List-Post: <mailto:glibc-bugs-regex@sourceware.org>
List-Help: <mailto:glibc-bugs-regex-help@sourceware.org>, <http://sourceware.org/lists.html#faqs>
Sender: glibc-bugs-regex-owner@sourceware.org
Delivered-To: mailing list glibc-bugs-regex@sourceware.org
Received: (qmail 41116 invoked by uid 48); 21 Mar 2019 08:26:38 -0000
From: "schwab@linux-m68k.org" <sourceware-bugzilla@sourceware.org>
To: glibc-bugs-regex@sourceware.org
Subject: [Bug regex/24269] regexec: Infinite recursion in check_dst_limits_calc_pos_1
Date: Thu, 21 Mar 2019 08:26:00 -0000
X-Bugzilla-Reason: CC
X-Bugzilla-Type: changed
X-Bugzilla-Watch-Reason: None
X-Bugzilla-Product: glibc
X-Bugzilla-Component: regex
X-Bugzilla-Version: unspecified
X-Bugzilla-Keywords:
X-Bugzilla-Severity: normal
X-Bugzilla-Who: schwab@linux-m68k.org
X-Bugzilla-Status: UNCONFIRMED
X-Bugzilla-Resolution:
X-Bugzilla-Priority: P2
X-Bugzilla-Assigned-To: unassigned at sourceware dot org
X-Bugzilla-Target-Milestone: ---
X-Bugzilla-Flags: security-
X-Bugzilla-Changed-Fields: alias
Message-ID: <bug-24269-132-fD22zjJmhy@http.sourceware.org/bugzilla/>
In-Reply-To: <bug-24269-132@http.sourceware.org/bugzilla/>
References: <bug-24269-132@http.sourceware.org/bugzilla/>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
X-Bugzilla-URL: http://sourceware.org/bugzilla/
Auto-Submitted: auto-generated
MIME-Version: 1.0
X-SW-Source: 2019-03/txt/msg00012.txt.bz2
Content-length: 382
https://sourceware.org/bugzilla/show_bug.cgi?id=24269
Andreas Schwab <schwab@linux-m68k.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Alias| |CVE-2018-20796
--
You are receiving this mail because:
You are on the CC list for the bug.
>From glibc-bugs-regex-return-896-listarch-glibc-bugs-regex=sources.redhat.com@sourceware.org Mon Apr 01 10:35:03 2019
Return-Path: <glibc-bugs-regex-return-896-listarch-glibc-bugs-regex=sources.redhat.com@sourceware.org>
Delivered-To: listarch-glibc-bugs-regex@sources.redhat.com
Received: (qmail 33525 invoked by alias); 1 Apr 2019 10:35:03 -0000
Mailing-List: contact glibc-bugs-regex-help@sourceware.org; run by ezmlm
Precedence: bulk
List-Id: <glibc-bugs-regex.sourceware.org>
List-Subscribe: <mailto:glibc-bugs-regex-subscribe@sourceware.org>
List-Post: <mailto:glibc-bugs-regex@sourceware.org>
List-Help: <mailto:glibc-bugs-regex-help@sourceware.org>, <http://sourceware.org/lists.html#faqs>
Sender: glibc-bugs-regex-owner@sourceware.org
Delivered-To: mailing list glibc-bugs-regex@sourceware.org
Received: (qmail 33266 invoked by uid 48); 1 Apr 2019 10:34:59 -0000
From: "fweimer at redhat dot com" <sourceware-bugzilla@sourceware.org>
To: glibc-bugs-regex@sourceware.org
Subject: [Bug regex/13637] incorrect match in multi-byte (non-UTF8) string
Date: Mon, 01 Apr 2019 10:35:00 -0000
X-Bugzilla-Reason: CC
X-Bugzilla-Type: changed
X-Bugzilla-Watch-Reason: None
X-Bugzilla-Product: glibc
X-Bugzilla-Component: regex
X-Bugzilla-Version: 2.15
X-Bugzilla-Keywords:
X-Bugzilla-Severity: normal
X-Bugzilla-Who: fweimer at redhat dot com
X-Bugzilla-Status: RESOLVED
X-Bugzilla-Resolution: FIXED
X-Bugzilla-Priority: P2
X-Bugzilla-Assigned-To: drepper.fsp at gmail dot com
X-Bugzilla-Target-Milestone: ---
X-Bugzilla-Flags: security-
X-Bugzilla-Changed-Fields: cc flagtypes.name
Message-ID: <bug-13637-132-6dKUZ4XfIF@http.sourceware.org/bugzilla/>
In-Reply-To: <bug-13637-132@http.sourceware.org/bugzilla/>
References: <bug-13637-132@http.sourceware.org/bugzilla/>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
X-Bugzilla-URL: http://sourceware.org/bugzilla/
Auto-Submitted: auto-generated
MIME-Version: 1.0
X-SW-Source: 2019-04/txt/msg00000.txt.bz2
Content-length: 456
https://sourceware.org/bugzilla/show_bug.cgi?id=13637
Florian Weimer <fweimer at redhat dot com> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |fweimer at redhat dot com
Flags| |security-
--
You are receiving this mail because:
You are on the CC list for the bug.
>From glibc-bugs-regex-return-897-listarch-glibc-bugs-regex=sources.redhat.com@sourceware.org Tue Apr 02 16:00:36 2019
Return-Path: <glibc-bugs-regex-return-897-listarch-glibc-bugs-regex=sources.redhat.com@sourceware.org>
Delivered-To: listarch-glibc-bugs-regex@sources.redhat.com
Received: (qmail 49640 invoked by alias); 2 Apr 2019 16:00:36 -0000
Mailing-List: contact glibc-bugs-regex-help@sourceware.org; run by ezmlm
Precedence: bulk
List-Id: <glibc-bugs-regex.sourceware.org>
List-Subscribe: <mailto:glibc-bugs-regex-subscribe@sourceware.org>
List-Post: <mailto:glibc-bugs-regex@sourceware.org>
List-Help: <mailto:glibc-bugs-regex-help@sourceware.org>, <http://sourceware.org/lists.html#faqs>
Sender: glibc-bugs-regex-owner@sourceware.org
Delivered-To: mailing list glibc-bugs-regex@sourceware.org
Received: (qmail 42210 invoked by uid 48); 2 Apr 2019 16:00:25 -0000
From: "fweimer at redhat dot com" <sourceware-bugzilla@sourceware.org>
To: glibc-bugs-regex@sourceware.org
Subject: [Bug regex/24114] regexec buffer read overrun in "grep -i '\(\(\)*.\)*\(\)\(\)\1'"
Date: Tue, 02 Apr 2019 16:00:00 -0000
X-Bugzilla-Reason: CC
X-Bugzilla-Type: changed
X-Bugzilla-Watch-Reason: None
X-Bugzilla-Product: glibc
X-Bugzilla-Component: regex
X-Bugzilla-Version: 2.29
X-Bugzilla-Keywords:
X-Bugzilla-Severity: normal
X-Bugzilla-Who: fweimer at redhat dot com
X-Bugzilla-Status: RESOLVED
X-Bugzilla-Resolution: FIXED
X-Bugzilla-Priority: P2
X-Bugzilla-Assigned-To: unassigned at sourceware dot org
X-Bugzilla-Target-Milestone: 2.30
X-Bugzilla-Flags: security+
X-Bugzilla-Changed-Fields: flagtypes.name
Message-ID: <bug-24114-132-aGd4Nzbrsr@http.sourceware.org/bugzilla/>
In-Reply-To: <bug-24114-132@http.sourceware.org/bugzilla/>
References: <bug-24114-132@http.sourceware.org/bugzilla/>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
X-Bugzilla-URL: http://sourceware.org/bugzilla/
Auto-Submitted: auto-generated
MIME-Version: 1.0
X-SW-Source: 2019-04/txt/msg00001.txt.bz2
Content-length: 595
https://sourceware.org/bugzilla/show_bug.cgi?id=24114
Florian Weimer <fweimer at redhat dot com> changed:
What |Removed |Added
----------------------------------------------------------------------------
Flags| |security+
--- Comment #6 from Florian Weimer <fweimer at redhat dot com> ---
Flagging as security+ due to CVE assignment. Since this bug needs a crafted
pattern to trigger, it would not normally qualify as a security bug.
--
You are receiving this mail because:
You are on the CC list for the bug.
