oss-sec mailing list archives
Re: two vulns in uClibc-0.9.33.2
From: Jakub Wilk <jwilk () jwilk net>
Date: Sat, 17 Jun 2017 18:24:23 +0200
* Simon McVittie <smcv () debian org>, 2017-06-17, 13:27:
The two standardized POSIX dialects implemented by Unix C libraries (basic regexes as used in grep and sed, and extended regexes as used in grep -E and sed -E) aren't fully compatible with the Perl syntax: for example \s matches the letter s in BREs or EREs,
Actually POSIX says outside a bracket expression, \s is undefined. (But in the GNU libc regcomp() implementation, it matches a whitespace character.)
Inside a bracket expression \s is meant literally, i.e. it matches either a backslash or a letter "s".
but matches any whitespace character in the Perl-derived dialects. This makes the POSIX regex functions not particularly useful for implementors of a JavaScript runtime.
Right. -- Jakub Wilk
Current thread:
- Re: two vulns in uClibc-0.9.33.2, (continued)
- Re: two vulns in uClibc-0.9.33.2 Andrej Nemec (Jun 15)
- Re: two vulns in uClibc-0.9.33.2 Zach W (Jun 16)
- Re: two vulns in uClibc-0.9.33.2 Peter Korsgaard (Jun 16)
- Re: two vulns in uClibc-0.9.33.2 Seth Arnold (Jun 16)
- Re: two vulns in uClibc-0.9.33.2 Kurt Seifried (Jun 16)
- Re: two vulns in uClibc-0.9.33.2 Michal Zalewski (Jun 16)
- Re: two vulns in uClibc-0.9.33.2 Bob Friesenhahn (Jun 16)
- Re: two vulns in uClibc-0.9.33.2 Florian Weimer (Jun 17)
- Re: two vulns in uClibc-0.9.33.2 Michal Zalewski (Jun 17)
- Re: two vulns in uClibc-0.9.33.2 Simon McVittie (Jun 17)
- Re: two vulns in uClibc-0.9.33.2 Jakub Wilk (Jun 17)
- Re: two vulns in uClibc-0.9.33.2 Waldemar Brodkorb (Jun 23)
- re: two vulns in uClibc-0.9.33.2 fefe (Jun 26)