aboutsummaryrefslogtreecommitdiffstats
path: root/main/pcre/CVE-2020-14155.patch
diff options
context:
space:
mode:
Diffstat (limited to 'main/pcre/CVE-2020-14155.patch')
-rw-r--r--main/pcre/CVE-2020-14155.patch31
1 files changed, 31 insertions, 0 deletions
diff --git a/main/pcre/CVE-2020-14155.patch b/main/pcre/CVE-2020-14155.patch
new file mode 100644
index 0000000000..3bfa119f3b
--- /dev/null
+++ b/main/pcre/CVE-2020-14155.patch
@@ -0,0 +1,31 @@
+pcre: Fix int overflow when parsing "?C<arg>" callout args.
+
+Numerical args must be 0-255, so this shouldn't break correct usage.
+
+--- a/pcre_compile.c 2020/02/10 17:01:27 1760
++++ b/pcre_compile.c 2020/02/10 17:17:34 1761
+@@ -7130,17 +7130,19 @@
+ int n = 0;
+ ptr++;
+ while(IS_DIGIT(*ptr))
++ {
+ n = n * 10 + *ptr++ - CHAR_0;
++ if (n > 255)
++ {
++ *errorcodeptr = ERR38;
++ goto FAILED;
++ }
++ }
+ if (*ptr != CHAR_RIGHT_PARENTHESIS)
+ {
+ *errorcodeptr = ERR39;
+ goto FAILED;
+ }
+- if (n > 255)
+- {
+- *errorcodeptr = ERR38;
+- goto FAILED;
+- }
+ *code++ = n;
+ PUT(code, 0, (int)(ptr - cd->start_pattern + 1)); /* Pattern offset */
+ PUT(code, LINK_SIZE, 0); /* Default length */