>From glibc-bugs-regex-return-898-listarch-glibc-bugs-regex=sources.redhat.com@sourceware.org Wed Apr 10 09:59:54 2019
Return-Path: <glibc-bugs-regex-return-898-listarch-glibc-bugs-regex=sources.redhat.com@sourceware.org>
Delivered-To: listarch-glibc-bugs-regex@sources.redhat.com
Received: (qmail 118326 invoked by alias); 10 Apr 2019 09:59:53 -0000
Mailing-List: contact glibc-bugs-regex-help@sourceware.org; run by ezmlm
Precedence: bulk
List-Id: <glibc-bugs-regex.sourceware.org>
List-Subscribe: <mailto:glibc-bugs-regex-subscribe@sourceware.org>
List-Post: <mailto:glibc-bugs-regex@sourceware.org>
List-Help: <mailto:glibc-bugs-regex-help@sourceware.org>, <http://sourceware.org/lists.html#faqs>
Sender: glibc-bugs-regex-owner@sourceware.org
Delivered-To: mailing list glibc-bugs-regex@sourceware.org
Received: (qmail 118289 invoked by uid 48); 10 Apr 2019 09:59:50 -0000
From: "fweimer at redhat dot com" <sourceware-bugzilla@sourceware.org>
To: glibc-bugs-regex@sourceware.org
Subject: [Bug regex/611] regex with a long character sequence requires huge stack space
Date: Wed, 10 Apr 2019 09:59:00 -0000
X-Bugzilla-Reason: CC
X-Bugzilla-Type: changed
X-Bugzilla-Watch-Reason: None
X-Bugzilla-Product: glibc
X-Bugzilla-Component: regex
X-Bugzilla-Version: unspecified
X-Bugzilla-Keywords:
X-Bugzilla-Severity: normal
X-Bugzilla-Who: fweimer at redhat dot com
X-Bugzilla-Status: RESOLVED
X-Bugzilla-Resolution: FIXED
X-Bugzilla-Priority: P1
X-Bugzilla-Assigned-To: bonzini at gnu dot org
X-Bugzilla-Target-Milestone: ---
X-Bugzilla-Flags: security-
X-Bugzilla-Changed-Fields: cc flagtypes.name
Message-ID: <bug-611-132-2lt3om4GwR@http.sourceware.org/bugzilla/>
In-Reply-To: <bug-611-132@http.sourceware.org/bugzilla/>
References: <bug-611-132@http.sourceware.org/bugzilla/>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
X-Bugzilla-URL: http://sourceware.org/bugzilla/
Auto-Submitted: auto-generated
MIME-Version: 1.0
X-SW-Source: 2019-04/txt/msg00002.txt.bz2
Content-length: 598
https://sourceware.org/bugzilla/show_bug.cgi?id=611
Florian Weimer <fweimer at redhat dot com> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |fweimer at redhat dot com
Flags| |security-
--- Comment #8 from Florian Weimer <fweimer at redhat dot com> ---
Flagging as security- because this occurs when compiling a crafted pattern.
--
You are receiving this mail because:
You are on the CC list for the bug.
>From glibc-bugs-regex-return-899-listarch-glibc-bugs-regex=sources.redhat.com@sourceware.org Wed Apr 10 10:02:55 2019
Return-Path: <glibc-bugs-regex-return-899-listarch-glibc-bugs-regex=sources.redhat.com@sourceware.org>
Delivered-To: listarch-glibc-bugs-regex@sources.redhat.com
Received: (qmail 122033 invoked by alias); 10 Apr 2019 10:02:55 -0000
Mailing-List: contact glibc-bugs-regex-help@sourceware.org; run by ezmlm
Precedence: bulk
List-Id: <glibc-bugs-regex.sourceware.org>
List-Subscribe: <mailto:glibc-bugs-regex-subscribe@sourceware.org>
List-Post: <mailto:glibc-bugs-regex@sourceware.org>
List-Help: <mailto:glibc-bugs-regex-help@sourceware.org>, <http://sourceware.org/lists.html#faqs>
Sender: glibc-bugs-regex-owner@sourceware.org
Delivered-To: mailing list glibc-bugs-regex@sourceware.org
Received: (qmail 121730 invoked by uid 48); 10 Apr 2019 10:02:48 -0000
From: "fweimer at redhat dot com" <sourceware-bugzilla@sourceware.org>
To: glibc-bugs-regex@sourceware.org
Subject: [Bug regex/1178] posix regex tests timeout on PII 180MHz
Date: Wed, 10 Apr 2019 10:02:00 -0000
X-Bugzilla-Reason: CC
X-Bugzilla-Type: changed
X-Bugzilla-Watch-Reason: None
X-Bugzilla-Product: glibc
X-Bugzilla-Component: regex
X-Bugzilla-Version: 2.3.4
X-Bugzilla-Keywords:
X-Bugzilla-Severity: normal
X-Bugzilla-Who: fweimer at redhat dot com
X-Bugzilla-Status: RESOLVED
X-Bugzilla-Resolution: INVALID
X-Bugzilla-Priority: P3
X-Bugzilla-Assigned-To: gotom at debian dot or.jp
X-Bugzilla-Target-Milestone: ---
X-Bugzilla-Flags: security-
X-Bugzilla-Changed-Fields: cc alias flagtypes.name
Message-ID: <bug-1178-132-i8g1gXFkYR@http.sourceware.org/bugzilla/>
In-Reply-To: <bug-1178-132@http.sourceware.org/bugzilla/>
References: <bug-1178-132@http.sourceware.org/bugzilla/>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
X-Bugzilla-URL: http://sourceware.org/bugzilla/
Auto-Submitted: auto-generated
MIME-Version: 1.0
X-SW-Source: 2019-04/txt/msg00003.txt.bz2
Content-length: 505
https://sourceware.org/bugzilla/show_bug.cgi?id=1178
Florian Weimer <fweimer at redhat dot com> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |fweimer at redhat dot com
Alias|timout-regex-tests |
Flags| |security-
--
You are receiving this mail because:
You are on the CC list for the bug.
>From glibc-bugs-regex-return-900-listarch-glibc-bugs-regex=sources.redhat.com@sourceware.org Wed Apr 10 10:06:41 2019
Return-Path: <glibc-bugs-regex-return-900-listarch-glibc-bugs-regex=sources.redhat.com@sourceware.org>
Delivered-To: listarch-glibc-bugs-regex@sources.redhat.com
Received: (qmail 118029 invoked by alias); 10 Apr 2019 10:06:40 -0000
Mailing-List: contact glibc-bugs-regex-help@sourceware.org; run by ezmlm
Precedence: bulk
List-Id: <glibc-bugs-regex.sourceware.org>
List-Subscribe: <mailto:glibc-bugs-regex-subscribe@sourceware.org>
List-Post: <mailto:glibc-bugs-regex@sourceware.org>
List-Help: <mailto:glibc-bugs-regex-help@sourceware.org>, <http://sourceware.org/lists.html#faqs>
Sender: glibc-bugs-regex-owner@sourceware.org
Delivered-To: mailing list glibc-bugs-regex@sourceware.org
Received: (qmail 112953 invoked by uid 48); 10 Apr 2019 10:06:37 -0000
From: "fweimer at redhat dot com" <sourceware-bugzilla@sourceware.org>
To: glibc-bugs-regex@sourceware.org
Subject: [Bug regex/1149] character class with range doesn't match half-width kana in SJIS locale
Date: Wed, 10 Apr 2019 10:06:00 -0000
X-Bugzilla-Reason: CC
X-Bugzilla-Type: changed
X-Bugzilla-Watch-Reason: None
X-Bugzilla-Product: glibc
X-Bugzilla-Component: regex
X-Bugzilla-Version: unspecified
X-Bugzilla-Keywords:
X-Bugzilla-Severity: normal
X-Bugzilla-Who: fweimer at redhat dot com
X-Bugzilla-Status: RESOLVED
X-Bugzilla-Resolution: WONTFIX
X-Bugzilla-Priority: P2
X-Bugzilla-Assigned-To: gotom at debian dot or.jp
X-Bugzilla-Target-Milestone: ---
X-Bugzilla-Flags: security-
X-Bugzilla-Changed-Fields: cc
Message-ID: <bug-1149-132-JrEgFoBbUw@http.sourceware.org/bugzilla/>
In-Reply-To: <bug-1149-132@http.sourceware.org/bugzilla/>
References: <bug-1149-132@http.sourceware.org/bugzilla/>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
X-Bugzilla-URL: http://sourceware.org/bugzilla/
Auto-Submitted: auto-generated
MIME-Version: 1.0
X-SW-Source: 2019-04/txt/msg00004.txt.bz2
Content-length: 396
https://sourceware.org/bugzilla/show_bug.cgi?id=1149
Florian Weimer <fweimer at redhat dot com> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |fweimer at redhat dot com
--
You are receiving this mail because:
You are on the CC list for the bug.
>From glibc-bugs-regex-return-901-listarch-glibc-bugs-regex=sources.redhat.com@sourceware.org Wed Apr 10 12:27:39 2019
Return-Path: <glibc-bugs-regex-return-901-listarch-glibc-bugs-regex=sources.redhat.com@sourceware.org>
Delivered-To: listarch-glibc-bugs-regex@sources.redhat.com
Received: (qmail 19101 invoked by alias); 10 Apr 2019 12:27:38 -0000
Mailing-List: contact glibc-bugs-regex-help@sourceware.org; run by ezmlm
Precedence: bulk
List-Id: <glibc-bugs-regex.sourceware.org>
List-Subscribe: <mailto:glibc-bugs-regex-subscribe@sourceware.org>
List-Post: <mailto:glibc-bugs-regex@sourceware.org>
List-Help: <mailto:glibc-bugs-regex-help@sourceware.org>, <http://sourceware.org/lists.html#faqs>
Sender: glibc-bugs-regex-owner@sourceware.org
Delivered-To: mailing list glibc-bugs-regex@sourceware.org
Received: (qmail 18998 invoked by uid 48); 10 Apr 2019 12:27:35 -0000
From: "fweimer at redhat dot com" <sourceware-bugzilla@sourceware.org>
To: glibc-bugs-regex@sourceware.org
Subject: [Bug regex/52] Repeated and nested subexpressions (reproducible in most other engines)
Date: Wed, 10 Apr 2019 12:27:00 -0000
X-Bugzilla-Reason: CC
X-Bugzilla-Type: changed
X-Bugzilla-Watch-Reason: None
X-Bugzilla-Product: glibc
X-Bugzilla-Component: regex
X-Bugzilla-Version: unspecified
X-Bugzilla-Keywords:
X-Bugzilla-Severity: minor
X-Bugzilla-Who: fweimer at redhat dot com
X-Bugzilla-Status: NEW
X-Bugzilla-Resolution:
X-Bugzilla-Priority: P3
X-Bugzilla-Assigned-To: gotom at debian dot or.jp
X-Bugzilla-Target-Milestone: ---
X-Bugzilla-Flags: security-
X-Bugzilla-Changed-Fields: cc flagtypes.name
Message-ID: <bug-52-132-QnOwvniIIZ@http.sourceware.org/bugzilla/>
In-Reply-To: <bug-52-132@http.sourceware.org/bugzilla/>
References: <bug-52-132@http.sourceware.org/bugzilla/>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
X-Bugzilla-URL: http://sourceware.org/bugzilla/
Auto-Submitted: auto-generated
MIME-Version: 1.0
X-SW-Source: 2019-04/txt/msg00005.txt.bz2
Content-length: 453
https://sourceware.org/bugzilla/show_bug.cgi?id=52
Florian Weimer <fweimer at redhat dot com> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |fweimer at redhat dot com
Flags| |security-
--
You are receiving this mail because:
You are on the CC list for the bug.
