In article <588d84f4-530a-4cc9-6f1b-757a9071e...@sdf.org>,
RVP <r...@sdf.org> wrote:
>On Sat, 28 Dec 2024, Christos Zoulas wrote:
>
>> In article
><cajgzzoohnebuuueyghmrayn+uh425psydsgge0bvaxncekg...@mail.gmail.com>,
>> enh <e...@google.com> wrote:
>>> -=-=-=-=-=-
>>>
>>> a trivial fuzzer someone once wrote blew up on this input to regcomp()
>>> [passed directly to regcomp() after adding a trailing '\0']:
>>>
>>> xxd
>>> ~~/Downloads/clusterfuzz-testcase-minimized-regexec_fuzzer-5459313584832512
>>> 00000000: 6a3a 5b5d 6a3a 5b5d 6a3a 5bd9 6a3a 5b5d j:[]j:[]j:[.j:[]
>>>
>>
>> I can't reproduce this in current:
>>
>> if ((e = regcomp(&re, "j:[]j:[]j:[.j:[]", REG_EXTENDED)) != 0) {
>>
>>
>
>Ah, I see what's wrong: it's 0xD9 instead of 0x2E (.) in the pattern.
Thanks! Added test and committed the fix.
christos
