oss-sec mailing list archives
re2c: infinite loop
From: Agostino Sarubbo <ago () gentoo org>
Date: Mon, 27 Apr 2020 13:07:00 +0200
Hello all, re2c is affected by an infinite loop. It was initially discovered by Sergei Trofimovich (slyfox) and reported by me privately to upstream. The upstream reference is at: https://github.com/skvadrik/re2c/issues/219 There is no CVE assigned. Here is the additional upstream comment: I fixed enough recursive functions to make the ASAN-instrumented re2c pass on this file (but that doesn't fully fix #219, as some other recursive functions still need rewriting, work in progress). This is the list of fixes: fd634998f813340768c333cdad638498602856e5 Rewrite recursion into iteration (Tarjan's SCC algorithm and YYFILL states). 637d4e468835690eac102aba83535dfd26afbbdb Rewrite recursion into iteration (paths for -Wundefined-control-flow). e3e43bcbb746dd6692f2d60ed1fa2e26c8cbe987 Rewrite recursion into iteration (skeleton max path length computation). f39b522cd40d04e80b77db926ce2d7d766954852 Rewrite recursion into iteration (insertion of negative tags in RE). They will appear in the next release, re2c-2.0. Agostino
Current thread:
- re2c: infinite loop Agostino Sarubbo (Apr 27)
- Re: re2c: infinite loop Agostino Sarubbo (May 14)