From: Fabian Keil <fk@fabiankeil.de>
Date: Sun, 8 May 2016 10:47:49 +0000 (+0000)
Subject: pcre: Fix heap-buffer-overflow when loading invalid filter files
X-Git-Tag: v_3_0_25~35
X-Git-Url: http://www.privoxy.org/gitweb/?p=privoxy.git;a=commitdiff_plain;h=67015baf0fede8022e1109e4398f3da027fcca5e

pcre: Fix heap-buffer-overflow when loading invalid filter files

Found with afl-fuzz and ASAN.
Not considered a security vulnerability as filter files are trusted input.
---

diff --git a/pcre/pcre.c b/pcre/pcre.c
index 38d0113b..5824040c 100644
--- a/pcre/pcre.c
+++ b/pcre/pcre.c
@@ -2660,8 +2660,13 @@ while ((c = *(++ptr)) != 0)
         }
       else class_charcount++;
       ptr++;
+      if (*ptr == 0)
+        {
+        *errorptr = ERR6;
+        goto PCRE_ERROR_RETURN;
+        }
       }
-    while (*ptr != 0 && *ptr != ']');
+    while (*ptr != ']');
 
     /* Repeats for negated single chars are handled by the general code */