In association with heise online

04 July 2008, 15:35

Buffer overflow in the PCRE regular expression library

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

A vulnerability in the Perl 5 Compatible Regular Expression Library (PCRE) may make it possible for attackers to execute arbitrary malicious code from programs that use the library. According to an entry in the Gentoo bug database, which initially reported the vulnerability, compilation of regular expressions with multiple branches into the bytecode can cause a buffer overflow on the heap. This usually results in the program crashing, but might also be used to inject malicious code.

The PCRE library is widely used in the open source world – it is used extensively in glibc, PHP, Apache, Postfix, Exim4 and the KDE desktop-environment, for instance. A necessary condition for exploiting the vulnerability, however, is that the application compiles regular expressions from user entries. The problem was discovered in PCRE 7.7, but older versions are likely affected as well. There is still no official update.


Print Version | Send by email | Permalink:

  • July's Community Calendar

The H Open

The H Security

The H Developer

The H Internet Toolkit