isa/sudo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Limit regular expressions to 1024 characters each.

Browse Source 
Avoids a problem with the fuzzer creating large regular expressions
that blow up the glibc regcomp().
This commit is contained in:
Todd C. Miller
2022-02-12 09:33:02 -07:00
parent 63b2a62f8a
commit 33f54c853b
6 changed files with 26 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
lib/util/regex.c
View File

@@ -98,6 +98,12 @@ sudo_regex_compile_v1(void *v, const char *pattern, const char **errstr)
/* Some callers just want to check the validity of the pattern. */
preg = v ? v : &rebuf;
/* Limit the length of regular expressions to avoid fuzzer issues. */
if (strlen(pattern) > 1024) {
*errstr = N_("regular expression too large");
debug_return_bool(false);
}
/* Check for (?i) to enable case-insensitive matching. */
cp = pattern[0] == '^' ? pattern + 1 : pattern;
if (strncmp(cp, "(?i)", 4) == 0) {