diff options
author | Michael Santos <michael.santos@gmail.com> | 2010-02-10 15:19:48 -0500 |
---|---|---|
committer | Björn Gustavsson <bjorn@erlang.org> | 2010-02-11 08:10:27 +0100 |
commit | bb6370a20be07e6bd0c9f6e89a3cd9719dccbfd3 (patch) | |
tree | 6c51e88d2a9eef850cddafce82d80517971f568c /lib/stdlib | |
parent | 64a697339414f424073c5b021285fddb0ff2d9da (diff) | |
download | otp-bb6370a20be07e6bd0c9f6e89a3cd9719dccbfd3.tar.gz otp-bb6370a20be07e6bd0c9f6e89a3cd9719dccbfd3.tar.bz2 otp-bb6370a20be07e6bd0c9f6e89a3cd9719dccbfd3.zip |
Fix CVE-2008-2371 (outer level option with alternatives caused crash).
The patch is from:
http://vcs.pcre.org/viewvc?revision=360&view=revision
Test case:
re:compile(<<"(?i)[\xc3\xa9\xc3\xbd]|[\xc3\xa9\xc3\xbdA]">>, [unicode]).
An option change at the start of a pattern that had top-level
alternatives could cause overwriting and/or a crash.
This potential security problem was recorded as CVE-2008-2371.
Diffstat (limited to 'lib/stdlib')
-rw-r--r-- | lib/stdlib/test/re_SUITE.erl | 10 |
1 files changed, 8 insertions, 2 deletions
diff --git a/lib/stdlib/test/re_SUITE.erl b/lib/stdlib/test/re_SUITE.erl index fa50ba3b7a..02683f9f1a 100644 --- a/lib/stdlib/test/re_SUITE.erl +++ b/lib/stdlib/test/re_SUITE.erl @@ -18,12 +18,12 @@ %% -module(re_SUITE). --export([all/1, pcre/1,compile_options/1,run_options/1,combined_options/1,replace_autogen/1,global_capture/1,replace_input_types/1,replace_return/1,split_autogen/1,split_options/1,split_specials/1,error_handling/1]). +-export([all/1, pcre/1,compile_options/1,run_options/1,combined_options/1,replace_autogen/1,global_capture/1,replace_input_types/1,replace_return/1,split_autogen/1,split_options/1,split_specials/1,error_handling/1,pcre_cve_2008_2371/1]). -include("test_server.hrl"). -include_lib("kernel/include/file.hrl"). -all(suite) -> [pcre,compile_options,run_options,combined_options,replace_autogen,global_capture,replace_input_types,replace_return,split_autogen,split_options,split_specials,error_handling]. +all(suite) -> [pcre,compile_options,run_options,combined_options,replace_autogen,global_capture,replace_input_types,replace_return,split_autogen,split_options,split_specials,error_handling,pcre_cve_2008_2371]. pcre(doc) -> ["Run all applicable tests from the PCRE testsuites."]; @@ -538,3 +538,9 @@ error_handling(Config) when is_list(Config) -> ?t:timetrap_cancel(Dog), ok. +pcre_cve_2008_2371(doc) -> + "Fix as in http://vcs.pcre.org/viewvc?revision=360&view=revision"; +pcre_cve_2008_2371(Config) when is_list(Config) -> + %% Make sure it doesn't crash the emulator. + re:compile(<<"(?i)[\xc3\xa9\xc3\xbd]|[\xc3\xa9\xc3\xbdA]">>, [unicode]), + ok. |