Bug#397174: apache2: logic error in source file "pcre.c"
Package: apache2
Version: 2.2.3-3
Severity: normal
Hello,
recently I came across the following bit of code in the source file
apache2-2.2.3/srclib/pcre/pcre.c (function compile_branch, around line
3366):
/* Condition to test for a numbered subpattern match. We know that
if a digit follows ( then there will just be digits until ) because
the syntax was checked in the first pass. */
else if ((digitab[ptr[1]] && ctype_digit) != 0)
...
This is a programming error. The test for digits works by taking the
bitwise (not logical) and between the corresponding entry in 'digitab'
and the mask 'ctype_digit'. The if test should use '&' instead of
'&&'.
I did not check what the implications of this error are (false
positves could occur if 'ptr[1]' is a hex digit, but these might be
caught earlier in the syntax check?), but probably this should be
fixed anyway.
I hope this helps,
Jochen
-- System Information:
Debian Release: 4.0
APT prefers unstable
APT policy: (500, 'unstable')
Architecture: i386 (i686)
Shell: /bin/sh linked to /bin/bash
Kernel: Linux 2.6.18.1
Locale: LANG=en_GB.iso885915, LC_CTYPE=en_GB.iso885915 (charmap=ISO-8859-15)
Reply to: