From patchwork Thu Jun 26 12:52:21 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Anastasia Belova X-Patchwork-Id: 115118 Return-Path: X-Original-To: patchwork@sourceware.org Delivered-To: patchwork@sourceware.org Received: from server2.sourceware.org (localhost [IPv6:::1]) by sourceware.org (Postfix) with ESMTP id 7F7F0385DDF0 for ; Thu, 26 Jun 2025 13:03:23 +0000 (GMT) DKIM-Filter: OpenDKIM Filter v2.11.0 sourceware.org 7F7F0385DDF0 Authentication-Results: sourceware.org; dkim=pass (2048-bit key, unprotected) header.d=astralinux.ru header.i=@astralinux.ru header.a=rsa-sha256 header.s=mail header.b=yMzF7QdV X-Original-To: libc-alpha@sourceware.org Delivered-To: libc-alpha@sourceware.org Received: from mail-gw02.astralinux.ru (mail-gw02.astralinux.ru [93.188.205.243]) by sourceware.org (Postfix) with ESMTPS id BB567385608D for ; Thu, 26 Jun 2025 12:53:04 +0000 (GMT) DMARC-Filter: OpenDMARC Filter v1.4.2 sourceware.org BB567385608D Authentication-Results: sourceware.org; dmarc=none (p=none dis=none) header.from=astralinux.ru Authentication-Results: sourceware.org; spf=pass smtp.mailfrom=astralinux.ru ARC-Filter: OpenARC Filter v1.0.0 sourceware.org BB567385608D Authentication-Results: server2.sourceware.org; arc=none smtp.remote-ip=93.188.205.243 ARC-Seal: i=1; a=rsa-sha256; d=sourceware.org; s=key; t=1750942385; cv=none; b=unkPfel+IX8sjrx1UR3Z0D1xGjiy9Nb+mGXkFwIFUybyNeuOvKGbrnRkZQPsW3sBoEarWrLfXY+5Ek+vlmMWYTp5gyeYN8f2BRCh/pZugQIRHU5sKFKUe5PhjxQubkrjK5HzPTkbazkEmefCa7x8gEkwzXadfPyINfeJyx2CgQo= ARC-Message-Signature: i=1; a=rsa-sha256; d=sourceware.org; s=key; t=1750942385; c=relaxed/simple; bh=3QV3QZGRWhzIDJPJcrPjaLWHZuzn81+hV419KpHn+Lc=; h=DKIM-Signature:From:To:Subject:Date:Message-ID:MIME-Version; b=F2vYB7Ej+QlurMBuKCK63Wz/iws3pZsHfEdm7BWqA+H2DImyWZ72oBYhQOLgRX9oj4LtIRLw1e3t/XAJuuC7J2QYXUVZMRV3mm/75nykMfZJRrKL+Fhv2kE2v3vfxMIhy7DIE9kZ1EGmeRfEevqhTmKugZRqi2mv+z/t+XlwdLs= ARC-Authentication-Results: i=1; server2.sourceware.org DKIM-Filter: OpenDKIM Filter v2.11.0 sourceware.org BB567385608D DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=astralinux.ru; s=mail; t=1750942381; bh=3QV3QZGRWhzIDJPJcrPjaLWHZuzn81+hV419KpHn+Lc=; h=From:To:Cc:Subject:Date:From; b=yMzF7QdVetkwqjx4ovhbVEvqXWJof1vbaJUZ9HZvL4GM0vLh31IKTRo4q9byX2ju/ NvGyQrLYmGo2G/DvpjiUF3Eq2iFy2CVzXE9+3N34wMDooiIkb7SIHJoepKCULoc1RV P3TNHApRh3wr9ZO0Ab5a4+J8EBAELoWbOBQjXYb4aUoObnJ7y5mqilrb3eGiUhn5Co 646Az2XugHHe5CPaimKfGbxvyKtQOf1wY0V/rdcIDaMyv5k5DyS+1jHiOjjbTrc+K+ FrhhP6VZKlTzm0+pwU3VlY02IlbfXnl9qPhyEHY27rpic+vxzm8hxRGXnJeAic+5Lg 0P4AiZy4LxOjA== Received: from gca-msk-a-srv-ksmg01.astralinux.ru (localhost [127.0.0.1]) by mail-gw02.astralinux.ru (Postfix) with ESMTP id EA3F11FA23 for ; Thu, 26 Jun 2025 15:53:01 +0300 (MSK) Received: from new-mail.astralinux.ru (unknown [10.177.185.199]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by