github-repos/wget
1
0
Fork 0
mirror of https://github.com/mirror/wget.git synced 2025-01-07 02:40:55 +08:00
Code Issues Packages Projects Releases Wiki Activity

* src/utils.c (compile_posix_regex): Hard-code string to regcomp

Browse Source 
regcomp() may be too cpu + memory intensive for fuzzing.
See https://sourceware.org/glibc/wiki/Security%20Exceptions
This commit is contained in:
Tim Rühsen 2018-04-16 22:04:50 +02:00
parent e737c4b10e
commit 64758655c4
1 changed files with 5 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
src/utils.c
View File

@ -2444,6 +2444,11 @@ void *
compile_posix_regex (const char *str) compile_posix_regex (const char *str)
{ {
regex_t *regex = xmalloc (sizeof (regex_t)); regex_t *regex = xmalloc (sizeof (regex_t));
#ifdef TESTING
/* regcomp might be *very* cpu+memory intensive,
* see https://sourceware.org/glibc/wiki/Security%20Exceptions */
str = "a";
#endif
int errcode = regcomp ((regex_t *) regex, str, REG_EXTENDED | REG_NOSUB); int errcode = regcomp ((regex_t *) regex, str, REG_EXTENDED | REG_NOSUB);
if (errcode != 0) if (errcode != 0)
{ {