touch-packages team mailing list archive

Thread
Date

[Bug 1521043] Re: less 458 crashes if search regex has many groups

To: touch-packages@xxxxxxxxxxxxxxxxxxx
From: Launchpad Bug Tracker <1521043@xxxxxxxxxxxxxxxxxx>
Date: Mon, 21 Dec 2015 21:44:25 -0000
Reply-to: Bug 1521043 <1521043@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx

This bug was fixed in the package less - 458-3ubuntu1

---------------
less (458-3ubuntu1) xenial; urgency=medium

  * d/p/03-707824-fix_double_free_with_multiple_regex_groups.patch:
    - Cherry-pick upstream fix for double free in regular expression
      code.  (Closes: #707824; LP: #1521043)

 -- Richard Hansen <rhansen@xxxxxxxxxxx>  Sun, 29 Nov 2015 22:40:34
-0500

** Changed in: less (Ubuntu)
       Status: Triaged => Fix Released

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to less in Ubuntu.
https://bugs.launchpad.net/bugs/1521043

Title:
  less 458 crashes if search regex has many groups

Status in less package in Ubuntu:
  Fix Released
Status in less package in Debian:
  Incomplete

Bug description:
  less 458 crashes if there are enough capture groups in the regular
  expression used for search:

      newline=$(printf \\nx); newline=${newline%x}
      echo x | LESS="+g/(((((x)))))${newline}" less

  On amd64, the above produces a segfault:

      Segmentation fault (core dumped)

  On i386, the above triggers an assert:

      *** Error in `less': double free or corruption (fasttop): 0x0887f9e8 ***
      Aborted

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/less/+bug/1521043/+subscriptions

References

[Bug 1521043] [NEW] less 458 crashes if search regex has many groups
From: Richard Hansen, 2015-11-30