--- Begin Message ---
Package: libc6-dev
Version: 2.17-97
Severity: important
-- System Information:
Debian Release: jessie/sid
APT prefers testing
APT policy: (500, 'testing')
Architecture: amd64 (x86_64)
Foreign Architectures: i386
Kernel: Linux 3.12-1-amd64 (SMP w/8 CPU cores)
Locale: LANG=en_US.utf8, LC_CTYPE=en_US.utf8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Versions of packages libc6-dev depends on:
ii libc-dev-bin 2.17-97
ii libc6 2.17-97
ii linux-libc-dev 3.12.9-1
Versions of packages libc6-dev recommends:
ii gcc [c-compiler] 4:4.8.2-2
ii gcc-4.4 [c-compiler] 4.4.7-7
ii gcc-4.6 [c-compiler] 4.6.4-5
ii gcc-4.7 [c-compiler] 4.7.3-10
ii gcc-4.8 [c-compiler] 4.8.2-16
Versions of packages libc6-dev suggests:
pn glibc-doc <none>
ii manpages-dev 3.58-1
-- no debconf information
compiling the and executeing the followning causes a segfault.
compiled with "gcc-4.8 -Wall -g -std=c99 -o test main.c"
escaping the '.' with '\\.' (in regex) reduces the problem but it still exists in form of a crash on the last "non existent match"
reusing the compiled regex crashes with regexec causes the crash.
regfree and recompile evrytime works but is slow and should not be needed.
#include <stdlib.h>
#include <stdio.h>
#include <string.h>
#include <regex.h>
#include <sys/types.h>
#include <inttypes.h>
#define MAXIPS 512
const char* const line = "132.32.1.34:6643 132.32.1.34:6643 255.255.255.255:6643 fffff";
typedef struct {
union {
int32_t ipaddr;
uint8_t ip[4];
};
uint16_t port;
} ip4nport_t;
void print_regerror (int errcode, regex_t *compiled) {
size_t length = regerror (errcode, compiled, (char*)NULL, 0);
char *buffer = (char*)malloc(length);
(void) regerror(errcode, compiled, buffer, length);
fprintf(stderr,"%s",buffer);
free(buffer);
}
int main() {
regmatch_t match[32];
ip4nport_t proxys[MAXIPS];
int proxyindex=0;
regex_t regexip;
int error=0;
memset(match,0,sizeof(regmatch_t)*32);
if ((error=regcomp(®exip,"((2[0-5][0-5])|(1{0,1}[0-9]{1,2})).((2[0-5][0-5])|(1{0,1}[0-9]{1,2})).((2[0-5][0-5])|(1{0,1}[0-9]{1,2})).((2[0-5][0-5])|(1{0,1}[0-9]{1,2})):((6[0-5][0-5][0-3][0-5])|([12345]{0,1}[0-9]{1,4}))",REG_EXTENDED))) {
print_regerror(error,®exip);
return 1;
}
printf("subs: %"PRIu64"\n",regexip.re_nsub);
const char* ptr = line;
for (int ok=1; ok;) {
ok = 0;
printf("in:%s\n",ptr);
error=regexec(®exip,ptr,1,match,REG_NOTBOL|REG_NOTEOL);
printf("err:%d\n",error);
//regfree(®exip);
if (!(error)) {
ok=1;
if (MAXIPS<=proxyindex) {printf("max proxys\n"); continue;}
char tmp[12];
memset(tmp,0,12);
memcpy(tmp, ptr + match[0].rm_so, match[0].rm_eo - match[0].rm_so);
sscanf(tmp,"%"SCNu8".%"SCNu8".%"SCNu8".%"SCNu8":%"SCNu16,&(proxys[proxyindex].ip[0]),&(proxys[proxyindex].ip[1]),&(proxys[proxyindex].ip[2]),&(proxys[proxyindex].ip[3]),&(proxys[proxyindex].port));
printf("%"PRIu8".%"PRIu8".%"PRIu8".%"PRIu8":%"PRIu16"\n",proxys[proxyindex].ip[0],proxys[proxyindex].ip[1],proxys[proxyindex].ip[2],proxys[proxyindex].ip[3],proxys[proxyindex].port);
ptr += match[0].rm_eo;
++proxyindex;
/*if ((error=regcomp(®exip,"((2[0-5][0-5])|(1{0,1}[0-9]{1,2})).((2[0-5][0-5])|(1{0,1}[0-9]{1,2})).((2[0-5][0-5])|(1{0,1}[0-9]{1,2})).((2[0-5][0-5])|(1{0,1}[0-9]{1,2})):((6[0-5][0-5][0-3][0-5])|([12345]{0,1}[0-9]{1,4}))",REG_EXTENDED))) {