>From glibc-bugs-regex-return-902-listarch-glibc-bugs-regex=sources.redhat.com@sourceware.org Wed Apr 10 12:35:26 2019
Return-Path: <glibc-bugs-regex-return-902-listarch-glibc-bugs-regex=sources.redhat.com@sourceware.org>
Delivered-To: listarch-glibc-bugs-regex@sources.redhat.com
Received: (qmail 33686 invoked by alias); 10 Apr 2019 12:35:18 -0000
Mailing-List: contact glibc-bugs-regex-help@sourceware.org; run by ezmlm
Precedence: bulk
List-Id: <glibc-bugs-regex.sourceware.org>
List-Subscribe: <mailto:glibc-bugs-regex-subscribe@sourceware.org>
List-Post: <mailto:glibc-bugs-regex@sourceware.org>
List-Help: <mailto:glibc-bugs-regex-help@sourceware.org>, <http://sourceware.org/lists.html#faqs>
Sender: glibc-bugs-regex-owner@sourceware.org
Delivered-To: mailing list glibc-bugs-regex@sourceware.org
Received: (qmail 33630 invoked by uid 48); 10 Apr 2019 12:35:15 -0000
From: "fweimer at redhat dot com" <sourceware-bugzilla@sourceware.org>
To: glibc-bugs-regex@sourceware.org
Subject: [Bug regex/8] Quadratic behavior on regex with * at the beginning
Date: Wed, 10 Apr 2019 12:35:00 -0000
X-Bugzilla-Reason: CC
X-Bugzilla-Type: changed
X-Bugzilla-Watch-Reason: None
X-Bugzilla-Product: glibc
X-Bugzilla-Component: regex
X-Bugzilla-Version: unspecified
X-Bugzilla-Keywords:
X-Bugzilla-Severity: normal
X-Bugzilla-Who: fweimer at redhat dot com
X-Bugzilla-Status: RESOLVED
X-Bugzilla-Resolution: FIXED
X-Bugzilla-Priority: P2
X-Bugzilla-Assigned-To: bonzini at gnu dot org
X-Bugzilla-Target-Milestone: ---
X-Bugzilla-Flags: security+
X-Bugzilla-Changed-Fields: cc flagtypes.name
Message-ID: <bug-8-132-5q4nwhjqXn@http.sourceware.org/bugzilla/>
In-Reply-To: <bug-8-132@http.sourceware.org/bugzilla/>
References: <bug-8-132@http.sourceware.org/bugzilla/>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
X-Bugzilla-URL: http://sourceware.org/bugzilla/
Auto-Submitted: auto-generated
MIME-Version: 1.0
X-SW-Source: 2019-04/txt/msg00006.txt.bz2
Content-length: 452
https://sourceware.org/bugzilla/show_bug.cgi?id=8
Florian Weimer <fweimer at redhat dot com> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |fweimer at redhat dot com
Flags| |security+
--
You are receiving this mail because:
You are on the CC list for the bug.
>From glibc-bugs-regex-return-903-listarch-glibc-bugs-regex=sources.redhat.com@sourceware.org Wed Jun 05 08:30:41 2019
Return-Path: <glibc-bugs-regex-return-903-listarch-glibc-bugs-regex=sources.redhat.com@sourceware.org>
Delivered-To: listarch-glibc-bugs-regex@sources.redhat.com
Received: (qmail 108033 invoked by alias); 5 Jun 2019 08:30:39 -0000
Mailing-List: contact glibc-bugs-regex-help@sourceware.org; run by ezmlm
Precedence: bulk
List-Id: <glibc-bugs-regex.sourceware.org>
List-Subscribe: <mailto:glibc-bugs-regex-subscribe@sourceware.org>
List-Post: <mailto:glibc-bugs-regex@sourceware.org>
List-Help: <mailto:glibc-bugs-regex-help@sourceware.org>, <http://sourceware.org/lists.html#faqs>
Sender: glibc-bugs-regex-owner@sourceware.org
Delivered-To: mailing list glibc-bugs-regex@sourceware.org
Received: (qmail 107876 invoked by uid 89); 5 Jun 2019 08:30:26 -0000
Authentication-Results: sourceware.org; auth=none
X-Spam-SWARE-Status: No, score=0.8 required=5.0 testsºYES_50,HTML_MESSAGE autolearn=ham version=3.3.1 spammy=H*UA:102, H*M:sk:2019060, water, H*r:SMTPD32
X-HELO: medical.yhctech.com
Received: from Unknown (HELO medical.yhctech.com) (219.144.255.21) by sourceware.org (qpsmtpd/0.93/v0.84-503-g423c35a) with SMTP; Wed, 05 Jun 2019 08:30:22 +0000
Received: from PV-X00189185[127.0.0.1] by PV-X00189185[127.0.0.1] (SMTPD32); Wed, 5 Jun 2019 16:30:17 +0800
MIME-Version: 1.0
Date: Wed, 05 Jun 2019 08:30:00 -0000
From: "Sales26@medical.yhctech.com" <Sales26@medical.yhctech.com>
Subject: Re: Sophora Flavescens Extract Matrine & Oxyhmatrine
To: glibc-bugs-regex@sourceware.org
Reply-To: jiayoubareal@163.com
Message-ID: <2019060005163000160888@medical.yhctech.com>
In-Reply-To: <2019060005163000160888@medical.yhctech.com>
Content-Type: text/plain; charset="UTF-8"
Content-Disposition: inline
Content-Transfer-Encoding: Base64
X-SW-Source: 2019-06/txt/msg00000.txt.bz2
Content-length: 2237
SGkgZGVhciBmcmllbmQsDQpOaWNlIGRheSB0byB5b3UuDQpXZSBhcmUgYSBm
YWN0b3J5IG9mIFNvcGhvcmEgRmxhdmVzY2VucyBFeHRyYWN0LCBnbGFkIHRv
IGtub3cgeW91Lg0KS2luZGx5IHNlZSB3aGljaCBwdXJpdHkgbWVldCB5b3Vy
IG1hcmtldCBhbmQgZm9yIGhvdyBtYW55IHF1YW50aXR5Pw0KU28gdGhhdCB3
ZSBjYW4gYmFjayB5b3UgYmVzdCBvZmZlciB3aXRoIENPQSBhdCBvbmNlLg0K
UHJvZHVjdCBOYW1lOiBTb3Bob3JhIEZsYXZlc2NlbnMgRXh0cmFjdCANCkFj
dGl2ZSBJbmdyZWRpZW50czogTWF0cmluZSAmIE94eWhtYXRyaW5lDQpTcGVj
aWZpY2F0aW9uOiDiiaUgMC41JSwgNSUsIDEwJSwgMjAlLCA5MCUsIDk4JQ0K
VGVzdCBNZXRob2Q6IEhQTEMNCkFwcGVhcmFuY2U6IEJyb3duIHRvIFdoaXRl
IExpcXVpZCBvciBQb3dkZXINClNvbHViaWxpdHk6IE1hdHJpbmUgaXMgc29s
dWJsZSBpbiB3YXRlciwgYmVuemVuZSwgY2hsb3JvZm9ybSwgbWV0aGFub2ws
IGV0aGFub2wgYW5kIHNsaWdodGx5IHNvbHVibGUgaW4gcGV0cm9sZXVtIGV0
aGVyDQpBcHBsaWNhdGlvbnM6DQogICAgICAgIDEuIEJpb2xvZ2ljYWwgcGVz
dGljaWRlOiBNYXRyaW5lIGlzIGEgbmF0dXJhbCBwbGFudCAtIGRlcml2ZWQg
cGVzdGljaWRlIHdpdGggbG93IHRveGljaXR5IHRvIGh1bWFucyBhbmQgbGl2
ZXN0b2NrLkl0IGhhcyBvYnZpb3VzIGNvbnRyb2wgZWZmZWN0IG9uIHNsaW1l
IHdvcm0sIGdyZWVuIHZlZ2V0YWJsZSBpbnNlY3QsIGFwaGlkIGFuZCBzdGFy
c2NyZWFtLiAgICAgICAgMi4gQW50aWJhY3RlcmlhbCBnZWw6IFNvcGhvcmEg
ZmxhdmVzY2VudGlzIGx5ZSBzb2x1dGlvbiBoYXMgc2hvd24gaW5oaWJpdG9y
eSBlZmZlY3Qgb24gZXNjaGVyaWNoaWEgY29saSBhbmQgc3RhcGh5bG9jb2Nj
dXMgYXVyZXVzLiBJdCBoYXMgYW50aWJhY3RlcmlhbCBhbmQgYW50aS1pbmZs
YW1tYXRvcnkgZWZmZWN0IGluIGFudGliYWN0ZXJpYWwgZ2VsIGFuZCBpcyBv
ZnRlbiB1c2VkIGluIGd5bmVjb2xvZ2ljYWwgY2hyb25pYyBpbmZsYW1tYXRp
b24gc3VjaCBhcyBtb2xkIGluZmVjdGlvbi4gICAgICAgIDMuIGNvc21ldGlj
czogTWF0cmluZSBoYXMgdGhlIGZ1bmN0aW9uIG9mIGNsZWFyaW5nIGhlYXQg
YW5kIGRyeW5lc3MgYW5kIGRhbXBuZXNzIGFuZCBhbnRpLWluZmxhbW1hdG9y
eSwgc28gaXQgY2FuIGtpbGwgdGhlIGluc2VjdCBib3JuIGZyb20gZGFtcG5l
c3MgYW5kIGhlYXQuIEl0IGNhbiBiZSB1c2VkIGFzIGFudGliYWN0ZXJpYWwg
YWdlbnQsIGFudGktaW5mbGFtbWF0b3J5IGFnZW50IGFuZCBhY25lIHJlbW92
