abs/core/pcre/01-CVE-2016-1283.patch


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18

Index: pcre_compile.c
===================================================================
--- a/pcre_compile.c	(revision 1635)
+++ b/pcre_compile.c	(revision 1636)
@@ -7311,7 +7311,12 @@
           so far in order to get the number. If the name is not found, leave
           the value of recno as 0 for a forward reference. */
 
-          else
+          /* This patch (removing "else") fixes a problem when a reference is
+          to multiple identically named nested groups from within the nest.
+          Once again, it is not the "proper" fix, and it results in an
+          over-allocation of memory. */
+
+          /* else */
             {
             ng = cd->named_groups;
             for (i = 0; i < cd->names_found; i++, ng++)