On Fri, Jul 27, 2018 at 12:13 PM, Assaf Gordon <address@hidden> wrote:
On 25/07/18 08:34 AM, project-repo wrote:
I let the fuzzer run again and it came up with a second heap buffer
overflow. This time in regexp.c, line 286. Here is a backtrace as
supplied by the address sanitizer:
The two attached patches should explain it in detail.
As these changes are somewhat subtle, I encourage everyone to
double-check them...
Fine work, yet again. Thank you!
I did spot one nit: the addition of two leading TAB bytes in the
latter patch. Should be 8 spaces, of course: