Erlang's generation of compiled regular expressions are vulnerable to a heap overflow. Regular expressions using malformed extpattern can indirectly specify an offset that is used as an array index. This ordinal permits arbitrary regions within the erts_alloc arena can be both read and wrote to.
While ERTS maintains numerous allocators with different internal structures, a single expression can "switch" on internal type information, generalized across the alignment of heap chunk headers, this permits internal pointer value leaks as well as more indirect control over the instruction pointer.
Add structure for mutual recursion detection in ePCRE
fix find_fixedlen stk overflow w/ mutual recursion
Fix heap overflow with unmatched closing parens
This bug can trigger vulnerable code in find_fixedlength for forward reference
within backward assertion with excess closing parenthesis.
Patch has passed first testings and has been assigned to be reviewed
I am a script, I am not human
PR put in waiting for patch to comply with same format as mentioned in #1107
Closing this due to inactivity, please open a new PR when/if you decide to get back to it.