From: Fabian Keil Date: Sun, 8 May 2016 10:47:49 +0000 (+0000) Subject: pcre: Fix heap-buffer-overflow when loading invalid filter files X-Git-Tag: v_3_0_25~35 X-Git-Url: http://www.privoxy.org/gitweb/%22https:/developer-manual/faq/static/user-manual/@user-manual@startup.html?a=commitdiff_plain;h=67015baf0fede8022e1109e4398f3da027fcca5e;p=privoxy.git pcre: Fix heap-buffer-overflow when loading invalid filter files Found with afl-fuzz and ASAN. Not considered a security vulnerability as filter files are trusted input. --- diff --git a/pcre/pcre.c b/pcre/pcre.c index 38d0113b..5824040c 100644 --- a/pcre/pcre.c +++ b/pcre/pcre.c @@ -2660,8 +2660,13 @@ while ((c = *(++ptr)) != 0) } else class_charcount++; ptr++; + if (*ptr == 0) + { + *errorptr = ERR6; + goto PCRE_ERROR_RETURN; + } } - while (*ptr != 0 && *ptr != ']'); + while (*ptr != ']'); /* Repeats for negated single chars are handled by the general code */