[pcre-dev] AV in pcre_dfa_exe.c followed by application crash

Tue, 14 May 2013 09:30:20 -0700 

The following C code triggers an AV in pcre_dfa_exec(), followed by an
application crash. I was unable to reproduce this with pcretest, but
this C code triggers the problem reliably.

@Zoltan: This is is not related to my previous report. I tested that the
correct 8 bit functions are called.

Ralf

----------------------

#include <stdio.h>
#include "pcre.h"

int main(int argc, char **argv)
{
  pcre *re;
  pcre_extra *reExtra;
  int e, errCode, errOffset;
  int o;
  const char *errMsg;
  int *WorkSpace;
  int nWorkSpace;


  o = PCRE_UTF8;
  re = pcre_compile ("\\Q\x01\\E", o, &errMsg, &errCode, NULL);
  if (re) {
  o = PCRE_STUDY_JIT_COMPILE;
  reExtra = pcre_study (re, o, &errMsg);
  if (reExtra) {
    nWorkSpace = 64;
    WorkSpace = malloc(nWorkSpace * sizeof(WorkSpace[0]));

    o = PCRE_NO_UTF8_CHECK | PCRE_PARTIAL_SOFT | PCRE_PARTIAL_HARD;
    e = pcre_dfa_exec(re, reExtra, "\x01\x02", 2, 0,
              o, NULL, 0, WorkSpace, nWorkSpace);

    printf("%d", e);

    free(WorkSpace);

    pcre_free_study(reExtra);
    }
    free(re);
  }

  return 0;
}

--------------

Trace log:

pcretest_own_code.exe(11112)
Pointer arithmetic in invalid memory in process:
pcretest_own_code.exe(11112)  - pcre_dfa_exec.c#788
  0x00000000+8.
    0x004E60A1 - pcre_dfa_exec.c#788
    0x004F14E5 - pcre_dfa_exec.c#3550
    0x005477A1 - pcretest_own_code.c#26
    0x00552DE7
Pointer arithmetic in invalid memory in process:
pcretest_own_code.exe(11112)  - pcre_internal.h#395
  0x00000008-8.
    0x004E47D8 - pcre_internal.h#395
    0x004E60A9 - pcre_dfa_exec.c#789
    0x004F14E5 - pcre_dfa_exec.c#3550
    0x005477A1 - pcretest_own_code.c#26
    0x00552DE7
Pointer arithmetic in invalid memory in process:
pcretest_own_code.exe(11112)  - pcre_internal.h#396
  0x00000000-8.
    0x004E47E7 - pcre_internal.h#396
    0x004E60A9 - pcre_dfa_exec.c#789
    0x004F14E5 - pcre_dfa_exec.c#3550
    0x005477A1 - pcretest_own_code.c#26
    0x00552DE7
Pointer arithmetic in invalid memory in process:
pcretest_own_code.exe(11112)  - pcre_internal.h#397
  0x00000000-1.
    0x004E4801 - pcre_internal.h#397
    0x004E60A9 - pcre_dfa_exec.c#789
    0x004F14E5 - pcre_dfa_exec.c#3550
    0x005477A1 - pcretest_own_code.c#26
    0x00552DE7

-- 
## List details at https://lists.exim.org/mailman/listinfo/pcre-dev

Reply via email to