[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#397174: apache2: logic error in source file "pcre.c"

Package: apache2
Version: 2.2.3-3
Severity: normal


recently I came across the following bit of code in the source file
apache2-2.2.3/srclib/pcre/pcre.c (function compile_branch, around line

        /* Condition to test for a numbered subpattern match. We know that
        if a digit follows ( then there will just be digits until ) because
        the syntax was checked in the first pass. */

        else if ((digitab[ptr[1]] && ctype_digit) != 0)

This is a programming error.  The test for digits works by taking the
bitwise (not logical) and between the corresponding entry in 'digitab'
and the mask 'ctype_digit'.  The if test should use '&' instead of

I did not check what the implications of this error are (false
positves could occur if 'ptr[1]' is a hex digit, but these might be
caught earlier in the syntax check?), but probably this should be
fixed anyway.

I hope this helps,

-- System Information:
Debian Release: 4.0
  APT prefers unstable
  APT policy: (500, 'unstable')
Architecture: i386 (i686)
Shell:  /bin/sh linked to /bin/bash
Kernel: Linux
Locale: LANG=en_GB.iso885915, LC_CTYPE=en_GB.iso885915 (charmap=ISO-8859-15)

Reply to: