Skip to content
Permalink
Browse files

Fix CVE-2019-13224: don't allow different encodings for onig_new_delu…

…xe()
  • Loading branch information...
K.Kosako authored and kkos committed Jun 27, 2019
1 parent c509265 commit 0f7f61ed1b7b697e283e37bd2d731d0bd57adb55
Showing with 3 additions and 3 deletions.
  1. +3 −3 src/regext.c
@@ -29,6 +29,7 @@

#include "regint.h"

#if 0
static void
conv_ext0be32(const UChar* s, const UChar* end, UChar* conv)
{
@@ -158,6 +159,7 @@ conv_encoding(OnigEncoding from, OnigEncoding to, const UChar* s, const UChar* e

return ONIGERR_NOT_SUPPORTED_ENCODING_COMBINATION;
}
#endif

extern int
onig_new_deluxe(regex_t** reg, const UChar* pattern, const UChar* pattern_end,
@@ -169,9 +171,7 @@ onig_new_deluxe(regex_t** reg, const UChar* pattern, const UChar* pattern_end,
if (IS_NOT_NULL(einfo)) einfo->par = (UChar* )NULL;

if (ci->pattern_enc != ci->target_enc) {
r = conv_encoding(ci->pattern_enc, ci->target_enc, pattern, pattern_end,
&cpat, &cpat_end);
if (r != 0) return r;
return ONIGERR_NOT_SUPPORTED_ENCODING_COMBINATION;
}
else {
cpat = (UChar* )pattern;

0 comments on commit 0f7f61e

Please sign in to comment.
You can’t perform that action at this time.