public inbox for glibc-bugs@sourceware.org
help / color / mirror / Atom feed
* [Bug regex/17356] New: regex assertion violation with triple backreferences
@ 2014-09-07 23:47 eggert at gnu dot org
2014-09-23 0:11 ` [Bug regex/17356] " eggert at gnu dot org
` (4 more replies)
0 siblings, 5 replies; 6+ messages in thread
From: eggert at gnu dot org @ 2014-09-07 23:47 UTC (permalink / raw)
To: glibc-bugs
https://sourceware.org/bugzilla/show_bug.cgi?id=17356
Bug ID: 17356
Summary: regex assertion violation with triple backreferences
Product: glibc
Version: unspecified
Status: NEW
Severity: normal
Priority: P2
Component: regex
Assignee: unassigned at sourceware dot org
Reporter: eggert at gnu dot org
CC: drepper.fsp at gmail dot com
Flags: security+
Created attachment 7772
--> https://sourceware.org/bugzilla/attachment.cgi?id=7772&action=edit
Test for triple backreference regex bug
The attached program, which is a strictly conforming use of the POSIX regular
expression matcher, has undefined behavior with glibc. On Fedora 20 x86-64 it
simply dumps core; on Ubuntu 14.04 x86-64 it outputs "regexec.c:1386:
pop_fail_stack: Assertion `num >= 0' failed" and then dumps core. It works
fine on Solaris and AIX.
I expect that this bug has been in all glibc versions since Isamu Hasegawa's
circa-2002 rewrite of the regex code, and that the bug is in glibc 2.20 too,
though I haven't tested this.
Fixing this bug will not be trivial, I'm afraid. I have not succeeded in
tracking down Mr. Hasegawa.
--
You are receiving this mail because:
You are on the CC list for the bug.
^ permalink raw reply [flat|nested] 6+ messages in thread* [Bug regex/17356] regex assertion violation with triple backreferences
2014-09-07 23:47 [Bug regex/17356] New: regex assertion violation with triple backreferences eggert at gnu dot org
@ 2014-09-23 0:11 ` eggert at gnu dot org
2014-09-23 7:55 ` fweimer at redhat dot com
` (3 subsequent siblings)
4 siblings, 0 replies; 6+ messages in thread
From: eggert at gnu dot org @ 2014-09-23 0:11 UTC (permalink / raw)
To: glibc-bugs
https://sourceware.org/bugzilla/show_bug.cgi?id=17356
--- Comment #1 from Paul Eggert <eggert at gnu dot org> ---
This appears to be a duplicate of Bug#11053 so I'll try to resolve it as a
duplicate.
--
You are receiving this mail because:
You are on the CC list for the bug.
^ permalink raw reply [flat|nested] 6+ messages in thread* [Bug regex/17356] regex assertion violation with triple backreferences
2014-09-07 23:47 [Bug regex/17356] New: regex assertion violation with triple backreferences eggert at gnu dot org
2014-09-23 0:11 ` [Bug regex/17356] " eggert at gnu dot org
@ 2014-09-23 7:55 ` fweimer at redhat dot com
2022-09-07 4:30 ` eggert at cs dot ucla.edu
` (2 subsequent siblings)
4 siblings, 0 replies; 6+ messages in thread
From: fweimer at redhat dot com @ 2014-09-23 7:55 UTC (permalink / raw)
To: glibc-bugs
https://sourceware.org/bugzilla/show_bug.cgi?id=17356
Florian Weimer <fweimer at redhat dot com> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|NEW |RESOLVED
CC| |fweimer at redhat dot com
Resolution|--- |DUPLICATE
Flags|security+ |security-
--- Comment #2 from Florian Weimer <fweimer at redhat dot com> ---
Duplicate of bug 11053, per comment #1.
*** This bug has been marked as a duplicate of bug 11053 ***
--
You are receiving this mail because:
You are on the CC list for the bug.
