]> granicus.if.org Git - onig/commitdiff
projects / onig / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: d9c86e3)
fix #139: UAF in match_at()
authorK.Kosako <kosako@sofnec.co.jp>
Tue, 9 Apr 2019 00:27:56 +0000 (09:27 +0900)
committerK.Kosako <kosako@sofnec.co.jp>
Tue, 9 Apr 2019 00:27:56 +0000 (09:27 +0900)
src/regexec.c patch | blob | history

diff --git a/src/regexec.c b/src/regexec.c
index a8c9f0b22d312284fe54cd1ebb03ab746b23a3ec..6618996c87d7abbfcbcd08b7df7e3701c516b3d9 100644 (file)
--- a/src/regexec.c
+++ b/src/regexec.c
@@ -3393,8 +3393,9 @@ match_at(regex_t* reg, const UChar* str, const UChar* end,
     CASE_OP(MEMORY_END_PUSH_REC)
       mem = p->memory_end.num;
       STACK_GET_MEM_START(mem, stkp); /* should be before push mem-end. */
+      si = GET_STACK_INDEX(stkp);
       STACK_PUSH_MEM_END(mem, s);
-      mem_start_stk[mem] = GET_STACK_INDEX(stkp);
+      mem_start_stk[mem] = si;
       INC_OP;
       JUMP_OUT;
 
Unnamed repository; edit this file 'description' to name the repository.