mail-gw02.astralinux.ru (Postfix) with ESMTPS for ; Thu, 26 Jun 2025 15:53:01 +0300 (MSK) Received: from localhost.localdomain (unknown [10.190.6.56]) by new-mail.astralinux.ru (Postfix) with ESMTPA id 4bSdrH2qg9z2xCf; Thu, 26 Jun 2025 15:52:31 +0300 (MSK) From: Anastasia Belova To: libc-alpha@sourceware.org Cc: Anastasia Belova Subject: [PATCH] regcomp: fix double free in parse_bracket_exp() Date: Thu, 26 Jun 2025 15:52:21 +0300 Message-ID: <20250626125223.6999-1-abelova@astralinux.ru> X-Mailer: git-send-email 2.47.0 MIME-Version: 1.0 X-KSMG-AntiPhishing: NotDetected X-KSMG-AntiSpam-Auth: dkim=none X-KSMG-AntiSpam-Envelope-From: abelova@astralinux.ru X-KSMG-AntiSpam-Info: LuaCore: 62 0.3.62 e2af3448995f5f8a7fe71abf21bb23519d0f38c3, {Tracking_uf_ne_domains}, {Tracking_from_domain_doesnt_match_to}, d41d8cd98f00b204e9800998ecf8427e.com:7.1.1; 127.0.0.199:7.1.2; astralinux.ru:7.1.1; new-mail.astralinux.ru:7.1.1, FromAlignment: s X-KSMG-AntiSpam-Interceptor-Info: scan successful X-KSMG-AntiSpam-Lua-Profiles: 194364 [Jun 26 2025] X-KSMG-AntiSpam-Method: none X-KSMG-AntiSpam-Rate: 0 X-KSMG-AntiSpam-Status: not_detected X-KSMG-AntiSpam-Version: 6.1.1.11 X-KSMG-AntiVirus: Kaspersky Secure Mail Gateway, version 2.1.0.7854, bases: 2025/06/26 11:20:00 #27592830 X-KSMG-AntiVirus-Status: NotDetected, skipped X-KSMG-LinksScanning: NotDetected X-KSMG-Message-Action: skipped X-KSMG-Rule-ID: 1 X-Spam-Status: No, score=-12.9 required=5.0 tests=BAYES_00, DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU, DKIM_VALID_EF, GIT_PATCH_0, RCVD_IN_VALIDITY_RPBL_BLOCKED, RCVD_IN_VALIDITY_SAFE_BLOCKED, SPF_HELO_NONE, SPF_PASS, TXREP autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on server2.sourceware.org X-BeenThere: libc-alpha@sourceware.org X-Mailman-Version: 2.1.30 Precedence: list List-Id: Libc-alpha mailing list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: libc-alpha-bounces~patchwork=sourceware.org@sourceware.org Double free happens when work_tree = NULL: before the check and after parse_bracket_exp_free_return free_charset() is called. Move first call after the check and goto. Signed-off-by: Anastasia Belova --- posix/regcomp.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/posix/regcomp.c b/posix/regcomp.c index 32043e9d37..9b8429cece 100644 --- a/posix/regcomp.c +++ b/posix/regcomp.c @@ -3385,15 +3385,15 @@ parse_bracket_exp (re_string_t *regexp, re_dfa_t *dfa, re_token_t *token, else #endif /* not RE_ENABLE_I18N */ { -#ifdef RE_ENABLE_I18N - free_charset (mbcset); -#endif /* Build a tree for simple bracket. */ br_token.type = SIMPLE_BRACKET; br_token.opr.sbcset = sbcset; work_tree = create_token_tree (dfa, NULL, NULL, &br_token); if (__glibc_unlikely (work_tree == NULL)) goto parse_bracket_exp_espace; +#ifdef RE_ENABLE_I18N + free_charset (mbcset); +#endif } return work_tree;