boostorg/regex
1
0
Fork 1
mirror of https://github.com/boostorg/regex.git synced 2025-07-17 22:32:09 +02:00
Code Issues Packages Projects Releases Wiki Activity

Fix for numeric overflow found during fuzzing.

Browse Source
This commit is contained in:
jzmaddock
2022-04-06 17:52:09 +01:00
parent 7898582330
commit ae7819ddb1
1 changed files with 2 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
include/boost/regex/v5/basic_regex_creator.hpp
View File

@ -1019,6 +1019,8 @@ int basic_regex_creator<charT, traits>::calculate_backstep(re_syntax_base* state
{ {
if(rep->max != rep->min) if(rep->max != rep->min)
return -1; return -1;
if (static_cast<std::size_t>((std::numeric_limits<int>::max)() - result) < rep->min)
return -1; // protection against overflow, we can't calculate a backstep in this case and the expression is probably ill-formed.
result += static_cast<int>(rep->min); result += static_cast<int>(rep->min);
state = rep->alt.p; state = rep->alt.p;
continue; continue;