Bug#175529: Broken regexps
I don't believe the '^( *)*' regexp failing in Mutt is anything Mutt is
doing wrong. The attached C program (takes a pattern and compiles it; almost
cut&pasted out of the regcomp manpage) segfaults when passing the above
regexp:
$ ./regtest "^( *)*"
Segmentation fault
Taking a peek with gdb shows (seemingly) infinite recursion. Now, I don't
think the pattern is strictly legal; Perl's regex engine swallows it, but
Python's (both the old pcre based engine and the 'new' one) do not. Earlier
versions of glibc do compile this pattern fine, and use the compiled regex,
as does FreeBSD's libc. But even if the pattern is illegal, regcomp() should
return an error code (probably REG_BADRPT) and not segfault.
It seems an upstream bug to me (but I haven't checked with anything newer
than current unstable's libc.)
--
Thomas Wouters <thomas@xs4all.net>
Hi! I'm a .signature virus! copy me into your .signature file to help me spread!
#include <stdlib.h>
#include <stdio.h>
#include <sys/types.h>
#include <regex.h>
int main(int argc, char ** argv)
{
regex_t preg;
if (argc < 2) {
fprintf(stderr, "Not enough arguments.\n");
exit(-1);
}
exit(regcomp(&preg, argv[1], REG_EXTENDED));
}
Reply to: