From 0885dc7854ee4e940ad2d174de283c4fd305a468 Mon Sep 17 00:00:00 2001 From: ph10 Date: Thu, 16 Jul 2015 16:15:52 +0000 Subject: [PATCH] Added credit for finding a bug. --- ChangeLog | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/ChangeLog b/ChangeLog index f6d4414..c13a786 100644 --- a/ChangeLog +++ b/ChangeLog @@ -22,8 +22,9 @@ an opening parenthesis. /((?x)(*:0))#(?'/. Specifically: if a setting of (?x) was followed by a (*MARK) setting (which (*:0) is), then (?x) did not get unset at the end of its group during the scan for named groups, and hence the external # was incorrectly -treated as a comment and the invalid (?' at the end of the pattern was not -diagnosed. This caused a buffer overflow during the real compile. +treated as a comment and the invalid (?' at the end of the pattern was not +diagnosed. This caused a buffer overflow during the real compile. This bug was +discovered by Karl Skomski with the LLVM fuzzer. 7. Moved the pcre2_find_bracket() function from src/pcre2_compile.c into its own source module to avoid a circular dependency between src/pcre2_compile.c