/[pcre]/code/trunk/ChangeLog
ViewVC logotype

Diff of /code/trunk/ChangeLog

Parent Directory Parent Directory | Revision Log Revision Log | View Patch Patch

revision 360 by ph10, Wed Jul 9 20:00:28 2008 UTC revision 361 by ph10, Thu Jul 10 16:03:28 2008 UTC
# Line 49  Version 8.0 02 Jul-08 Line 49  Version 8.0 02 Jul-08
49        printf "/(?i)[\xc3\xa9\xc3\xbd]|[\xc3\xa9\xc3\xbdA]/8\n" | pcretest        printf "/(?i)[\xc3\xa9\xc3\xbd]|[\xc3\xa9\xc3\xbdA]/8\n" | pcretest
50    
51      This potential security problem was recorded as CVE-2008-2371.      This potential security problem was recorded as CVE-2008-2371.
52    
53    12. For a pattern where the match had to start at the beginning or immediately
54        after a newline (e.g /.*anything/ without the DOTALL flag), pcre_exec() and
55        pcre_dfa_exec() could read past the end of the passed subject if there was
56        no match. To help with detecting such bugs (e.g. with valgrind), I modified
57        pcretest so that it places the subject at the end of its malloc-ed buffer.
58    
59    
60  Version 7.7 07-May-08  Version 7.7 07-May-08
Legend:
Removed from v.360  
changed lines
  Added in v.361
webmaster@exim.org
 ViewVC Help
Powered by ViewVC 1.1.12