aboutsummaryrefslogtreecommitdiffstats
path: root/lib/stdlib
diff options
context:
space:
mode:
authorMichael Santos <michael.santos@gmail.com>2010-02-10 15:19:48 -0500
committerBjörn Gustavsson <bjorn@erlang.org>2010-02-11 08:10:27 +0100
commitbb6370a20be07e6bd0c9f6e89a3cd9719dccbfd3 (patch)
tree6c51e88d2a9eef850cddafce82d80517971f568c /lib/stdlib
parent64a697339414f424073c5b021285fddb0ff2d9da (diff)
downloadotp-bb6370a20be07e6bd0c9f6e89a3cd9719dccbfd3.tar.gz
otp-bb6370a20be07e6bd0c9f6e89a3cd9719dccbfd3.tar.bz2
otp-bb6370a20be07e6bd0c9f6e89a3cd9719dccbfd3.zip
Fix CVE-2008-2371 (outer level option with alternatives caused crash).
The patch is from: http://vcs.pcre.org/viewvc?revision=360&view=revision Test case: re:compile(<<"(?i)[\xc3\xa9\xc3\xbd]|[\xc3\xa9\xc3\xbdA]">>, [unicode]). An option change at the start of a pattern that had top-level alternatives could cause overwriting and/or a crash. This potential security problem was recorded as CVE-2008-2371.
Diffstat (limited to 'lib/stdlib')
-rw-r--r--lib/stdlib/test/re_SUITE.erl10
1 files changed, 8 insertions, 2 deletions
diff --git a/lib/stdlib/test/re_SUITE.erl b/lib/stdlib/test/re_SUITE.erl
index fa50ba3b7a..02683f9f1a 100644
--- a/lib/stdlib/test/re_SUITE.erl
+++ b/lib/stdlib/test/re_SUITE.erl
@@ -18,12 +18,12 @@
%%
-module(re_SUITE).
--export([all/1, pcre/1,compile_options/1,run_options/1,combined_options/1,replace_autogen/1,global_capture/1,replace_input_types/1,replace_return/1,split_autogen/1,split_options/1,split_specials/1,error_handling/1]).
+-export([all/1, pcre/1,compile_options/1,run_options/1,combined_options/1,replace_autogen/1,global_capture/1,replace_input_types/1,replace_return/1,split_autogen/1,split_options/1,split_specials/1,error_handling/1,pcre_cve_2008_2371/1]).
-include("test_server.hrl").
-include_lib("kernel/include/file.hrl").
-all(suite) -> [pcre,compile_options,run_options,combined_options,replace_autogen,global_capture,replace_input_types,replace_return,split_autogen,split_options,split_specials,error_handling].
+all(suite) -> [pcre,compile_options,run_options,combined_options,replace_autogen,global_capture,replace_input_types,replace_return,split_autogen,split_options,split_specials,error_handling,pcre_cve_2008_2371].
pcre(doc) ->
["Run all applicable tests from the PCRE testsuites."];
@@ -538,3 +538,9 @@ error_handling(Config) when is_list(Config) ->
?t:timetrap_cancel(Dog),
ok.
+pcre_cve_2008_2371(doc) ->
+ "Fix as in http://vcs.pcre.org/viewvc?revision=360&view=revision";
+pcre_cve_2008_2371(Config) when is_list(Config) ->
+ %% Make sure it doesn't crash the emulator.
+ re:compile(<<"(?i)[\xc3\xa9\xc3\xbd]|[\xc3\xa9\xc3\xbdA]">>, [unicode]),
+ ok.