GNU bug report logs - #58042
29.0.50; ASAN use-after-free in re_match_2_internal

Previous Next

Package: emacs;

Reported by: Gerd Möllmann <gerd.moellmann <at> gmail.com>

Date: Sat, 24 Sep 2022 13:46:01 UTC

Severity: normal

Found in version 29.0.50

Fixed in version 29.1

Done: Gerd Möllmann <gerd.moellmann <at> gmail.com>

Bug is archived. No further changes may be made.

Full log

View this message in rfc822 format

From: Stefan Monnier <monnier <at> iro.umontreal.ca>
To: Po Lu <luangruo <at> yahoo.com>
Cc: Gerd Möllmann <gerd.moellmann <at> gmail.com>, Eli Zaretskii <eliz <at> gnu.org>, 58042 <at> debbugs.gnu.org, Alan Third <alan <at> idiocy.org>
Subject: bug#58042: 29.0.50; ASAN use-after-free in re_match_2_internal
Date: Mon, 08 May 2023 22:25:11 -0400

>> Really?
> Yes.

Damn!  I thought at least `handle_one_xevent` was "ELisp-clean".

>> In bug#62732 we have a related problem when code run from `maybe_quit`
>> (an atimer in that case) from the regexp engine, and that atimer
>> itself performs a regexp-operation, which messes up the outer regexp
>> engine invocation because the regexp engine is still not re-entrant (in
>> that bug, the problem is the `gl_state` global variable).
>
> bug#62732?  That's:

Hmm... not sure how I ended up writing this.  I meant bug#63253
Sorry 'bout that.

> I don't see how it's related to reentrant use of the regexp engine.
> BTW, which atimer is it?

The atimer for `with-delayed-message`.


        Stefan
This bug report was last modified 2 years and 72 days ago.

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.