Re: regex_internal: uninitialized memory access (long)

2018-08-25 Thread Paul Eggert
Assaf Gordon wrote: Thanks for the quick fix and explanation. The patch works for me. Thanks for checking. I installed the fix into glibc and propagated it into Gnulib.

Re: regex_internal: uninitialized memory access (long)

2018-08-25 Thread Assaf Gordon
Hi, On 25/08/18 01:46 AM, Paul Eggert wrote: Please try the attached gnulib patch, which should fix the problem in a portable way. Modern GCC optimizes the clear code just as well as the confusing code, so we might as well write it clearly. Thanks for the quick fix and explanation. The patch

Re: regex_internal: uninitialized memory access (long)

2018-08-25 Thread Paul Eggert
Thanks for tracking this bug down. I introduced the bug in 2006 when I noticed that the expression '(size_t) (mbclen + 2) > 2' can have undefined behavior on (admittedly unlikely) platforms where size_t is one bit narrower than int. (Such platforms have existed in the past - I even worked for a

Re: regex_internal: uninitialized memory access (long)

2018-08-24 Thread Assaf Gordon
Hello, On 13/08/18 03:51 PM, Assaf Gordon wrote: I suspect there is an uninitialized memory access deep inside regex_internal.c under very particular circumstances. (continuation of https://lists.gnu.org/r/bug-gnulib/2018-08/msg00071.html ) I've pin-pointed the change that causes the segfault

regex_internal: uninitialized memory access (long)

2018-08-13 Thread Assaf Gordon
Hello all, I suspect there is an uninitialized memory access deep inside regex_internal.c under very particular circumstances. This was first reported by "project-repo " as part of his fuzzing efforts, here: https://lists.gnu.org/r/sed-devel/2018-08/msg00017.html I've been able to pinpoint the