On Wed, 13 Dec 2017 08:12:00 -0800, davem wrote: > On Fri, Dec 08, 2017 at 11:37:54AM -0800, Brian Carpenter wrote: > > Triggered with v5.27.6-156-g5d4548b73b, compiled with clang 6.0.0- > > trunk and > > -fsanitize=address. This bug looks similar to 129012 and 132187. > > > > > > ./perl -e '$_="0000000\x{600000}";/^000.\000000?\00000/' > > ================================================================= > > ==29563==ERROR: AddressSanitizer: heap-buffer-overflow on address > > 0x602000000ebe at pc 0x000000451a60 bp 0x7ffe25406c50 sp > > 0x7ffe254063f8 > > READ of size 2 at 0x602000000ebe thread T0 > > #0 0x451a5f in __interceptor_memchr > > /b/build/slave/linux_upload_clang/build/src/third_party/llvm/compiler- > > rt/lib/asan/../sanitizer_common/sanitizer_common_interceptors.inc:823:3 > > #1 0x7bd1a6 in Perl_fbm_instr /root/perl/util.c:985:42 > > #2 0xaabce3 in Perl_re_intuit_start /root/perl/regexec.c:935:13 > > Fixed with v5.27.6-216-g37e6bbd. > > Not exploitable; I'll move to the public queue in a few days time. Done. Tony --- via perlbug: queue: perl5 status: open https://rt.perl.org/Ticket/Display.html?id=132552