You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@httpd.apache.org by Eric Covener <co...@gmail.com> on 2008/03/04 15:50:26 UTC

PCRE CVE in 2.2.x/trunk

PCRE vuln CVE-2006-7225 applies to the bundled PCRE v5 in 2.2.x and trunk.
     http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-7225

PCRE 6.7 ChangeLog:

18. A valid (though odd) pattern that looked like a POSIX character
    class but used an invalid character after [ (for example [[,abc,]]) caused
    pcre_compile() to give the error "Failed: internal error: code overflow" or
    in some cases to crash with a glibc free() error. This could even happen if
    the pattern terminated after [[ but there just happened to be a sequence of
    letters, a binary zero, and a closing ] in the memory that followed.

Based on the type of malformed expressions that trigger the bug, I
think it's extremely unlikely that an _httpd_ administrator would
stumble upon an affected expression, but it is a straightforward fix.

IMO while this puts it into the class of issues that require untrusted
users modifying the configuration, it does carry a small asterisk
because a trusted user could conceivably stumble upon it by accident
(and end up with memory corruption or crash instead of an unmatchable
RewriteRule)

-- 
Eric Covener
covener@gmail.com