GNU bug report logs - #34140
AddressSanitizer reported heap-buffer-overflow when ignoring case

Previous Next

Package: grep;

Reported by: Hongxu Chen <leftcopy.chx <at> gmail.com>

Date: Sun, 20 Jan 2019 05:20:02 UTC

Severity: normal

Done: Paul Eggert <eggert <at> cs.ucla.edu>

Bug is archived. No further changes may be made.

Full log

View this message in rfc822 format

From: arnold <at> skeeve.com
To: leftcopy.chx <at> gmail.com, eggert <at> cs.ucla.edu
Cc: 34140 <at> debbugs.gnu.org
Subject: bug#34140: AddressSanitizer reported heap-buffer-overflow when ignoring case
Date: Tue, 22 Jan 2019 01:44:13 -0700

If I may beg to differ, I see no reason that GNULIB can't be
ahead of GLIBC. In particular for the benefit of programs that use
it, like grep/sed/gawk.

If necessary, I can copy/paste the change from the bug report, but
it'd be nicer if you'd just push it to GNULIB.

Thanks,

Arnold

Paul Eggert <eggert <at> cs.ucla.edu> wrote:

> Thanks for the bug report. I tracked it down to a read buffer overrun in glibc's 
> regexec.c and filed a bug report with a fix here:
>
> https://sourceware.org/bugzilla/show_bug.cgi?id=24114
>
> glibc is frozen right now (it's just before the glibc 2.29 release), so most 
> likely the bug fix will appear in glibc 2.30. I plan to propagate the fix into 
> Gnulib (and therefore into grep) shortly after glibc 2.29 is released.
>
>
This bug report was last modified 6 years and 167 days ago.

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.