aW5nIHByb2R1Y3QgaW4gZGFpbHkgY2hlbWljYWwgcHJvZHVjdHMuDQpBbnkg
b3RoZXIgcXVlc3Rpb24sIGZyZWUgdG8gYXNrLg0KV2FpdGluZyBmb3IgeW91
ciBwcm9tcHQgcmVzcG9uZC4NClRoYW5rcyAmIEJlc3QgUmVnYXJkcyANCkFs
aWNlIExlZSAoU2FsZXMgRGlyZWN0b3IpIA0KKFVTRkRBICYgS0ZEQSBBcHBy
b3ZlZCkgDQpFLW1haWwgLyBTa3lwZTogc2FsZXNAeWhlcmJhbC5jb20gDQpN
b2JpbGU6ICs4Ni0xODA5MjU5MTMyOCANClFROiAzNDcxOTg2MTkyIA0KQWRk
LjogTm8uIDM0IFNvdXRoIEZlbmdodWkgUm9hZCwgWGknYW4gQ2l0eSA3MTAw
NzUsIFNoYWFueGkgUHJvdmluY2UsIENoaW5hLg0K
>From glibc-bugs-regex-return-904-listarch-glibc-bugs-regex=sources.redhat.com@sourceware.org Tue Jul 23 19:20:53 2019
Return-Path: <glibc-bugs-regex-return-904-listarch-glibc-bugs-regex=sources.redhat.com@sourceware.org>
Delivered-To: listarch-glibc-bugs-regex@sources.redhat.com
Received: (qmail 8598 invoked by alias); 23 Jul 2019 19:20:53 -0000
Mailing-List: contact glibc-bugs-regex-help@sourceware.org; run by ezmlm
Precedence: bulk
List-Id: <glibc-bugs-regex.sourceware.org>
List-Subscribe: <mailto:glibc-bugs-regex-subscribe@sourceware.org>
List-Post: <mailto:glibc-bugs-regex@sourceware.org>
List-Help: <mailto:glibc-bugs-regex-help@sourceware.org>, <http://sourceware.org/lists.html#faqs>
Sender: glibc-bugs-regex-owner@sourceware.org
Delivered-To: mailing list glibc-bugs-regex@sourceware.org
Received: (qmail 8560 invoked by uid 48); 23 Jul 2019 19:20:50 -0000
From: "eggert at cs dot ucla.edu" <sourceware-bugzilla@sourceware.org>
To: glibc-bugs-regex@sourceware.org
Subject: [Bug regex/24844] New: regex bad pointer / leakage if malloc fails
Date: Tue, 23 Jul 2019 19:20:00 -0000
X-Bugzilla-Reason: CC
X-Bugzilla-Type: new
X-Bugzilla-Watch-Reason: None
X-Bugzilla-Product: glibc
X-Bugzilla-Component: regex
X-Bugzilla-Version: 2.29
X-Bugzilla-Keywords:
X-Bugzilla-Severity: normal
X-Bugzilla-Who: eggert at cs dot ucla.edu
X-Bugzilla-Status: NEW
X-Bugzilla-Resolution:
X-Bugzilla-Priority: P2
X-Bugzilla-Assigned-To: unassigned at sourceware dot org
X-Bugzilla-Target-Milestone: ---
X-Bugzilla-Flags:
X-Bugzilla-Changed-Fields: bug_id short_desc product version bug_status bug_severity priority component assigned_to reporter cc target_milestone attachments.created
Message-ID: <bug-24844-132@http.sourceware.org/bugzilla/>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
X-Bugzilla-URL: http://sourceware.org/bugzilla/
Auto-Submitted: auto-generated
MIME-Version: 1.0
X-SW-Source: 2019-07/txt/msg00000.txt.bz2
Content-length: 962
https://sourceware.org/bugzilla/show_bug.cgi?id=24844
Bug ID: 24844
Summary: regex bad pointer / leakage if malloc fails
Product: glibc
Version: 2.29
Status: NEW
Severity: normal
Priority: P2
Component: regex
Assignee: unassigned at sourceware dot org
Reporter: eggert at cs dot ucla.edu
CC: drepper.fsp at gmail dot com
Target Milestone: ---
Created attachment 11919
--> https://sourceware.org/bugzilla/attachment.cgi?id=11919&action=edit
Patch for bad pointer / leak in regex_internal.c
regex_internal.c mistreats malloc failures in a couple of places. In one, it
dereferences the resulting NULL pointer; in the other, it leaks another block
of memory when an malloc fails. The latter problem was found by Coverity.
Proposed patch attached.
--
You are receiving this mail because:
You are on the CC list for the bug.
>From glibc-bugs-regex-return-905-listarch-glibc-bugs-regex=sources.redhat.com@sourceware.org Tue Jul 23 19:29:27 2019
Return-Path: <glibc-bugs-regex-return-905-listarch-glibc-bugs-regex=sources.redhat.com@sourceware.org>
Delivered-To: listarch-glibc-bugs-regex@sources.redhat.com
Received: (qmail 17303 invoked by alias); 23 Jul 2019 19:29:27 -0000
Mailing-List: contact glibc-bugs-regex-help@sourceware.org; run by ezmlm
Precedence: bulk
List-Id: <glibc-bugs-regex.sourceware.org>
List-Subscribe: <mailto:glibc-bugs-regex-subscribe@sourceware.org>
List-Post: <mailto:glibc-bugs-regex@sourceware.org>
List-Help: <mailto:glibc-bugs-regex-help@sourceware.org>, <http://sourceware.org/lists.html#faqs>
Sender: glibc-bugs-regex-owner@sourceware.org
Delivered-To: mailing list glibc-bugs-regex@sourceware.org
Received: (qmail 17271 invoked by uid 48); 23 Jul 2019 19:29:24 -0000
From: "carlos at redhat dot com" <sourceware-bugzilla@sourceware.org>
To: glibc-bugs-regex@sourceware.org
Subject: [Bug regex/24844] regex bad pointer / leakage if malloc fails
Date: Tue, 23 Jul 2019 19:29:00 -0000
X-Bugzilla-Reason: CC
X-Bugzilla-Type: changed
X-Bugzilla-Watch-Reason: None
X-Bugzilla-Product: glibc
X-Bugzilla-Component: regex
X-Bugzilla-Version: 2.29
X-Bugzilla-Keywords:
X-Bugzilla-Severity: normal
X-Bugzilla-Who: carlos at redhat dot com
X-Bugzilla-Status: NEW
X-Bugzilla-Resolution:
X-Bugzilla-Priority: P2
X-Bugzilla-Assigned-To: unassigned at sourceware dot org
X-Bugzilla-Target-Milestone: ---
X-Bugzilla-Flags:
X-Bugzilla-Changed-Fields: cc
Message-ID: <bug-24844-132-ILot4aJL4I@http.sourceware.org/bugzilla/>
In-Reply-To: <bug-24844-132@http.sourceware.org/bugzilla/>
References: <bug-24844-132@http.sourceware.org/bugzilla/>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
X-Bugzilla-URL: http://sourceware.org/bugzilla/
Auto-Submitted: auto-generated
MIME-Version: 1.0
X-SW-Source: 2019-07/txt/msg00001.txt.bz2
Content-length: 929
https://sourceware.org/bugzilla/show_bug.cgi?id=24844
Carlos O'Donell <carlos at redhat dot com> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |carlos at redhat dot com
--- Comment #1 from Carlos O'Donell <carlos at redhat dot com> ---
(In reply to eggert from comment #0)
> Created attachment 11919 [details]
> Patch for bad pointer / leak in regex_internal.c
>
> regex_internal.c mistreats malloc failures in a couple of places. In one, it
> dereferences the resulting NULL pointer; in the other, it leaks another
> block of memory when an malloc fails. The latter problem was found by
> Coverity. Proposed patch attached.
Please post to libc-alpha if you think this should be fixed for 2.30.
--
You are receiving this mail because:
You are on the CC list for the bug.
