Re: Report 4 different bugs discoverd in gawk

bug-gawk

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Report 4 different bugs discoverd in gawk

From:	Paul Eggert
Subject:	Re: Report 4 different bugs discoverd in gawk
Date:	Tue, 2 Aug 2022 09:14:27 -0700
User-agent:	Mozilla/5.0 (X11; Linux x86_64; rv:91.0) Gecko/20100101 Thunderbird/91.11.0

On 8/2/22 07:20, arnold@skeeve.com wrote:

Three of these four bugs are in files that come from GNULIB, I simply copy
them from there.  Please resend those three reports directly to
bug-gnulib@gnu.org.

I will work on the fourth one in gawk's builtin.c.

The Gnulib bugs are known issues with regular expressions, and the usualresponse to this sort of bug is "don't do that", i.e., regularexpressions should not be under the control of the attacker.

While looking into this I found several places in builtin.c whereinteger overflow can mess up 'awk' due to sizes being miscalculated orwhatever. I expect the problems are also in the "don't do that" categorybut if you'd like me to look into this further please let me know.

[Prev in Thread]

Current Thread

[Next in Thread]

Report 4 different bugs discoverd in gawk, YU Jiongchi, 2022/08/02
- Re: Report 4 different bugs discoverd in gawk, arnold, 2022/08/02
  - Re: Report 4 different bugs discoverd in gawk, Paul Eggert <=
    - Re: Report 4 different bugs discoverd in gawk, arnold, 2022/08/02
    - Re: Report 4 different bugs discoverd in gawk, Paul Eggert, 2022/08/10
  - Re: Report 4 different bugs discoverd in gawk, YU Jiongchi, 2022/08/03

Prev by Date: Re: Report 4 different bugs discoverd in gawk
Next by Date: Re: Report 4 different bugs discoverd in gawk
Previous by thread: Re: Report 4 different bugs discoverd in gawk
Next by thread: Re: Report 4 different bugs discoverd in gawk
Index(es):
- Date
- Thread