glibc: backport fix for regexec buffer read overrun
authorAlin Nastac <alin.nastac@gmail.com>
Thu, 21 Nov 2019 13:06:18 +0000 (14:06 +0100)
committerHans Dedecker <dedeckeh@gmail.com>
Sat, 14 Dec 2019 13:06:22 +0000 (14:06 +0100)
commita50c2190d31d2d95755d55183e9f420dc0a82869
tree6c072ef6aecd0bef03d442c49099032762ac0640
parent929c6d733a05a8dd137de13b026812d13476181a
glibc: backport fix for regexec buffer read overrun

Problem found by AddressSanitizer[1]:

 Latest `grep` (git commit 1019e6e) compiled with asan may cause a
 heap-buffer-overflow when `-i` is specified.

     ./grep -i '\(\(\)*.\)*\(\)\(\)\1' /bin/chvt

 =================================================================
 ==16206==ERROR: AddressSanitizer: heap-buffer-overflow on address

1. https://debbugs.gnu.org/34140

Ref: https://sourceware.org/bugzilla/show_bug.cgi?id=24114
Signed-off-by: Alin Nastac <alin.nastac@gmail.com>
[commit title and description facelift]
Signed-off-by: Petr Štetiar <ynezz@true.cz>
toolchain/glibc/patches/001-regex-read-overrun.patch [new file with mode: 0644]