This is the mail archive of the
glibc-bugs-regex@sourceware.org
mailing list for the glibc project.
[Bug regex/12896] New: regexec() stack overflow denial of service
- From: "yangdingning at gmail dot com" <sourceware-bugzilla at sourceware dot org>
- To: glibc-bugs-regex at sources dot redhat dot com
- Date: Thu, 16 Jun 2011 03:07:07 +0000
- Subject: [Bug regex/12896] New: regexec() stack overflow denial of service
- Auto-submitted: auto-generated
http://sourceware.org/bugzilla/show_bug.cgi?id=12896
Summary: regexec() stack overflow denial of service
Product: glibc
Version: unspecified
Status: NEW
Severity: normal
Priority: P2
Component: regex
AssignedTo: drepper.fsp@gmail.com
ReportedBy: yangdingning@gmail.com
An easy way to reproduce is:
$ echo | grep -E "(.*)\1{4}+"
Segmentation fault (core dumped)
$
This bug has been verified to exist in glibc 2.11.1 shipped with Ubuntu 10.04,
as well as the latest version from git repository. It may have security
implications as shown in the description of CVE-2010-4051 and CVE-2010-4052.
--
Configure bugmail: http://sourceware.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.