Package: perl Version: 5.26.1-5 Severity: normal Tags: upstream A stack exhaustion issue was discovered in Perl 5.26.1. Stack Exhaustion occurs in checking regular expression for a "()" pair. When Perl interprets one "(", it will allocate four stack frames (S_reg, S_regbranch, S_regpiece, S_regatom). If the next character is still '(' other than ')', it will continue to allocate four stack frames the stack trace. When there are over 3314 '(', it will segment fault and crash.
The stack trace for the crash is as follows, Program received signal SIGSEGV, Segmentation fault. 0x00000000005d005b in S_reg (pRExC_state=0x7fffffffd5c0, paren=2, flagp=0x7fffff7ff3a0, depth=<error reading variable: Cannot access memory at address 0x7fffff7feee0>) at regcomp.c:10574 10574 { (gdb) info stack #0 0x00000000005d005b in S_reg (pRExC_state=0x7fffffffd5c0, paren=2, flagp=0x7fffff7ff3a0, depth=<error reading variable: Cannot access memory at address 0x7fffff7feee0>) at regcomp.c:10574 #1 0x000000000061ebc0 in S_regatom (pRExC_state=0x7fffffffd5c0, flagp=0x7fffff7ff7a0, depth=<optimized out>) at regcomp.c:12565 #2 0x00000000005fde20 in S_regpiece (pRExC_state=<optimized out>, flagp=<error reading variable: access outside bounds of object referenced via synthetic pointer>, depth=<optimized out>) at regcomp.c:11669 #3 S_regbranch (pRExC_state=<optimized out>, flagp=0x7fffff7ff9a0, first=<optimized out>, depth=<optimized out>) at regcomp.c:11594 #4 0x00000000005d3476 in S_reg (pRExC_state=<optimized out>, paren=<error reading variable: Cannot access memory at address 0x3a>, flagp=0x7fffff7ffd80, depth=<optimized out>) at regcomp.c:11332 #5 0x000000000061ebc0 in S_regatom (pRExC_state=0x7fffffffd5c0, flagp=0x7fffff800180, depth=<optimized out>) at regcomp.c:12565 #6 0x00000000005fde20 in S_regpiece (pRExC_state=<optimized out>, flagp=<error reading variable: access outside bounds of object referenced via synthetic pointer>, depth=<optimized out>) at regcomp.c:11669 #7 S_regbranch (pRExC_state=<optimized out>, flagp=0x7fffff800380, first=<optimized out>, depth=<optimized out>) at regcomp.c:11594 #8 0x00000000005d3476 in S_reg (pRExC_state=<optimized out>, paren=<error reading variable: Cannot access memory at address 0x3a>, flagp=0x7fffff800760, depth=<optimized out>) at regcomp.c:11332 #9 0x000000000061ebc0 in S_regatom (pRExC_state=0x7fffffffd5c0, flagp=0x7fffff800b60, depth=<optimized out>) at regcomp.c:12565 #10 0x00000000005fde20 in S_regpiece (pRExC_state=<optimized out>, flagp=<error reading variable: access outside bounds of object referenced via synthetic pointer>, depth=<optimized out>) at regcomp.c:11669 ...... -- System Information: Debian Release: buster/sid APT prefers testing APT policy: (500, 'testing') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 4.14.0-3-amd64 (SMP w/4 CPU cores) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled Versions of packages perl depends on: ii dpkg 1.19.0.5 ii libperl5.26 5.26.1-5 ii perl-base 5.26.1-5 ii perl-modules-5.26 5.26.1-5 Versions of packages perl recommends: ii netbase 5.4 Versions of packages perl suggests: pn libterm-readline-gnu-perl | libterm-readline-perl-perl <none> ii make 4.1-9.1 pn perl-doc <none> -- no debconf information