GNU bug report logs - #66835
Heap buffer overread in expr in regexec.c in the check_arrival_add_next_nodes function.

Reported by: Some Dickhead <wheneveriseefeetibeatmymeat <at> gmail.com>

Date: Mon, 30 Oct 2023 16:36:01 UTC

Severity: normal

View this message in rfc822 format

From: Paul Eggert <eggert <at> cs.ucla.edu>
To: Some Dickhead <wheneveriseefeetibeatmymeat <at> gmail.com>, 66835 <at> debbugs.gnu.org
Subject: bug#66835: Heap buffer overread in expr in regexec.c in the check_arrival_add_next_nodes function.
Date: Tue, 7 Nov 2023 16:37:34 -0800

Thanks. This is a bug in the glibc regular expression matcher. It's part 
of a well known series of bugs. See, for example:

https://sourceware.org/bugzilla/show_bug.cgi?id=12896
https://sourceware.org/bugzilla/show_bug.cgi?id=17356

It's not of much practical concern since the attacker should not have 
control of B in invocations like 'expr "$A" : "$B"'.

This bug report was last modified 1 year and 229 days ago.

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.

GNU bug report logs - #66835 Heap buffer overread in expr in regexec.c in the check_arrival_add_next_nodes function.

GNU bug report logs - #66835
Heap buffer overread in expr in regexec.c in the check_arrival_add_next_nodes function.