Bug#187475: libc6: regcomp triggers an infinite loop when given a particular (bogus) pattern

To: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: Bug#187475: libc6: regcomp triggers an infinite loop when given a particular (bogus) pattern
From: Carl Worth <cworth@isi.edu>
Date: Thu, 03 Apr 2003 12:10:25 -0500
Message-id: <[🔎] E1918EL-0005GK-00@scream.east.isi.edu>
Reply-to: Carl Worth <cworth@isi.edu>, 187475@bugs.debian.org

Package: libc6
Version: 2.3.1-16
Severity: normal
Tags: upstream

regcomp seems to trigger an infinite loop when given a particular pattern.

The following program exercises the bug. When this program is run it
causes a segmentation fault. When examined in gdb the behavior seems
consistent with an infinite loop within re_comp ()

#include <stdio.h>
#include <sys/types.h>
#include <regex.h>

int main(void)
{
    int err;
    regex_t preg;
    const char *regex = "^a*+";

    if (regcomp (&preg, regex, REG_EXTENDED))
        fprintf (stderr, "regcomp (%s) failed with error code: %d\n", regex, err);
    else
        regfree (&preg);

    return 0;
}


-- System Information:
Debian Release: testing/unstable
Architecture: i386
Kernel: Linux scream 2.4.18 #8 Fri Oct 25 10:55:35 EDT 2002 i686
Locale: LANG=C, LC_CTYPE=C

Versions of packages libc6 depends on:
ii  libdb1-compat                 2.1.3-7    The Berkeley database routines [gl

-- no debconf information

Reply to:

Follow-Ups:
- Bug#187475: libc6: regcomp triggers an infinite loop when given a particular (bogus) pattern
  - From: GOTO Masanori <gotom@debian.or.jp>

Prev by Date: Bug#187469: libc6.1: gnome-system-log crashes in malloc.c
Next by Date: Bug#187469: libc6.1: gnome-system-log crashes in malloc.c
Previous by thread: Processed: Re: Bug#187469: libc6.1: gnome-system-log crashes in malloc.c
Next by thread: Bug#187475: libc6: regcomp triggers an infinite loop when given a particular (bogus) pattern
Index(es):
- Date
- Thread