>From glibc-bugs-regex-return-906-listarch-glibc-bugs-regex=sources.redhat.com@sourceware.org Thu Aug 15 21:37:01 2019
Return-Path: <glibc-bugs-regex-return-906-listarch-glibc-bugs-regex=sources.redhat.com@sourceware.org>
Delivered-To: listarch-glibc-bugs-regex@sources.redhat.com
Received: (qmail 88253 invoked by alias); 15 Aug 2019 21:37:00 -0000
Mailing-List: contact glibc-bugs-regex-help@sourceware.org; run by ezmlm
Precedence: bulk
List-Id: <glibc-bugs-regex.sourceware.org>
List-Subscribe: <mailto:glibc-bugs-regex-subscribe@sourceware.org>
List-Post: <mailto:glibc-bugs-regex@sourceware.org>
List-Help: <mailto:glibc-bugs-regex-help@sourceware.org>, <http://sourceware.org/lists.html#faqs>
Sender: glibc-bugs-regex-owner@sourceware.org
Delivered-To: mailing list glibc-bugs-regex@sourceware.org
Received: (qmail 88205 invoked by uid 48); 15 Aug 2019 21:36:56 -0000
From: "aurelien at aurel32 dot net" <sourceware-bugzilla@sourceware.org>
To: glibc-bugs-regex@sourceware.org
Subject: [Bug regex/23393] Handle [a-z] and [A-Z] in consistent portable fashion regardless of locale.
Date: Thu, 15 Aug 2019 21:37:00 -0000
X-Bugzilla-Reason: CC
X-Bugzilla-Type: changed
X-Bugzilla-Watch-Reason: None
X-Bugzilla-Product: glibc
X-Bugzilla-Component: regex
X-Bugzilla-Version: 2.28
X-Bugzilla-Keywords:
X-Bugzilla-Severity: normal
X-Bugzilla-Who: aurelien at aurel32 dot net
X-Bugzilla-Status: NEW
X-Bugzilla-Resolution:
X-Bugzilla-Priority: P2
X-Bugzilla-Assigned-To: carlos at redhat dot com
X-Bugzilla-Target-Milestone: ---
X-Bugzilla-Flags: security-
X-Bugzilla-Changed-Fields: cc
Message-ID: <bug-23393-132-fce6zdL9sg@http.sourceware.org/bugzilla/>
In-Reply-To: <bug-23393-132@http.sourceware.org/bugzilla/>
References: <bug-23393-132@http.sourceware.org/bugzilla/>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
X-Bugzilla-URL: http://sourceware.org/bugzilla/
Auto-Submitted: auto-generated
MIME-Version: 1.0
X-SW-Source: 2019-08/txt/msg00000.txt.bz2
Content-length: 1044
https://sourceware.org/bugzilla/show_bug.cgi?id=23393
Aurelien Jarno <aurelien at aurel32 dot net> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |aurelien at aurel32 dot net
--- Comment #40 from Aurelien Jarno <aurelien at aurel32 dot net> ---
(In reply to Carlos O'Donell from comment #35)
> As a temprary measure I have committed the deinterleaving of upper and lower
> cases in iso14651_t1_common for glibc 2.28 to fix the surprises caused to
> en_US.UTF-8 users who do not want to have [a-z] match A-Y.
>
> This fixes the regression for 2.28, but doesn't fix this issue.
There is a user report [1] that shows that the cyrillic ranges are also
affected by the iso14651_t1_common update. The deinterleaving changes only fix
the latin ranges.
[1] https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=926906
--
You are receiving this mail because:
You are on the CC list for the bug.
>From glibc-bugs-regex-return-907-listarch-glibc-bugs-regex=sources.redhat.com@sourceware.org Mon Aug 19 14:27:26 2019
Return-Path: <glibc-bugs-regex-return-907-listarch-glibc-bugs-regex=sources.redhat.com@sourceware.org>
Delivered-To: listarch-glibc-bugs-regex@sources.redhat.com
Received: (qmail 51428 invoked by alias); 19 Aug 2019 14:27:26 -0000
Mailing-List: contact glibc-bugs-regex-help@sourceware.org; run by ezmlm
Precedence: bulk
List-Id: <glibc-bugs-regex.sourceware.org>
List-Subscribe: <mailto:glibc-bugs-regex-subscribe@sourceware.org>
List-Post: <mailto:glibc-bugs-regex@sourceware.org>
List-Help: <mailto:glibc-bugs-regex-help@sourceware.org>, <http://sourceware.org/lists.html#faqs>
Sender: glibc-bugs-regex-owner@sourceware.org
Delivered-To: mailing list glibc-bugs-regex@sourceware.org
Received: (qmail 51178 invoked by uid 48); 19 Aug 2019 14:27:21 -0000
From: "carlos at redhat dot com" <sourceware-bugzilla@sourceware.org>
To: glibc-bugs-regex@sourceware.org
Subject: [Bug regex/23393] Handle [a-z] and [A-Z] in consistent portable fashion regardless of locale.
Date: Mon, 19 Aug 2019 14:27:00 -0000
X-Bugzilla-Reason: CC
X-Bugzilla-Type: changed
X-Bugzilla-Watch-Reason: None
X-Bugzilla-Product: glibc
X-Bugzilla-Component: regex
X-Bugzilla-Version: 2.28
X-Bugzilla-Keywords:
X-Bugzilla-Severity: normal
X-Bugzilla-Who: carlos at redhat dot com
X-Bugzilla-Status: NEW
X-Bugzilla-Resolution:
X-Bugzilla-Priority: P2
X-Bugzilla-Assigned-To: carlos at redhat dot com
X-Bugzilla-Target-Milestone: ---
X-Bugzilla-Flags: security-
X-Bugzilla-Changed-Fields:
Message-ID: <bug-23393-132-OjMdIUp4ua@http.sourceware.org/bugzilla/>
In-Reply-To: <bug-23393-132@http.sourceware.org/bugzilla/>
References: <bug-23393-132@http.sourceware.org/bugzilla/>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
X-Bugzilla-URL: http://sourceware.org/bugzilla/
Auto-Submitted: auto-generated
MIME-Version: 1.0
X-SW-Source: 2019-08/txt/msg00001.txt.bz2
Content-length: 1986
https://sourceware.org/bugzilla/show_bug.cgi?id=23393
--- Comment #41 from Carlos O'Donell <carlos at redhat dot com> ---
(In reply to Aurelien Jarno from comment #40)
> (In reply to Carlos O'Donell from comment #35)
> > As a temprary measure I have committed the deinterleaving of upper and lower
> > cases in iso14651_t1_common for glibc 2.28 to fix the surprises caused to
> > en_US.UTF-8 users who do not want to have [a-z] match A-Y.
> >
> > This fixes the regression for 2.28, but doesn't fix this issue.
>
> There is a user report [1] that shows that the cyrillic ranges are also
> affected by the iso14651_t1_common update. The deinterleaving changes only
> fix the latin ranges.
>
> [1] https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=926906
This user is expecting the range to be made up of collation ordering, and that
expectation is not valid. The range in any non-POSIX/C locale is undefined.
Therefore the bug you reference is not a bug, but it's still difficult for
users to use ranges without problems, and that makes them relatively useless
and we'd like to fix that. The plan is to fix this with rational ranges that
use UTF-8 code-point ordering for all ranges.
The deinterleaving for LATIN is consciously to fix only the ASCII ranges and
fix POSIC/C ranges. All other ranges are undefined. If we deinterlace non-LATIN
ranges we'd have to duplicate all the data into the individual locales and list
them in collation order (so collation order matches collation element
ordering). Such a change would be quite drastic, and still not solve the
problem of having collation changes change range expressions. It also wouldn't
solve the broader problem that everyone still expects [a-z] to work all the
time (code-point ordering).
I would close your debian bug as an unsupported configuration for ranges, but
point out that we are trying to make this better.
--
You are receiving this mail because:
You are on the CC list for the bug.
>From glibc-bugs-regex-return-908-listarch-glibc-bugs-regex=sources.redhat.com@sourceware.org Wed Aug 21 18:05:24 2019
Return-Path: <glibc-bugs-regex-return-908-listarch-glibc-bugs-regex=sources.redhat.com@sourceware.org>
Delivered-To: listarch-glibc-bugs-regex@sources.redhat.com
Received: (qmail 126586 invoked by alias); 21 Aug 2019 18:05:24 -0000
Mailing-List: contact glibc-bugs-regex-help@sourceware.org; run by ezmlm
Precedence: bulk
List-Id: <glibc-bugs-regex.sourceware.org>
List-Subscribe: <mailto:glibc-bugs-regex-subscribe@sourceware.org>
List-Post: <mailto:glibc-bugs-regex@sourceware.org>
List-Help: <mailto:glibc-bugs-regex-help@sourceware.org>, <http://sourceware.org/lists.html#faqs>
Sender: glibc-bugs-regex-owner@sourceware.org
Delivered-To: mailing list glibc-bugs-regex@sourceware.org
Received: (qmail 126492 invoked by uid 48); 21 Aug 2019 18:05:20 -0000
From: "eggert at cs dot ucla.edu" <sourceware-bugzilla@sourceware.org>
To: glibc-bugs-regex@sourceware.org
Subject: [Bug regex/24844] regex bad pointer / leakage if malloc fails
Date: Wed, 21 Aug 2019 18:05:00 -0000
X-Bugzilla-Reason: CC
X-Bugzilla-Type: changed
X-Bugzilla-Watch-Reason: None
X-Bugzilla-Product: glibc
X-Bugzilla-Component: regex
X-Bugzilla-Version: 2.29
X-Bugzilla-Keywords:
X-Bugzilla-Severity: normal
X-Bugzilla-Who: eggert at cs dot ucla.edu
X-Bugzilla-Status: RESOLVED
X-Bugzilla-Resolution: FIXED
X-Bugzilla-Priority: P2
X-Bugzilla-Assigned-To: unassigned at sourceware dot org
X-Bugzilla-Target-Milestone: 2.31
X-Bugzilla-Flags:
X-Bugzilla-Changed-Fields: bug_status resolution target_milestone
Message-ID: <bug-24844-132-Z2CIgiMHVq@http.sourceware.org/bugzilla/>
In-Reply-To: <bug-24844-132@http.sourceware.org/bugzilla/>
References: <bug-24844-132@http.sourceware.org/bugzilla/>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
X-Bugzilla-URL: http://sourceware.org/bugzilla/
Auto-Submitted: auto-generated
MIME-Version: 1.0
X-SW-Source: 2019-08/txt/msg00002.txt.bz2
Content-length: 576
https://sourceware.org/bugzilla/show_bug.cgi?id=24844
eggert at cs dot ucla.edu changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|NEW |RESOLVED
Resolution|--- |FIXED
Target Milestone|--- |2.31
--- Comment #2 from eggert at cs dot ucla.edu ---
I installed the patch and am closing the bug report.
--
You are receiving this mail because:
You are on the CC list for the bug.
>From glibc-bugs-regex-return-909-listarch-glibc-bugs-regex=sources.redhat.com@sourceware.org Wed Oct 30 09:32:05 2019
Return-Path: <glibc-bugs-regex-return-909-listarch-glibc-bugs-regex=sources.redhat.com@sourceware.org>
Delivered-To: listarch-glibc-bugs-regex@sources.redhat.com
Received: (qmail 41469 invoked by alias); 30 Oct 2019 09:32:04 -0000
Mailing-List: contact glibc-bugs-regex-help@sourceware.org; run by ezmlm
Precedence: bulk
List-Id: <glibc-bugs-regex.sourceware.org>
List-Subscribe: <mailto:glibc-bugs-regex-subscribe@sourceware.org>
List-Post: <mailto:glibc-bugs-regex@sourceware.org>
List-Help: <mailto:glibc-bugs-regex-help@sourceware.org>, <http://sourceware.org/lists.html#faqs>
Sender: glibc-bugs-regex-owner@sourceware.org
Delivered-To: mailing list glibc-bugs-regex@sourceware.org
Received: (qmail 39725 invoked by uid 48); 30 Oct 2019 09:32:00 -0000
From: "schwab@linux-m68k.org" <sourceware-bugzilla@sourceware.org>
To: glibc-bugs-regex@sourceware.org
Subject: [Bug regex/25149] New: Array bounds violation in proceed_next_node
Date: Wed, 30 Oct 2019 09:32:00 -0000
X-Bugzilla-Reason: CC
X-Bugzilla-Type: new
X-Bugzilla-Watch-Reason: None
X-Bugzilla-Product: glibc
X-Bugzilla-Component: regex
X-Bugzilla-Version: 2.30
X-Bugzilla-Keywords:
X-Bugzilla-Severity: normal
X-Bugzilla-Who: schwab@linux-m68k.org
X-Bugzilla-Status: NEW
X-Bugzilla-Resolution:
X-Bugzilla-Priority: P2
X-Bugzilla-Assigned-To: unassigned at sourceware dot org
X-Bugzilla-Target-Milestone: ---
X-Bugzilla-Flags:
X-Bugzilla-Changed-Fields: bug_id short_desc product version bug_status bug_severity priority component assigned_to reporter cc target_milestone
Message-ID: <bug-25149-132@http.sourceware.org/bugzilla/>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
X-Bugzilla-URL: http://sourceware.org/bugzilla/
Auto-Submitted: auto-generated
MIME-Version: 1.0
X-SW-Source: 2019-10/txt/msg00000.txt.bz2
Content-length: 1071
https://sourceware.org/bugzilla/show_bug.cgi?id=25149
Bug ID: 25149
Summary: Array bounds violation in proceed_next_node
Product: glibc
Version: 2.30
Status: NEW
Severity: normal
Priority: P2
Component: regex
Assignee: unassigned at sourceware dot org
Reporter: schwab@linux-m68k.org
CC: drepper.fsp at gmail dot com
Target Milestone: ---
If the regex has more subexpressions than the number of elements allocated in
the regmatch_t array passed to regexec then proceed_next_node may access the
regmatch_t array outside its bounds.
#include <regex.h>
int
main (void)
{
regex_t rx;
regmatch_t rm[4];
int err;
err = regcomp (&rx,
"^(.?)(.?)(.?)(.?)(.?)(.?)(.?)(.?)(.?).?\\9\\8\\7\\6\\5\\4\\3\\2\\1$",
REG_EXTENDED);
if (err == REG_NOERROR)
err = regexec (&rx, "1234", sizeof (rm) / sizeof (rm[0]), rm, 0);
return err != REG_NOMATCH;
}
--
You are receiving this mail because:
You are on the CC list for the bug.
>From glibc-bugs-regex-return-910-listarch-glibc-bugs-regex=sources.redhat.com@sourceware.org Mon Nov 11 10:08:28 2019
Return-Path: <glibc-bugs-regex-return-910-listarch-glibc-bugs-regex=sources.redhat.com@sourceware.org>
Delivered-To: listarch-glibc-bugs-regex@sources.redhat.com
Received: (qmail 116531 invoked by alias); 11 Nov 2019 10:08:28 -0000
Mailing-List: contact glibc-bugs-regex-help@sourceware.org; run by ezmlm
Precedence: bulk
List-Id: <glibc-bugs-regex.sourceware.org>
List-Subscribe: <mailto:glibc-bugs-regex-subscribe@sourceware.org>
List-Post: <mailto:glibc-bugs-regex@sourceware.org>
List-Help: <mailto:glibc-bugs-regex-help@sourceware.org>, <http://sourceware.org/lists.html#faqs>
Sender: glibc-bugs-regex-owner@sourceware.org
Delivered-To: mailing list glibc-bugs-regex@sourceware.org
Received: (qmail 116224 invoked by uid 48); 11 Nov 2019 10:08:21 -0000
From: "fweimer at redhat dot com" <sourceware-bugzilla@sourceware.org>
To: glibc-bugs-regex@sourceware.org
Subject: [Bug regex/25149] Array bounds violation in proceed_next_node
Date: Mon, 11 Nov 2019 10:08:00 -0000
X-Bugzilla-Reason: CC
X-Bugzilla-Type: changed
X-Bugzilla-Watch-Reason: None
X-Bugzilla-Product: glibc
X-Bugzilla-Component: regex
X-Bugzilla-Version: 2.30
X-Bugzilla-Keywords:
X-Bugzilla-Severity: normal
X-Bugzilla-Who: fweimer at redhat dot com
X-Bugzilla-Status: NEW
X-Bugzilla-Resolution:
X-Bugzilla-Priority: P2
X-Bugzilla-Assigned-To: unassigned at sourceware dot org
X-Bugzilla-Target-Milestone: ---
X-Bugzilla-Flags:
X-Bugzilla-Changed-Fields: cc
Message-ID: <bug-25149-132-X7jhlPsLKp@http.sourceware.org/bugzilla/>
In-Reply-To: <bug-25149-132@http.sourceware.org/bugzilla/>
References: <bug-25149-132@http.sourceware.org/bugzilla/>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
X-Bugzilla-URL: http://sourceware.org/bugzilla/
Auto-Submitted: auto-generated
MIME-Version: 1.0
X-SW-Source: 2019-11/txt/msg00000.txt.bz2
Content-length: 397
https://sourceware.org/bugzilla/show_bug.cgi?id=25149
Florian Weimer <fweimer at redhat dot com> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |fweimer at redhat dot com
--
You are receiving this mail because:
You are on the CC list for the bug.
