pcre: match() stack overflow (CVE-2017-16231)
In PCRE 8.41, after compiling, a pcretest load test PoC produces a crash
overflow
in the function match() in pcre_exec.c because of a self-recursive
call.
References:
http://openwall.com/lists/oss-security/2017/11/01/3
http://seclists.org/oss-sec/2017/q4/164
(from redmine: issue id 8138, created on 2017-11-14, closed on 2017-12-07)
- Relations:
- child #8139 (closed)
- child #8140 (closed)
- child #8141 (closed)
- child #8142 (closed)
- child #8143 (closed)