diff --git a/ChangeLog b/ChangeLog index 70ecb9d..ef29f76 100644 --- a/ChangeLog +++ b/ChangeLog @@ -2,6 +2,15 @@ Change Log for PCRE2 -------------------- +Version 10.24 14-February-2017 +------------------------------ + +1. Hardened pcre2test so as to reduce the number of bugs reported by fuzzers: + + (a) Check for malloc failures when getting memory for the ovector (POSIX) or + the match data block (non-POSIX). + + Version 10.23 14-February-2017 ------------------------------ diff --git a/configure.ac b/configure.ac index 90f6d03..6e0b3ea 100644 --- a/configure.ac +++ b/configure.ac @@ -9,9 +9,9 @@ dnl The PCRE2_PRERELEASE feature is for identifying release candidates. It might dnl be defined as -RC2, for example. For real releases, it should be empty. m4_define(pcre2_major, [10]) -m4_define(pcre2_minor, [23]) -m4_define(pcre2_prerelease, []) -m4_define(pcre2_date, [2017-02-14]) +m4_define(pcre2_minor, [24]) +m4_define(pcre2_prerelease, [-RC1]) +m4_define(pcre2_date, [2017-02-15]) # NOTE: The CMakeLists.txt file searches for the above variables in the first # 50 lines of this file. Please update that if the variables above are moved. diff --git a/src/pcre2.h b/src/pcre2.h index 8650320..2ff545f 100644 --- a/src/pcre2.h +++ b/src/pcre2.h @@ -42,9 +42,9 @@ POSSIBILITY OF SUCH DAMAGE. /* The current PCRE version information. */ #define PCRE2_MAJOR 10 -#define PCRE2_MINOR 23 -#define PCRE2_PRERELEASE -#define PCRE2_DATE 2017-02-14 +#define PCRE2_MINOR 24 +#define PCRE2_PRERELEASE -RC1 +#define PCRE2_DATE 2017-02-15 /* When an application links to a PCRE DLL in Windows, the symbols that are imported have to be identified as such. When building PCRE2, the appropriate diff --git a/src/pcre2test.c b/src/pcre2test.c index 241c22c..01457e8 100644 --- a/src/pcre2test.c +++ b/src/pcre2test.c @@ -1365,8 +1365,7 @@ are supported. */ (test_mode == PCRE8_MODE && G(x,8)->f r (y)) || \ (test_mode == PCRE16_MODE && G(x,16)->f r (y)) || \ (test_mode == PCRE32_MODE && G(x,32)->f r (y))) - - + /* ----- Two out of three modes are supported ----- */ @@ -1775,7 +1774,7 @@ the three different cases. */ #define TESTFLD(x,f,r,y) ( \ (test_mode == G(G(PCRE,BITONE),_MODE) && G(x,BITONE)->f r (y)) || \ (test_mode == G(G(PCRE,BITTWO),_MODE) && G(x,BITTWO)->f r (y))) - + #endif /* Two out of three modes */ @@ -6169,7 +6168,16 @@ if ((pat_patctl.control & CTL_POSIX) != 0) if (msg[0] == 0) fprintf(outfile, "\n"); if (dat_datctl.oveccount > 0) + { pmatch = (regmatch_t *)malloc(sizeof(regmatch_t) * dat_datctl.oveccount); + if (pmatch == NULL) + { + fprintf(outfile, "** Failed to get memory for recording matching " + "information (size set = %du)\n", dat_datctl.oveccount); + return PR_OK; + } + } + if ((dat_datctl.options & PCRE2_NOTBOL) != 0) eflags |= REG_NOTBOL; if ((dat_datctl.options & PCRE2_NOTEOL) != 0) eflags |= REG_NOTEOL; if ((dat_datctl.options & PCRE2_NOTEMPTY) != 0) eflags |= REG_NOTEMPTY; @@ -6305,6 +6313,14 @@ else PCRE2_MATCH_DATA_CREATE(match_data, max_oveccount, NULL); } +if (CASTVAR(void *, match_data) == NULL) + { + fprintf(outfile, "** Failed to get memory for recording matching " + "information (size requested: %d)\n", dat_datctl.oveccount); + max_oveccount = 0; + return PR_OK; + } + /* Replacement processing is ignored for DFA matching. */ if (dat_datctl.replacement[0] != 0 && (dat_datctl.control & CTL_DFA) != 0) diff --git a/testdata/testinput2 b/testdata/testinput2 index a700d5a..921d83c 100644 --- a/testdata/testinput2 +++ b/testdata/testinput2 @@ -4969,4 +4969,7 @@ a)"xI /(?a)(?b)\g{b}\g{a}\g{a}\g{a}\g{a}(?xx)(?zz)/I,dupnames +// + \=ovector=7777777777 + # End of testinput2 diff --git a/testdata/testoutput2 b/testdata/testoutput2 index ce8c667..9862ea3 100644 --- a/testdata/testoutput2 +++ b/testdata/testoutput2 @@ -15479,6 +15479,10 @@ First code unit = 'a' Last code unit = 'z' Subject length lower bound = 11 +// + \=ovector=7777777777 +** Invalid value in 'ovector=7777777777' + # End of testinput2 Error -63: PCRE2_ERROR_BADDATA (unknown error number) Error -62: bad serialized data