>From glibc-bugs-regex-return-912-listarch-glibc-bugs-regex=sources.redhat.com@sourceware.org Mon Nov 11 11:27:17 2019
Return-Path: <glibc-bugs-regex-return-912-listarch-glibc-bugs-regex=sources.redhat.com@sourceware.org>
Delivered-To: listarch-glibc-bugs-regex@sources.redhat.com
Received: (qmail 85947 invoked by alias); 11 Nov 2019 11:27:17 -0000
Mailing-List: contact glibc-bugs-regex-help@sourceware.org; run by ezmlm
Precedence: bulk
List-Id: <glibc-bugs-regex.sourceware.org>
List-Subscribe: <mailto:glibc-bugs-regex-subscribe@sourceware.org>
List-Post: <mailto:glibc-bugs-regex@sourceware.org>
List-Help: <mailto:glibc-bugs-regex-help@sourceware.org>, <http://sourceware.org/lists.html#faqs>
Sender: glibc-bugs-regex-owner@sourceware.org
Delivered-To: mailing list glibc-bugs-regex@sourceware.org
Received: (qmail 85821 invoked by uid 55); 11 Nov 2019 11:27:13 -0000
From: "cvs-commit at gcc dot gnu.org" <sourceware-bugzilla@sourceware.org>
To: glibc-bugs-regex@sourceware.org
Subject: [Bug regex/25149] Array bounds violation in proceed_next_node
Date: Mon, 11 Nov 2019 11:27:00 -0000
X-Bugzilla-Reason: CC
X-Bugzilla-Type: changed
X-Bugzilla-Watch-Reason: None
X-Bugzilla-Product: glibc
X-Bugzilla-Component: regex
X-Bugzilla-Version: 2.30
X-Bugzilla-Keywords:
X-Bugzilla-Severity: normal
X-Bugzilla-Who: cvs-commit at gcc dot gnu.org
X-Bugzilla-Status: NEW
X-Bugzilla-Resolution:
X-Bugzilla-Priority: P2
X-Bugzilla-Assigned-To: unassigned at sourceware dot org
X-Bugzilla-Target-Milestone: ---
X-Bugzilla-Flags:
X-Bugzilla-Changed-Fields:
Message-ID: <bug-25149-132-w9DIr3cwuv@http.sourceware.org/bugzilla/>
In-Reply-To: <bug-25149-132@http.sourceware.org/bugzilla/>
References: <bug-25149-132@http.sourceware.org/bugzilla/>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
X-Bugzilla-URL: http://sourceware.org/bugzilla/
Auto-Submitted: auto-generated
MIME-Version: 1.0
X-SW-Source: 2019-11/txt/msg00002.txt.bz2
Content-length: 916
https://sourceware.org/bugzilla/show_bug.cgi?id=25149
--- Comment #1 from cvs-commit at gcc dot gnu.org <cvs-commit at gcc dot gnu.org> ---
The master branch has been updated by Andreas Schwab <schwab@sourceware.org>:
https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=fc141ea78ee3d87c67b18488827fe2d89c9343e7
commit fc141ea78ee3d87c67b18488827fe2d89c9343e7
Author: Andreas Schwab <schwab@suse.de>
Date: Wed Oct 30 10:38:36 2019 +0100
Fix array bounds violation in regex matcher (bug 25149)
If the regex has more subexpressions than the number of elements allocated
in the regmatch_t array passed to regexec then proceed_next_node may
access the regmatch_t array outside its bounds.
No testcase added because even without this bug it would then crash in
pop_fail_stack which is bug 11053.
--
You are receiving this mail because:
You are on the CC list for the bug.
>From glibc-bugs-regex-return-911-listarch-glibc-bugs-regex=sources.redhat.com@sourceware.org Mon Nov 11 11:27:17 2019
Return-Path: <glibc-bugs-regex-return-911-listarch-glibc-bugs-regex=sources.redhat.com@sourceware.org>
Delivered-To: listarch-glibc-bugs-regex@sources.redhat.com
Received: (qmail 85937 invoked by alias); 11 Nov 2019 11:27:17 -0000
Mailing-List: contact glibc-bugs-regex-help@sourceware.org; run by ezmlm
Precedence: bulk
List-Id: <glibc-bugs-regex.sourceware.org>
List-Subscribe: <mailto:glibc-bugs-regex-subscribe@sourceware.org>
List-Post: <mailto:glibc-bugs-regex@sourceware.org>
List-Help: <mailto:glibc-bugs-regex-help@sourceware.org>, <http://sourceware.org/lists.html#faqs>
Sender: glibc-bugs-regex-owner@sourceware.org
Delivered-To: mailing list glibc-bugs-regex@sourceware.org
Received: (qmail 85823 invoked by uid 55); 11 Nov 2019 11:27:13 -0000
From: "cvs-commit at gcc dot gnu.org" <sourceware-bugzilla@sourceware.org>
To: glibc-bugs-regex@sourceware.org
Subject: [Bug regex/11053] Wrong results with backreferences
Date: Mon, 11 Nov 2019 11:27:00 -0000
X-Bugzilla-Reason: CC
X-Bugzilla-Type: changed
X-Bugzilla-Watch-Reason: None
X-Bugzilla-Product: glibc
X-Bugzilla-Component: regex
X-Bugzilla-Version: 2.11
X-Bugzilla-Keywords:
X-Bugzilla-Severity: normal
X-Bugzilla-Who: cvs-commit at gcc dot gnu.org
X-Bugzilla-Status: ASSIGNED
X-Bugzilla-Resolution:
X-Bugzilla-Priority: P2
X-Bugzilla-Assigned-To: bonzini at gnu dot org
X-Bugzilla-Target-Milestone: ---
X-Bugzilla-Flags: security+
X-Bugzilla-Changed-Fields:
Message-ID: <bug-11053-132-DEr9UHdUHk@http.sourceware.org/bugzilla/>
In-Reply-To: <bug-11053-132@http.sourceware.org/bugzilla/>
References: <bug-11053-132@http.sourceware.org/bugzilla/>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
X-Bugzilla-URL: http://sourceware.org/bugzilla/
Auto-Submitted: auto-generated
MIME-Version: 1.0
X-SW-Source: 2019-11/txt/msg00001.txt.bz2
Content-length: 916
https://sourceware.org/bugzilla/show_bug.cgi?id=11053
--- Comment #9 from cvs-commit at gcc dot gnu.org <cvs-commit at gcc dot gnu.org> ---
The master branch has been updated by Andreas Schwab <schwab@sourceware.org>:
https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=fc141ea78ee3d87c67b18488827fe2d89c9343e7
commit fc141ea78ee3d87c67b18488827fe2d89c9343e7
Author: Andreas Schwab <schwab@suse.de>
Date: Wed Oct 30 10:38:36 2019 +0100
Fix array bounds violation in regex matcher (bug 25149)
If the regex has more subexpressions than the number of elements allocated
in the regmatch_t array passed to regexec then proceed_next_node may
access the regmatch_t array outside its bounds.
No testcase added because even without this bug it would then crash in
pop_fail_stack which is bug 11053.
--
You are receiving this mail because:
You are on the CC list for the bug.
>From glibc-bugs-regex-return-915-listarch-glibc-bugs-regex=sources.redhat.com@sourceware.org Mon Nov 11 11:49:50 2019
Return-Path: <glibc-bugs-regex-return-915-listarch-glibc-bugs-regex=sources.redhat.com@sourceware.org>
Delivered-To: listarch-glibc-bugs-regex@sources.redhat.com
Received: (qmail 120921 invoked by alias); 11 Nov 2019 11:49:50 -0000
Mailing-List: contact glibc-bugs-regex-help@sourceware.org; run by ezmlm
Precedence: bulk
List-Id: <glibc-bugs-regex.sourceware.org>
List-Subscribe: <mailto:glibc-bugs-regex-subscribe@sourceware.org>
List-Post: <mailto:glibc-bugs-regex@sourceware.org>
List-Help: <mailto:glibc-bugs-regex-help@sourceware.org>, <http://sourceware.org/lists.html#faqs>
Sender: glibc-bugs-regex-owner@sourceware.org
Delivered-To: mailing list glibc-bugs-regex@sourceware.org
Received: (qmail 120582 invoked by uid 48); 11 Nov 2019 11:49:46 -0000
From: "schwab@linux-m68k.org" <sourceware-bugzilla@sourceware.org>
To: glibc-bugs-regex@sourceware.org
Subject: [Bug regex/11053] Wrong results with backreferences
Date: Mon, 11 Nov 2019 11:49:00 -0000
X-Bugzilla-Reason: CC
X-Bugzilla-Type: changed
X-Bugzilla-Watch-Reason: None
X-Bugzilla-Product: glibc
X-Bugzilla-Component: regex
X-Bugzilla-Version: 2.11
X-Bugzilla-Keywords:
X-Bugzilla-Severity: normal
X-Bugzilla-Who: schwab@linux-m68k.org
X-Bugzilla-Status: ASSIGNED
X-Bugzilla-Resolution:
X-Bugzilla-Priority: P2
X-Bugzilla-Assigned-To: bonzini at gnu dot org
X-Bugzilla-Target-Milestone: ---
X-Bugzilla-Flags: security+
X-Bugzilla-Changed-Fields: dependson
Message-ID: <bug-11053-132-s20TGyPeVl@http.sourceware.org/bugzilla/>
In-Reply-To: <bug-11053-132@http.sourceware.org/bugzilla/>
References: <bug-11053-132@http.sourceware.org/bugzilla/>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
X-Bugzilla-URL: http://sourceware.org/bugzilla/
Auto-Submitted: auto-generated
MIME-Version: 1.0
X-SW-Source: 2019-11/txt/msg00004.txt.bz2
Content-length: 504
https://sourceware.org/bugzilla/show_bug.cgi?id=11053
Andreas Schwab <schwab@linux-m68k.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Depends on| |25149
Referenced Bugs:
https://sourceware.org/bugzilla/show_bug.cgi?id=25149
[Bug 25149] Array bounds violation in proceed_next_node
--
You are receiving this mail because:
You are on the CC list for the bug.
