commit 9791674: [Fix] Set sanity limits for pcre2
Vsevolod Stakhov
vsevolod at highsecure.ru
Wed Oct 9 12:28:06 UTC 2019
Author: Vsevolod Stakhov
Date: 2019-10-09 13:25:08 +0100
URL: https://github.com/rspamd/rspamd/commit/9791674f7f656703af74e45949f445c7b30c90d2 (HEAD -> master)
[Fix] Set sanity limits for pcre2
---
src/libutil/regexp.c | 10 +++++++++-
1 file changed, 9 insertions(+), 1 deletion(-)
diff --git a/src/libutil/regexp.c b/src/libutil/regexp.c
index 4ce9c4218..b7aae457e 100644
--- a/src/libutil/regexp.c
+++ b/src/libutil/regexp.c
@@ -158,13 +158,21 @@ rspamd_regexp_post_process (rspamd_regexp_t *r)
}
#if defined(WITH_PCRE2)
gsize jsz;
+ static const guint max_recursion_depth = 100000, max_backtrack = 1000000;
+
guint jit_flags = can_jit ? PCRE2_JIT_COMPLETE : 0;
- /* Create match context */
+ /* Create match context */
r->mcontext = pcre2_match_context_create (NULL);
+ g_assert (r->mcontext != NULL);
+ pcre2_set_depth_limit (r->mcontext, max_recursion_depth);
+ pcre2_set_match_limit (r->mcontext, max_backtrack);
if (r->re != r->raw_re) {
r->raw_mcontext = pcre2_match_context_create (NULL);
+ g_assert (r->raw_mcontext != NULL);
+ pcre2_set_depth_limit (r->raw_mcontext, max_recursion_depth);
+ pcre2_set_match_limit (r->raw_mcontext, max_backtrack);
}
else {
r->raw_mcontext = r->mcontext;
More information about the Commits
mailing list