This is a live mirror of the Perl 5 development currently hosted at https://github.com/perl/perl5
regcomp.c: Prevent integer overflow from nested regex quantifiers.
authorJohn Lightsey <jd@cpanel.net>
Thu, 21 Nov 2019 02:02:45 +0000 (20:02 -0600)
committerSteve Hay <steve.m.hay@googlemail.com>
Mon, 1 Jun 2020 19:35:51 +0000 (20:35 +0100)
commit0e9563b9242a5758c6ce11daf8385b3753e9ed9c
treed3358c9fd77ac66e140da27470fdf1a38b330a40
parent4b4b1fbd0d43429c43d5de8857f3266daba1dd66
regcomp.c: Prevent integer overflow from nested regex quantifiers.

(CVE-2020-10543) On 32bit systems the size calculations for nested regular
expression quantifiers could overflow causing heap memory corruption.

Fixes: Perl/perl5-security#125
(cherry picked from commit 670c54b00a47d930431dd470e72fd7d13643e169)
regcomp.c