>From glibc-bugs-regex-return-914-listarch-glibc-bugs-regex=sources.redhat.com@sourceware.org Mon Nov 11 11:49:50 2019
Return-Path: <glibc-bugs-regex-return-914-listarch-glibc-bugs-regex=sources.redhat.com@sourceware.org>
Delivered-To: listarch-glibc-bugs-regex@sources.redhat.com
Received: (qmail 120811 invoked by alias); 11 Nov 2019 11:49:49 -0000
Mailing-List: contact glibc-bugs-regex-help@sourceware.org; run by ezmlm
Precedence: bulk
List-Id: <glibc-bugs-regex.sourceware.org>
List-Subscribe: <mailto:glibc-bugs-regex-subscribe@sourceware.org>
List-Post: <mailto:glibc-bugs-regex@sourceware.org>
List-Help: <mailto:glibc-bugs-regex-help@sourceware.org>, <http://sourceware.org/lists.html#faqs>
Sender: glibc-bugs-regex-owner@sourceware.org
Delivered-To: mailing list glibc-bugs-regex@sourceware.org
Received: (qmail 120549 invoked by uid 48); 11 Nov 2019 11:49:45 -0000
From: "schwab@linux-m68k.org" <sourceware-bugzilla@sourceware.org>
To: glibc-bugs-regex@sourceware.org
Subject: [Bug regex/11053] Wrong results with backreferences
Date: Mon, 11 Nov 2019 11:49:00 -0000
X-Bugzilla-Reason: CC
X-Bugzilla-Type: dep_changed
X-Bugzilla-Watch-Reason: None
X-Bugzilla-Product: glibc
X-Bugzilla-Component: regex
X-Bugzilla-Version: 2.11
X-Bugzilla-Keywords:
X-Bugzilla-Severity: normal
X-Bugzilla-Who: schwab@linux-m68k.org
X-Bugzilla-Status: ASSIGNED
X-Bugzilla-Resolution:
X-Bugzilla-Priority: P2
X-Bugzilla-Assigned-To: bonzini at gnu dot org
X-Bugzilla-Target-Milestone: ---
X-Bugzilla-Flags: security+
X-Bugzilla-Changed-Fields: bug_status resolution
Message-ID: <bug-11053-132-hJG1OZ979q@http.sourceware.org/bugzilla/>
In-Reply-To: <bug-11053-132@http.sourceware.org/bugzilla/>
References: <bug-11053-132@http.sourceware.org/bugzilla/>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
X-Bugzilla-URL: http://sourceware.org/bugzilla/
Auto-Submitted: auto-generated
MIME-Version: 1.0
X-SW-Source: 2019-11/txt/msg00005.txt.bz2
Content-length: 555
https://sourceware.org/bugzilla/show_bug.cgi?id=11053
Bug 11053 depends on bug 25149, which changed state.
Bug 25149 Summary: Array bounds violation in proceed_next_node
https://sourceware.org/bugzilla/show_bug.cgi?id=25149
What |Removed |Added
----------------------------------------------------------------------------
Status|NEW |RESOLVED
Resolution|--- |FIXED
--
You are receiving this mail because:
You are on the CC list for the bug.
>From glibc-bugs-regex-return-913-listarch-glibc-bugs-regex=sources.redhat.com@sourceware.org Mon Nov 11 11:49:49 2019
Return-Path: <glibc-bugs-regex-return-913-listarch-glibc-bugs-regex=sources.redhat.com@sourceware.org>
Delivered-To: listarch-glibc-bugs-regex@sources.redhat.com
Received: (qmail 120637 invoked by alias); 11 Nov 2019 11:49:49 -0000
Mailing-List: contact glibc-bugs-regex-help@sourceware.org; run by ezmlm
Precedence: bulk
List-Id: <glibc-bugs-regex.sourceware.org>
List-Subscribe: <mailto:glibc-bugs-regex-subscribe@sourceware.org>
List-Post: <mailto:glibc-bugs-regex@sourceware.org>
List-Help: <mailto:glibc-bugs-regex-help@sourceware.org>, <http://sourceware.org/lists.html#faqs>
Sender: glibc-bugs-regex-owner@sourceware.org
Delivered-To: mailing list glibc-bugs-regex@sourceware.org
Received: (qmail 120527 invoked by uid 48); 11 Nov 2019 11:49:45 -0000
From: "schwab@linux-m68k.org" <sourceware-bugzilla@sourceware.org>
To: glibc-bugs-regex@sourceware.org
Subject: [Bug regex/25149] Array bounds violation in proceed_next_node
Date: Mon, 11 Nov 2019 11:49:00 -0000
X-Bugzilla-Reason: CC
X-Bugzilla-Type: changed
X-Bugzilla-Watch-Reason: None
X-Bugzilla-Product: glibc
X-Bugzilla-Component: regex
X-Bugzilla-Version: 2.30
X-Bugzilla-Keywords:
X-Bugzilla-Severity: normal
X-Bugzilla-Who: schwab@linux-m68k.org
X-Bugzilla-Status: RESOLVED
X-Bugzilla-Resolution: FIXED
X-Bugzilla-Priority: P2
X-Bugzilla-Assigned-To: unassigned at sourceware dot org
X-Bugzilla-Target-Milestone: 2.31
X-Bugzilla-Flags:
X-Bugzilla-Changed-Fields: bug_status blocked resolution target_milestone
Message-ID: <bug-25149-132-EyZb2WQ6Eh@http.sourceware.org/bugzilla/>
In-Reply-To: <bug-25149-132@http.sourceware.org/bugzilla/>
References: <bug-25149-132@http.sourceware.org/bugzilla/>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
X-Bugzilla-URL: http://sourceware.org/bugzilla/
Auto-Submitted: auto-generated
MIME-Version: 1.0
X-SW-Source: 2019-11/txt/msg00003.txt.bz2
Content-length: 740
https://sourceware.org/bugzilla/show_bug.cgi?id=25149
Andreas Schwab <schwab@linux-m68k.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|NEW |RESOLVED
Blocks| |11053
Resolution|--- |FIXED
Target Milestone|--- |2.31
--- Comment #2 from Andreas Schwab <schwab@linux-m68k.org> ---
Fixed in 2.31.
Referenced Bugs:
https://sourceware.org/bugzilla/show_bug.cgi?id=11053
[Bug 11053] Wrong results with backreferences
--
You are receiving this mail because:
You are on the CC list for the bug.
>From glibc-bugs-regex-return-916-listarch-glibc-bugs-regex=sources.redhat.com@sourceware.org Sun Dec 29 20:35:08 2019
Return-Path: <glibc-bugs-regex-return-916-listarch-glibc-bugs-regex=sources.redhat.com@sourceware.org>
Delivered-To: listarch-glibc-bugs-regex@sources.redhat.com
Received: (qmail 118812 invoked by alias); 29 Dec 2019 20:35:07 -0000
Mailing-List: contact glibc-bugs-regex-help@sourceware.org; run by ezmlm
Precedence: bulk
List-Id: <glibc-bugs-regex.sourceware.org>
List-Subscribe: <mailto:glibc-bugs-regex-subscribe@sourceware.org>
List-Post: <mailto:glibc-bugs-regex@sourceware.org>
List-Help: <mailto:glibc-bugs-regex-help@sourceware.org>, <http://sourceware.org/lists.html#faqs>
Sender: glibc-bugs-regex-owner@sourceware.org
Delivered-To: mailing list glibc-bugs-regex@sourceware.org
Received: (qmail 118766 invoked by uid 48); 29 Dec 2019 20:35:03 -0000
From: "eggert at cs dot ucla.edu" <sourceware-bugzilla@sourceware.org>
To: glibc-bugs-regex@sourceware.org
Subject: [Bug regex/25322] New: regex mishandles back-references inside interval expressions
Date: Sun, 29 Dec 2019 20:35:00 -0000
X-Bugzilla-Reason: CC
X-Bugzilla-Type: new
X-Bugzilla-Watch-Reason: None
X-Bugzilla-Product: glibc
X-Bugzilla-Component: regex
X-Bugzilla-Version: 2.30
X-Bugzilla-Keywords:
X-Bugzilla-Severity: normal
X-Bugzilla-Who: eggert at cs dot ucla.edu
X-Bugzilla-Status: NEW
X-Bugzilla-Resolution:
X-Bugzilla-Priority: P2
X-Bugzilla-Assigned-To: unassigned at sourceware dot org
X-Bugzilla-Target-Milestone: ---
X-Bugzilla-Flags:
X-Bugzilla-Changed-Fields: bug_id short_desc product version bug_status bug_severity priority component assigned_to reporter cc target_milestone attachments.created
Message-ID: <bug-25322-132@http.sourceware.org/bugzilla/>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
X-Bugzilla-URL: http://sourceware.org/bugzilla/
Auto-Submitted: auto-generated
MIME-Version: 1.0
X-SW-Source: 2019-12/txt/msg00000.txt.bz2
Content-length: 1251
https://sourceware.org/bugzilla/show_bug.cgi?id=25322
Bug ID: 25322
Summary: regex mishandles back-references inside interval
expressions
Product: glibc
Version: 2.30
Status: NEW
Severity: normal
Priority: P2
Component: regex
Assignee: unassigned at sourceware dot org
Reporter: eggert at cs dot ucla.edu
CC: drepper.fsp at gmail dot com
Target Milestone: ---
Created attachment 12153
--> https://sourceware.org/bugzilla/attachment.cgi?id=12153&action=edit
C program illustrating bug with back-references inside intervals
The glibc regular expression code mishandles regular expressions such as:
.*((.)\2){2}$
as it does not backtrack enough to find a match that satisfies the
back-references when they are used twice.
To reproduce the problem, compile and run the attached file backrefbug.c. It
will exit with status 2, whereas the correct exit status is 0.
This bug was originally reported against GNU 'grep' here:
https://bugs.gnu.org/26864
and you can find more test cases by reading that bug report.
--
You are receiving this mail because:
You are on the CC list for the bug.
^ permalink raw reply [flat|nested] only message in thread
only message in thread, other threads:[~2019-01-21 19:20 UTC | newest]
Thread overview: (only message) (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
[not found] <bug-24114-132@http.sourceware.org/bugzilla/>
2019-01-21 19:20 ` [Bug regex/24114] regexec buffer read overrun in "grep -i '\(\(\)*.\)*\(\)\(\)\1'" eggert at cs dot ucla.edu
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).