1From 13ad4296ea8ba66f5620288b2fd06315852e73ae Mon Sep 17 00:00:00 2001 2From: =?UTF-8?q?Marco=20Trevisan=20=28Trevi=C3=B1o=29?= <mail@3v1n0.net> 3Date: Tue, 6 Sep 2022 17:20:45 +0200 4Subject: [PATCH] gregex: Fix a potential PCRE2 code leak on reallocation 5 failures 6 7In case recalc_match_offsets() failed we were just returning, but in 8such case, per the documentation we should still set the match_info (if 9provided) and free the pcre2 code instance. 10 11So let's just break the loop we're in it, as if we we've no matches set. 12This also avoids re-allocating the offsets array and potentially 13accessing to unset data. 14--- 15 glib/gregex.c | 12 +++++------- 16 1 file changed, 5 insertions(+), 7 deletions(-) 17 18diff --git a/glib/gregex.c b/glib/gregex.c 19index f2a5b5fd1c..6f3ee88122 100644 20--- a/glib/gregex.c 21+++ b/glib/gregex.c 22@@ -2337,13 +2337,6 @@ g_regex_match_all_full (const GRegex *regex, 23 info->match_data, 24 info->match_context, 25 info->workspace, info->n_workspace); 26- 27- if (!recalc_match_offsets (info, error)) 28- { 29- g_match_info_free (info); 30- return FALSE; 31- } 32- 33 if (info->matches == PCRE2_ERROR_DFA_WSSIZE) 34 { 35 /* info->workspace is too small. */ 36@@ -2370,6 +2363,11 @@ g_regex_match_all_full (const GRegex *regex, 37 _("Error while matching regular expression %s: %s"), 38 regex->pattern, match_error (info->matches)); 39 } 40+ else if (info->matches > 0) 41+ { 42+ if (!recalc_match_offsets (info, error)) 43+ info->matches = PCRE2_ERROR_NOMATCH; 44+ } 45 } 46 47 pcre2_code_free (pcre_re); 48-- 49GitLab 50 51