GNU bug report logs - #58042
29.0.50; ASAN use-after-free in re_match_2_internal

Previous Next

Package: emacs;

Reported by: Gerd Möllmann <gerd.moellmann <at> gmail.com>

Date: Sat, 24 Sep 2022 13:46:01 UTC

Severity: normal

Found in version 29.0.50

Fixed in version 29.1

Done: Gerd Möllmann <gerd.moellmann <at> gmail.com>

Bug is archived. No further changes may be made.

Full log

View this message in rfc822 format

From: Eli Zaretskii <eliz <at> gnu.org>
To: Gerd Möllmann <gerd.moellmann <at> gmail.com>
Cc: 58042 <at> debbugs.gnu.org
Subject: bug#58042: 29.0.50; ASAN use-after-free in re_match_2_internal
Date: Sat, 24 Sep 2022 18:24:07 +0300

> From: Gerd Möllmann <gerd.moellmann <at> gmail.com>
> Cc: 58042 <at> debbugs.gnu.org
> Date: Sat, 24 Sep 2022 17:08:12 +0200
> 
> But in general, I think the small string compaction could be a serious
> problem here, as soon as a GC happens while the regexp machine holds
> pointers.

What is the path from regexp match to GC?  The GC was triggered by
redisplay, but how did redisplay start while regexp match was in
progress?  Do you see any code in regexp that could trigger redisplay?

This bug report was last modified 2 years and 72 days ago.

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.

GNU bug report logs - #58042 29.0.50; ASAN use-after-free in re_match_2_internal

GNU bug report logs - #58042
29.0.50; ASAN use-after-free in re_match_2_internal