From dafde4441c952f5136ff34f0c12a7633dc6583dd Mon Sep 17 00:00:00 2001 From: simonmar Date: Fri, 2 Dec 2005 12:26:22 +0000 Subject: [PATCH] [project @ 2005-12-02 12:26:22 by simonmar] Apply rev 1.24 from FreeBSD's copy of this file. Commit message from FreeBSD: The algorithm that computes the tables used in the BM search algorithm sometimes access an array beyond it's length. This only happens in the last iteration of a loop, and the value fetched is not used then, so the bug is a relatively innocent one. Fix this by not fetching any value on the last iteration of said loop. Submitted by: MKI This is the cause of bug #1194393 (crash in darcs on Windows). --- cbits/regex/regcomp.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/cbits/regex/regcomp.c b/cbits/regex/regcomp.c index be9fdfa..e58c6d1 100644 --- a/cbits/regex/regcomp.c +++ b/cbits/regex/regcomp.c @@ -2055,7 +2055,8 @@ struct re_guts *g; g->mlen + ssuffix - suffix); suffix++; } - ssuffix = pmatches[ssuffix]; + if (suffix < g->mlen) + ssuffix = pmatches[ssuffix]; } free(pmatches); -- 1.7.10.4