projects / product / upstream / findutils.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 7ead692) | patch
[CVE-2009-5155] Diagnose ERE '()|\1' 95/286695/1 accepted/tizen_6.0_base accepted/tizen_6.0_base_tool tizen_6.0_base accepted/tizen/6.0/base/20230713.143134 accepted/tizen/6.0/base/tool/20230116.011832 submit/tizen_6.0_base/20230112.235320
authorPaul Eggert <eggert@cs.ucla.edu>
Sat, 19 Sep 2015 20:53:34 +0000 (13:53 -0700)
committerDongHun Kwak <dh0128.kwak@samsung.com>
Thu, 12 Jan 2023 00:34:15 +0000 (09:34 +0900)
commitd64b61398fcd1966ed43e437e2ee7f18cb6fdc9e
tree7042ce17b510a89541b02f22d6d80b7c49e8e740tree | snapshot
parent7ead692bcf0e3aacd3eb9ff0a14811a9122c5c57commit | diff
[CVE-2009-5155] Diagnose ERE '()|\1'

Problem reported by Hanno Böck in: http://bugs.gnu.org/21513
* lib/regcomp.c (parse_reg_exp): While parsing alternatives, keep
track of the set of previously-completed subexpressions available
before the first alternative, and restore this set just before
parsing each subsequent alternative.  This lets us diagnose the
invalid back-reference in the ERE '()|\1'.

Change-Id: Id55c5afc1cc560444e82bdef4ce5462d2f3f6f3a
Signed-off-by: DongHun Kwak <dh0128.kwak@samsung.com>
gnulib/lib/regcomp.c diff | blob | history
Domain: System / Base;