grajagandev (David Moore)
- Login: grajagandev
- Registered on: 04/25/2016
- Last sign in: 06/07/2016
Issues
| open | closed | Total | |
|---|---|---|---|
| Assigned issues | 0 | 0 | 0 |
| Reported issues | 0 | 5 | 5 |
Activity
06/02/2016
-
03:51 PM Ruby Bug #12454: Regexp: Segfault due to Invalid Read in regcomp.c : add_char_opt_map_info
- Here is a simpler case - it is an ascii only, valid regular expression according to grep:
~~~
# cat bug-12454-ascii
((?<V>0(00*)(\0>))00*00*00*$00*)(\g<0>)00*00*00*
# xxd bug-12454-ascii
0000000: 2828 3f3c 563e 3028 3030 2a29 2... -
- A crafted regular expression will cause a segmentation fault due to an invalid one byte read on 32-bit Ubuntu 14.04. The interesting part of the regular expression is: '\g\<0>' which is a recursive reference to the 0th sub-pattern.
~~...
05/24/2016
-
- A crafted regular expression will cause a heap buffer overflow leading to invalid 4 byte reads/writes on 32-bit Ubuntu 14.04. The regular expression fails to close a character class and has an octal zero as the first character in the cha...
-
- A crafted regular expression will cause an invalid 4 byte read on 32-bit Ubuntu 14.04. The regular expression fails to close a character class and has an octal space as the first character in the character class.
~~~
grajagandev# ca...
05/23/2016
-
- A crafted regular expression will cause an invalid 4 byte read on 32-bit Ubuntu 14.04. The regular expression has several errors – this bug occurs during the process of creating the OnigErrorInfo structure and appears to be an encoding i...
05/18/2016
-
- A heap buffer overflow occurs when marshal loading (un-marshaling) crafted data on 32-bit Ubuntu 14.04.
It appears that a string length indicated by the marshaled data of 0x7fffffff triggers the overflow. It causes ruby to expect an...