Skip to content

Commit 34b1c2f

Browse files
authored
Merge pull request #245 from cmazakas/cve-42506269
fix cve issue 42506269
2 parents 0b64ece + 187be72 commit 34b1c2f

File tree

5 files changed

+33
-1
lines changed

5 files changed

+33
-1
lines changed

.github/workflows/ci.yml

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -10,6 +10,7 @@ on:
1010
- master
1111
- develop
1212
- feature/**
13+
- cve-*
1314
pull_request:
1415
release:
1516
types: [published, created, edited]

include/boost/regex/v5/basic_regex_parser.hpp

Lines changed: 8 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -997,7 +997,7 @@ bool basic_regex_parser<charT, traits>::parse_repeat(std::size_t low, std::size_
997997
if((m_position != m_end)
998998
&& (0 == (this->flags() & regbase::main_option_type))
999999
&& (this->m_traits.syntax_type(*m_position) == regex_constants::syntax_plus))
1000-
{
1000+
{
10011001
possessive = true;
10021002
++m_position;
10031003
}
@@ -1114,6 +1114,13 @@ bool basic_regex_parser<charT, traits>::parse_repeat(std::size_t low, std::size_
11141114
else
11151115
contin = false;
11161116
break;
1117+
case regex_constants::syntax_hash:
1118+
if (this->flags() & regex_constants::mod_x) {
1119+
while((m_position != m_end) && !is_separator(*m_position++)){}
1120+
contin = true;
1121+
break;
1122+
}
1123+
BOOST_REGEX_FALLTHROUGH;
11171124
default:
11181125
contin = false;
11191126
}

include/boost/regex/v5/regbase.hpp

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -19,6 +19,8 @@
1919
#ifndef BOOST_REGEX_V5_REGBASE_HPP
2020
#define BOOST_REGEX_V5_REGBASE_HPP
2121

22+
#include <boost/regex/config.hpp>
23+
2224
namespace boost{
2325
//
2426
// class regbase

test/Jamfile.v2

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -137,6 +137,7 @@ compile test_windows_defs_4.cpp ;
137137
run issue153.cpp : : : "<toolset>msvc:<linkflags>-STACK:2097152" ;
138138
run issue227.cpp ;
139139
run issue232.cpp ;
140+
run issue244.cpp ;
140141
run lookbehind_recursion_stress_test.cpp ;
141142
run regex_replace_overflow.cpp ;
142143

test/issue244.cpp

Lines changed: 21 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,21 @@
1+
#include <boost/regex.hpp>
2+
3+
#include <string>
4+
5+
#include "test_macros.hpp"
6+
7+
int main()
8+
{
9+
char const strdata1[] = "\x00t\x03.z%(?x:]*+\x0c#\\x0c\x0c\x0c+\x0c#\\x0c\x0c\x0c\x11\x0c\x0c\xff\xff\xfd*\xff\xff\xff\xff\xff\xff\xff\xff|\xff\xff\xfd*\xff\xff)*\x01\x03\x00\x00\x00\x03\xff\xff\xff\x00\x00\xff\xff\xff";
10+
char const strdata2[] = "(?x:]*+#comment\n+)*";
11+
12+
std::string str1(strdata1, strdata1 + sizeof(strdata1) - 1);
13+
std::string str2(strdata2, strdata2 + sizeof(strdata2) - 1);
14+
15+
boost::match_results<std::string::const_iterator> what;
16+
17+
BOOST_TEST_THROWS((boost::regex(str1)), boost::regex_error);
18+
BOOST_TEST_THROWS((boost::regex(str2)), boost::regex_error);
19+
20+
return boost::report_errors();
21+
}

0 commit comments

Comments
 (0)