mirrors/cpython
1
0
Fork 0
mirror of https://github.com/python/cpython.git synced 2025-08-03 16:39:00 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 8

Issue #9669: Protect re against infinite loops on zero-width matching in

Browse source 
non-greedy repeat.  Patch by Matthew Barnett.
This commit is contained in:
Serhiy Storchaka 2013-02-16 21:25:05 +02:00
commit b0c75a7dec
3 changed files with 19 additions and 2 deletions
Download patch file Download diff file Expand all files Collapse all files

9
Modules/_sre.c
View file

@ -1272,13 +1272,18 @@ entrance:
LASTMARK_RESTORE();
if (ctx->count >= ctx->u.rep->pattern[2]
&& ctx->u.rep->pattern[2] != SRE_MAXREPEAT)
if ((ctx->count >= ctx->u.rep->pattern[2]
&& ctx->u.rep->pattern[2] != SRE_MAXREPEAT) ||
state->ptr == ctx->u.rep->last_ptr)
RETURN_FAILURE;
ctx->u.rep->count = ctx->count;
/* zero-width match protection */
DATA_PUSH(&ctx->u.rep->last_ptr);
ctx->u.rep->last_ptr = state->ptr;
DO_JUMP(JUMP_MIN_UNTIL_3,jump_min_until_3,
ctx->u.rep->pattern+3);
DATA_POP(&ctx->u.rep->last_ptr);
if (ret) {
RETURN_ON_ERROR(ret);
RETURN_SUCCESS;