https://bugs.exim.org/show_bug.cgi?id=1854
--- Comment #8 from bshas...@sec.t-labs.tu-berlin.de --- Hi, I just found that the pcretest digit underflow problem persists in pcre2test (10.21) as well. The proposed patch is applicable here for this version as well. The particular input (Underflow in input parsing) leads to a hang caused by a while(1) like condition. I have attached a new test case. The problem is the while loop on line 5463 of pcre2test.c: > while (isdigit(*p)) i = i * 10 + *p++ - '0'; If `i` underflows, `needlen` inherits a large value due to: > needlen += replen * i; For this particular input, we end up in an infinite loop here: > while (needlen >= dbuffer_size) dbuffer_size *= 2; because `dbuffer_size` eventually gets doubled (right-shifted) to zero, and from then on, the loop is equivalent to a while(1). -- You are receiving this mail because: You are on the CC list for the bug. -- ## List details at https://lists.exim.org/mailman/listinfo/pcre-dev
