pcre -- heap overflow vulnerability
Guanxing Wen reports:
PCRE library is prone to a vulnerability which leads to
During the compilation of a malformed regular expression, more data is
written on the malloced block than the expected size output by
The Heap Overflow vulnerability is caused by the following regular
A dry run of this particular regular expression with pcretest will
reports "double free or corruption (!prev)".
But it is actually a heap overflow problem.
The overflow only affects pcre 8.x branch, pcre2 branch is not affected.
Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright