mirror/mariadb
1
0
Fork 0
mirror of https://github.com/MariaDB/server.git synced 2025-01-31 02:51:44 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions
mariadb/regex
History
Shishir Jaiswal 957aefdc8f Bug#23498283 - BUFFER OVERFLOW 
DESCRIPTION
===========
Buffer overflow is reported in Regex library. This can be
triggered when the data corresponding to argv[1] is >=
512 bytes resutling in abnormal behaviour.

ANALYSIS
========
Its a straight forward case of SEGFAULT where the target
buffer is smaller than the source string to be copied.
A simple pre-copy validation should do.

FIX
===
A check is added before doing strcpy() to ensure that the
target buffer is big enough to hold the to-be copied data.
If the check fails, the program aborts.
2016-06-17 10:11:33 +05:30
..
cclass.h regexp worked only with the default character set. 2003-09-24 13:57:26 +05:00
CHANGES Import changeset 2000-07-31 21:29:14 +02:00
CMakeLists.txt Updated/added copyright headers 2011-06-30 17:37:13 +02:00
cname.h Query cache. 2001-12-02 14:34:01 +02:00
COPYRIGHT Import changeset 2000-07-31 21:29:14 +02:00
debug.c Many files: 2005-09-29 02:08:24 +02:00
debug.ih Many files: 2005-09-29 02:08:24 +02:00
engine.c Bug#45288: pb2 returns a lot of compilation warnings on linux 2010-07-20 15:07:36 -03:00
engine.ih Many files: 2005-09-29 02:08:24 +02:00
main.c Bug#21973610: BUFFER OVERFLOW ISSUES 2015-11-06 16:41:55 +05:30
main.ih Many files: 2005-09-29 02:08:24 +02:00
my_regex.h BUG#14303860 - EXECUTING A SELECT QUERY WITH TOO 2013-01-14 14:59:48 +05:30
README Import changeset 2000-07-31 21:29:14 +02:00
regcomp.c Bug#20642505: HENRY SPENCER REGULAR EXPRESSIONS (REGEX) LIBRARY 2015-05-18 08:09:02 +01:00
regcomp.ih WL#5498: Remove dead and unused source code 2010-07-23 17:09:27 -03:00
regerror.c Many files: 2005-09-29 02:08:24 +02:00
regerror.ih Many files: 2005-09-29 02:08:24 +02:00
regex.3 Import changeset 2000-07-31 21:29:14 +02:00
regex.7 Import changeset 2000-07-31 21:29:14 +02:00
regex2.h WL#5161 : Cross-platform build with CMake 2009-11-09 12:32:48 +01:00
regexec.c Bug#58057: 5.1 libmysql/libmysql.c unused variable/compile failure 2010-11-10 19:14:47 -02:00
regexp.c Changed to use my_global.h 2001-09-14 02:54:33 +03:00
regfree.c Many files: 2005-09-29 02:08:24 +02:00
reginit.c Fixed bug#58026 - massive recursion and crash in regular expression 2011-02-04 10:47:46 +06:00
split.c Bug#23498283 - BUFFER OVERFLOW 2016-06-17 10:11:33 +05:30
tests Import changeset 2000-07-31 21:29:14 +02:00
utils.h Import changeset 2000-07-31 21:29:14 +02:00
WHATSNEW Import changeset 2000-07-31 21:29:14 +02:00

README 

alpha3.4 release.
Thu Mar 17 23:17:18 EST 1994
henry@zoo.toronto.edu

See WHATSNEW for change listing.

installation notes:
--------
Read the comments at the beginning of Makefile before running.

Utils.h contains some things that just might have to be modified on
some systems, as well as a nested include (ugh) of <assert.h>.

The "fake" directory contains quick-and-dirty fakes for some header
files and routines that old systems may not have.  Note also that
-DUSEBCOPY will make utils.h substitute bcopy() for memmove().

After that, "make r" will build regcomp.o, regexec.o, regfree.o,
and regerror.o (the actual routines), bundle them together into a test
program, and run regression tests on them.  No output is good output.

"make lib" builds just the .o files for the actual routines (when
you're happy with testing and have adjusted CFLAGS for production),
and puts them together into libregex.a.  You can pick up either the
library or *.o ("make lib" makes sure there are no other .o files left
around to confuse things).

Main.c, debug.c, split.c are used for regression testing but are not part
of the RE routines themselves.

Regex.h goes in /usr/include.  All other .h files are internal only.
--------