httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Jeff Trawick <traw...@gmail.com>
Subject Re: svn commit: r239377 - /httpd/httpd/branches/2.0.x/STATUS
Date Sat, 10 Sep 2005 13:22:59 GMT
On 8/23/05, jorton@apache.org <jorton@apache.org> wrote:
> Author: jorton
> Date: Tue Aug 23 01:24:52 2005
> New Revision: 239377
> 
> URL: http://svn.apache.org/viewcvs?rev=239377&view=rev
> Log:
> Propose backport of pcre fix.
> 
> Modified:
>     httpd/httpd/branches/2.0.x/STATUS
> 
> Modified: httpd/httpd/branches/2.0.x/STATUS
> URL: http://svn.apache.org/viewcvs/httpd/httpd/branches/2.0.x/STATUS?rev=239377&r1=239376&r2=239377&view=diff
> ==============================================================================
> --- httpd/httpd/branches/2.0.x/STATUS (original)
> +++ httpd/httpd/branches/2.0.x/STATUS Tue Aug 23 01:24:52 2005
> @@ -216,6 +216,12 @@
>    [ please place SVN revisions from trunk here, so it is easy to
>      identify exactly what the proposed changes are! ]
> 
> +    *) Fix CAN-2005-2491, integer overflow in pcre.
> +         http://svn.apache.org/viewcvs?rev=233493&view=rev
> +       rediff for 2.0: http://people.apache.org/~jorton/CAN-2005-2491.patch
> +       test case: perl-framework/t/security/CAN-2005-2491.t
> +       +1: jorton

BTW, what should I expect to get when I run the 2491.t-type test?

with 2.0.54 and a test extracted from the perl-framework, I see

RewriteRule: cannot compile regular expression 'a{111111111111111111}'
or
RewriteRule: cannot compile regular expression 'a{1,11111111111111111111}'

on Linux/x86.  Is my testing hosed (i.e., should I expect it to segfault)?

Mime
View raw message