Login or Register to Ask a Question and Join Our Community


Security Advisories (RSS)

S-037: Perl-Compatible Regular Expression (PCRE) Vulnerabilities

Login to Discuss or Reply to this Discussion in Our Community

 
Thread Tools Search this Thread
Special Forums Cybersecurity Security Advisories (RSS) S-037: Perl-Compatible Regular Expression (PCRE) Vulnerabilities
# 1  
Old 12-24-2007
S-037: Perl-Compatible Regular Expression (PCRE) Vulnerabilities
There are several security issues in PCRE library which potentially allow attackers to execute arbitrary code by compiling specially crafted regular expressions. The risk is LOW. Could potentially allow attackers to execute arbitrary code by compiling specially crafted regular expressions.


More...
Login or Register to Ask a Question

Previous Thread | Next Thread

10 More Discussions You Might Find Interesting

1. Shell Programming and Scripting

Perl regular expression

Hi , I have the below array my @actionText = ("delivered to governor on 21/23/3345" , "deliver jllj" , "ram 2345/43"); When i am trying to grep the contents of array and if mathced substituting with the digitis or some date format from the element like below my @action = grep { $_ =~... (7 Replies)
Discussion started by: ragilla
7 Replies

2. Programming

Perl: How to read from a file, do regular expression and then replace the found regular expression

Hi all, How am I read a file, find the match regular expression and overwrite to the same files. open DESTINATION_FILE, "<tmptravl.dat" or die "tmptravl.dat"; open NEW_DESTINATION_FILE, ">new_tmptravl.dat" or die "new_tmptravl.dat"; while (<DESTINATION_FILE>) { # print... (1 Reply)
Discussion started by: jessy83
1 Replies

3. Shell Programming and Scripting

Perl regular expression help!

Hi I am doing something basic like... if ($stringvariable =~ /have not typed/) I have a little problem because the 'not' in the expression gets highlighted as a kind of a '!'..what am I supposed to do in this situation? Thank you ---------- Post updated at 03:24 PM ----------... (1 Reply)
Discussion started by: vas28r13
1 Replies

4. Shell Programming and Scripting

Hidden Characters in Regular Expression Matching Perl - Perl Newbie

I am completely new to perl programming. My father is helping me learn said programming language. However, I am stuck on one of the assignments he has given me, and I can't find very much help with it via google, either because I have a tiny attention span, or because I can be very very dense. ... (4 Replies)
Discussion started by: kittyluva2
4 Replies

5. Shell Programming and Scripting

Perl regular expression and %

Could you help me with this please. This regular expression seems to match for the wrong input #!/usr/bin/perl my $inputtext = "W1a$%XXX"; if($inputtext =~ m/+X+/) { print "matches\n"; } The problem seems to be %. if inputtext is W1a$XXX, the regex doesnot match.... (5 Replies)
Discussion started by: suppandi7
5 Replies

6. Shell Programming and Scripting

Regular expression in Perl

Hi, I need and expression for a word like abc_xyz_ykklm The expresion should indicate that the word starts with abc and end with ykklm but does not contain xyz string in the middle. Example: abc_tmn_ykklm is ok and abc_xyz_ykklm is not Ok. Please help. Regards. (1 Reply)
Discussion started by: asth
1 Replies

7. Shell Programming and Scripting

perl regular expression

Dear all, I have a simple issue on a perl regular expression. I want to get the characters in red from the next lines : POWER_key LEFT_key RIGHT_key OK_key DOWN_key and so on... Thanks in advance for reply. Ludo (1 Reply)
Discussion started by: lsaas
1 Replies

8. Shell Programming and Scripting

PERL regular expression

Hello all, I need to match the red expressions in the following lines : MACRO_P+P-_scrambledServices_REM_PRC30.xml MACRO_P+P-_scrambledServices_REM_RS636.xml MACRO_P+P-_scrambledServices_REM_RS535.xml and so on... Can anyone give me a PERL regular expression to match those characters ? ... (5 Replies)
Discussion started by: lsaas
5 Replies

9. Shell Programming and Scripting

regular expression in perl

hi, i want to extract the sessionID from this line. QnA Session Id : here the output should be-- QnA_SessionID=128589 Thanks NT (3 Replies)
Discussion started by: namishtiwari
3 Replies

10. Shell Programming and Scripting

Regular expression help in perl

Hi all, I am trying to match a multi line string and return the matching string in one line. Here is the perl code that I wrote: #!/usr/bin/perl my $str='<title>My title</title>'; if ($str =~ /(<title>)(+)(<\/title>)/ ){ print "$2\n"; } It returns : My title I want the... (3 Replies)
Discussion started by: sdubey
3 Replies
Login or Register to Ask a Question

LEARN ABOUT OPENSOLARIS

pcresample

PCRESAMPLE(3)						     Library Functions Manual						     PCRESAMPLE(3)

NAME

       PCRE - Perl-compatible regular expressions

PCRE SAMPLE PROGRAM


       A simple, complete demonstration program, to get you started with using PCRE, is supplied in the file pcredemo.c in the PCRE distribution.

       The  program  compiles the regular expression that is its first argument, and matches it against the subject string in its second argument.
       No PCRE options are set, and default character tables are used. If matching succeeds, the program outputs the portion of the  subject  that
       matched, together with the contents of any captured substrings.

       If  the -g option is given on the command line, the program then goes on to check for further matches of the same regular expression in the
       same subject string. The logic is a little bit tricky because of the possibility of matching an empty string. Comments in the code  explain
       what is going on.

       If  PCRE is installed in the standard include and library directories for your system, you should be able to compile the demonstration pro-
       gram using this command:

	 gcc -o pcredemo pcredemo.c -lpcre

       If PCRE is installed elsewhere, you may need to add additional options to the command line. For example, on a  Unix-like  system  that  has
       PCRE installed in /usr/local, you can compile the demonstration program using a command like this:

	 gcc -o pcredemo -I/usr/local/include pcredemo.c 
	     -L/usr/local/lib -lpcre

       Once you have compiled the demonstration program, you can run simple tests like this:

	 ./pcredemo 'cat|dog' 'the cat sat on the mat'
	 ./pcredemo -g 'cat|dog' 'the dog sat on the cat'

       Note that there is a much more comprehensive test program, called pcretest, which supports many more facilities for testing regular expres-
       sions and the PCRE library. The pcredemo program is provided as a simple coding example.

       On some operating systems (e.g. Solaris), when PCRE is not installed in the standard library directory, you may get an error like this when
       you try to run pcredemo:

	 ld.so.1: a.out: fatal: libpcre.so.0: open failed: No such file or directory

       This is caused by the way shared library support works on those systems. You need to add

	 -R/usr/local/lib

       (for example) to the compile command to get round this problem.

AUTHOR


       Philip Hazel
       University Computing Service
       Cambridge CB2 3QH, England.

REVISION


       Last updated: 23 January 2008
       Copyright (c) 1997-2008 University of Cambridge.

ATTRIBUTES

       See attributes(5) for descriptions of the following attributes:

       +--------------------+-----------------+
       |  ATTRIBUTE TYPE    | ATTRIBUTE VALUE |
       +--------------------+-----------------+
       |Availability	    | SUNWpcre	      |
       +--------------------+-----------------+
       |Interface Stability | Uncommitted     |
       +--------------------+-----------------+
NOTES

       Source for PCRE is available on http://opensolaris.org.

																     PCRESAMPLE(3)