^ permalink raw reply [flat|nested] 6+ messages in thread* [Bug regex/17356] regex assertion violation with triple backreferences
2014-09-07 23:47 [Bug regex/17356] New: regex assertion violation with triple backreferences eggert at gnu dot org
2014-09-23 0:11 ` [Bug regex/17356] " eggert at gnu dot org
2014-09-23 7:55 ` fweimer at redhat dot com
@ 2022-09-07 4:30 ` eggert at cs dot ucla.edu
2022-09-08 12:36 ` vincent-srcware at vinc17 dot net
2022-09-08 17:03 ` [Bug regex/17356] regex misbehavior " eggert at cs dot ucla.edu
4 siblings, 0 replies; 6+ messages in thread
From: eggert at cs dot ucla.edu @ 2022-09-07 4:30 UTC (permalink / raw)
To: glibc-bugs
https://sourceware.org/bugzilla/show_bug.cgi?id=17356
eggert at cs dot ucla.edu changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |eggert at cs dot ucla.edu
Resolution|DUPLICATE |---
Status|RESOLVED |REOPENED
--- Comment #3 from eggert at cs dot ucla.edu ---
Apparently I was incorrect when I wrote that this was a duplicate of Bug#11053
as that other bug is fixed but this one is not.
--
You are receiving this mail because:
You are on the CC list for the bug.
^ permalink raw reply [flat|nested] 6+ messages in thread* [Bug regex/17356] regex assertion violation with triple backreferences
2014-09-07 23:47 [Bug regex/17356] New: regex assertion violation with triple backreferences eggert at gnu dot org
` (2 preceding siblings ...)
2022-09-07 4:30 ` eggert at cs dot ucla.edu
@ 2022-09-08 12:36 ` vincent-srcware at vinc17 dot net
2022-09-08 17:03 ` [Bug regex/17356] regex misbehavior " eggert at cs dot ucla.edu
4 siblings, 0 replies; 6+ messages in thread
From: vincent-srcware at vinc17 dot net @ 2022-09-08 12:36 UTC (permalink / raw)
To: glibc-bugs
https://sourceware.org/bugzilla/show_bug.cgi?id=17356
Vincent Lefèvre <vincent-srcware at vinc17 dot net> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |vincent-srcware at vinc17 dot net
--- Comment #4 from Vincent Lefèvre <vincent-srcware at vinc17 dot net> ---
(In reply to eggert from comment #3)
> Apparently I was incorrect when I wrote that this was a duplicate of
> Bug#11053 as that other bug is fixed but this one is not.
More precisely, the assertion violation was Bug#11053, which is fixed in glibc
2.35, but the test now fails: it gives no matches, while there should be a
match, since the regexp matches the empty string.
Test with grep:
vinc17@gcc92:~$ echo 'a' | grep -E '(.{0,1})(.{0,1})\2\1'
a
vinc17@gcc92:~$ echo 'a' | grep -E '(.{0,1})(.{0,1})(.{0,1})\3\2\1'
vinc17@gcc92:~$
(with only 2 backreferences, this is OK, but not with 3).
The bug could be retitled.
--
You are receiving this mail because:
You are on the CC list for the bug.
^ permalink raw reply [flat|nested] 6+ messages in thread* [Bug regex/17356] regex misbehavior with triple backreferences
2014-09-07 23:47 [Bug regex/17356] New: regex assertion violation with triple backreferences eggert at gnu dot org
` (3 preceding siblings ...)
2022-09-08 12:36 ` vincent-srcware at vinc17 dot net
@ 2022-09-08 17:03 ` eggert at cs dot ucla.edu
4 siblings, 0 replies; 6+ messages in thread
From: eggert at cs dot ucla.edu @ 2022-09-08 17:03 UTC (permalink / raw)
To: glibc-bugs
https://sourceware.org/bugzilla/show_bug.cgi?id=17356
eggert at cs dot ucla.edu changed:
What |Removed |Added
----------------------------------------------------------------------------
Summary|regex assertion violation |regex misbehavior with
|with triple backreferences |triple backreferences
--- Comment #5 from eggert at cs dot ucla.edu ---
(In reply to Vincent Lefèvre from comment #4)
Thanks, I've retitled it from "regex assertion violation with triple
backreferences" to "regex misbehavior with triple backreferences".
--
You are receiving this mail because:
You are on the CC list for the bug.
^ permalink raw reply [flat|nested] 6+ messages in thread
end of thread, other threads:[~2022-09-08 17:03 UTC | newest]
Thread overview: 6+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2014-09-07 23:47 [Bug regex/17356] New: regex assertion violation with triple backreferences eggert at gnu dot org
2014-09-23 0:11 ` [Bug regex/17356] " eggert at gnu dot org
2014-09-23 7:55 ` fweimer at redhat dot com
2022-09-07 4:30 ` eggert at cs dot ucla.edu
2022-09-08 12:36 ` vincent-srcware at vinc17 dot net
2022-09-08 17:03 ` [Bug regex/17356] regex misbehavior " eggert at cs dot ucla.edu
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).