bug#66835: Heap buffer overread in expr in regexec.c in the check

bug-coreutils

bug#66835: Heap buffer overread in expr in regexec.c in the check_arriva

From:	Paul Eggert
Subject:	bug#66835: Heap buffer overread in expr in regexec.c in the check_arrival_add_next_nodes function.
Date:	Tue, 7 Nov 2023 16:37:34 -0800
User-agent:	Mozilla Thunderbird

Thanks. This is a bug in the glibc regular expression matcher. It's partof a well known series of bugs. See, for example:


https://sourceware.org/bugzilla/show_bug.cgi?id=12896
https://sourceware.org/bugzilla/show_bug.cgi?id=17356

It's not of much practical concern since the attacker should not havecontrol of B in invocations like 'expr "$A" : "$B"'.

[Prev in Thread]

Current Thread

[Next in Thread]

bug#66835: Heap buffer overread in expr in regexec.c in the check_arrival_add_next_nodes function., Paul Eggert <=