print_regerror(error,®exip);
}*/
} else {
printf("no match\n");
}
}
return 0;
}
--- End Message ---
--- Begin Message ---
On Wed, Feb 26, 2014 at 02:58:25AM +0100, Kalu wrote:
> Package: libc6-dev
> Version: 2.17-97
> Severity: important
>
>
>
> -- System Information:
> Debian Release: jessie/sid
> APT prefers testing
> APT policy: (500, 'testing')
> Architecture: amd64 (x86_64)
> Foreign Architectures: i386
>
> Kernel: Linux 3.12-1-amd64 (SMP w/8 CPU cores)
> Locale: LANG=en_US.utf8, LC_CTYPE=en_US.utf8 (charmap=UTF-8)
> Shell: /bin/sh linked to /bin/dash
>
> Versions of packages libc6-dev depends on:
> ii libc-dev-bin 2.17-97
> ii libc6 2.17-97
> ii linux-libc-dev 3.12.9-1
>
> Versions of packages libc6-dev recommends:
> ii gcc [c-compiler] 4:4.8.2-2
> ii gcc-4.4 [c-compiler] 4.4.7-7
> ii gcc-4.6 [c-compiler] 4.6.4-5
> ii gcc-4.7 [c-compiler] 4.7.3-10
> ii gcc-4.8 [c-compiler] 4.8.2-16
>
> Versions of packages libc6-dev suggests:
> pn glibc-doc <none>
> ii manpages-dev 3.58-1
>
> -- no debconf information
>
> compiling the and executeing the followning causes a segfault.
> compiled with "gcc-4.8 -Wall -g -std=c99 -o test main.c"
> escaping the '.' with '\\.' (in regex) reduces the problem but it still exists in form of a crash on the last "non existent match"
> reusing the compiled regex crashes with regexec causes the crash.
> regfree and recompile evrytime works but is slow and should not be needed.
>
> #include <stdlib.h>
> #include <stdio.h>
> #include <string.h>
> #include <regex.h>
> #include <sys/types.h>
> #include <inttypes.h>
>
> #define MAXIPS 512
>
> const char* const line = "132.32.1.34:6643 132.32.1.34:6643 255.255.255.255:6643 fffff";
>
> typedef struct {
> union {
> int32_t ipaddr;
> uint8_t ip[4];
> };
> uint16_t port;
> } ip4nport_t;
>
> void print_regerror (int errcode, regex_t *compiled) {
> size_t length = regerror (errcode, compiled, (char*)NULL, 0);
> char *buffer = (char*)malloc(length);
> (void) regerror(errcode, compiled, buffer, length);
> fprintf(stderr,"%s",buffer);
> free(buffer);
> }
>
> int main() {
> regmatch_t match[32];
> ip4nport_t proxys[MAXIPS];
> int proxyindex=0;
> regex_t regexip;
> int error=0;
>
> memset(match,0,sizeof(regmatch_t)*32);
>
>
> if ((error=regcomp(®exip,"((2[0-5][0-5])|(1{0,1}[0-9]{1,2})).((2[0-5][0-5])|(1{0,1}[0-9]{1,2})).((2[0-5][0-5])|(1{0,1}[0-9]{1,2})).((2[0-5][0-5])|(1{0,1}[0-9]{1,2})):((6[0-5][0-5][0-3][0-5])|([12345]{0,1}[0-9]{1,4}))",REG_EXTENDED))) {
> print_regerror(error,®exip);
> return 1;
> }
>
> printf("subs: %"PRIu64"\n",regexip.re_nsub);
> const char* ptr = line;
> for (int ok=1; ok;) {
> ok = 0;
> printf("in:%s\n",ptr);
> error=regexec(®exip,ptr,1,match,REG_NOTBOL|REG_NOTEOL);
> printf("err:%d\n",error);
> //regfree(®exip);
> if (!(error)) {
> ok=1;
> if (MAXIPS<=proxyindex) {printf("max proxys\n"); continue;}
> char tmp[12];
> memset(tmp,0,12);
You create a temporary buffer of 12 bytes.
> memcpy(tmp, ptr + match[0].rm_so, match[0].rm_eo - match[0].rm_so);
But copy up to 20 bytes in it (for "255.255.255.255:6643")
Closing the bug as invalid.
--
Aurelien Jarno GPG: 1024D/F1BCDB73
aurelien@aurel32.net http://www.aurel32.net
--- End Message ---