1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
|
Description: CVE-2017-6004: crafted regular expression may cause denial of service
Origin: upstream, https://vcs.pcre.org/pcre/code/trunk/pcre_jit_compile.c?r1=1676&r2=1680&view=patch
Bug: https://bugs.exim.org/show_bug.cgi?id=2035
Bug-Debian: https://bugs.debian.org/855405
Forwarded: not-needed
Author: Salvatore Bonaccorso <carnil@debian.org>
Last-Update: 2017-02-17
--- a/pcre_jit_compile.c
+++ b/pcre_jit_compile.c
@@ -8111,7 +8111,7 @@ if (opcode == OP_COND || opcode == OP_SC
if (*matchingpath == OP_FAIL)
stacksize = 0;
- if (*matchingpath == OP_RREF)
+ else if (*matchingpath == OP_RREF)
{
stacksize = GET2(matchingpath, 1);
if (common->currententry == NULL)
|
