Re: PCRE v2 compile error, was Re: What's cooking in git.git (May 2017, #01; Mon, 1)

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Subject: Re: PCRE v2 compile error, was Re: What's cooking in git.git (May 2017, #01; Mon, 1)
From: demerphq <demerphq@xxxxxxxxx>
Date: Tue, 9 May 2017 16:22:22 +0200
Cc: "brian m. carlson" <sandals@xxxxxxxxxxxxxxxxxxxx>, Junio C Hamano <gitster@xxxxxxxxx>, Johannes Schindelin <Johannes.Schindelin@xxxxxx>, Git Mailing List <git@xxxxxxxxxxxxxxx>, Nguyễn Thái Ngọc Duy <pclouds@xxxxxxxxx>
In-reply-to: <CACBZZX6V8qbnrZAdhRvPthy5Z91iEG8rrJ=Sf9tdkOt52M9j1Q@mail.gmail.com>
References: <CACBZZX6-qZLEGob6CEwpJ7jtEBG6WLPdHQsO4DsbkNZ8di5mjg@mail.gmail.com> <alpine.DEB.2.20.1705031139090.3480@virtualbox> <CACBZZX6_5krLp93PmsW639-N4f1efUT5rPnN+5im=d9-66=QbQ@mail.gmail.com> <alpine.DEB.2.21.1.1705041104070.4905@virtualbox> <CACBZZX5bPN3vZhE=0TSQNdRvKYuV3635=VCQAppAfcZ_tuGpvg@mail.gmail.com> <alpine.DEB.2.21.1.1705041328190.4905@virtualbox> <CACBZZX75nvfQft-gjUG+YP0Y-e-=Knm3bMeDWHSUF=Juz9Ua5Q@mail.gmail.com> <xmqqpofj7rim.fsf@gitster.mtv.corp.google.com> <20170508233224.udpuuzlygjpsjogt@genre.crustytoothpaste.net> <CACBZZX4G_ThE55Gi53QJt1=9K4jQXqJ3QL8JSGpiSSSDRrKeNA@mail.gmail.com> <20170509003714.ylwn5ezvu5h36kj7@genre.crustytoothpaste.net> <CACBZZX6V8qbnrZAdhRvPthy5Z91iEG8rrJ=Sf9tdkOt52M9j1Q@mail.gmail.com>

On 9 May 2017 at 13:12, Ævar Arnfjörð Bjarmason <avarab@xxxxxxxxx> wrote:
> On Tue, May 9, 2017 at 2:37 AM, brian m. carlson
> <sandals@xxxxxxxxxxxxxxxxxxxx> wrote:
>> On Tue, May 09, 2017 at 02:00:18AM +0200, Ævar Arnfjörð Bjarmason wrote:
> * gitweb is vulnerable to CPU DoS now in its default configuration.
> It's easy to provide an ERE that ends up slurping up 100% CPU for
> several seconds on any non-trivial sized repo, do that in parallel &
> you have a DoS vector.

Does one need an ERE? Can't one do that now to many parts of git just
with a glob?

Yves

Follow-Ups:
- Re: PCRE v2 compile error, was Re: What's cooking in git.git (May 2017, #01; Mon, 1)
  - From: Ævar Arnfjörð Bjarmason

References:
- Re: PCRE v2 compile error, was Re: What's cooking in git.git (May 2017, #01; Mon, 1)
  - From: Ævar Arnfjörð Bjarmason
- Re: PCRE v2 compile error, was Re: What's cooking in git.git (May 2017, #01; Mon, 1)
  - From: Johannes Schindelin
- Re: PCRE v2 compile error, was Re: What's cooking in git.git (May 2017, #01; Mon, 1)
  - From: Ævar Arnfjörð Bjarmason
- Re: PCRE v2 compile error, was Re: What's cooking in git.git (May 2017, #01; Mon, 1)
  - From: Johannes Schindelin
- Re: PCRE v2 compile error, was Re: What's cooking in git.git (May 2017, #01; Mon, 1)
  - From: Ævar Arnfjörð Bjarmason
- Re: PCRE v2 compile error, was Re: What's cooking in git.git (May 2017, #01; Mon, 1)
  - From: Johannes Schindelin
- Re: PCRE v2 compile error, was Re: What's cooking in git.git (May 2017, #01; Mon, 1)
  - From: Ævar Arnfjörð Bjarmason
- Re: PCRE v2 compile error, was Re: What's cooking in git.git (May 2017, #01; Mon, 1)
  - From: Junio C Hamano
- Re: PCRE v2 compile error, was Re: What's cooking in git.git (May 2017, #01; Mon, 1)
  - From: brian m. carlson
- Re: PCRE v2 compile error, was Re: What's cooking in git.git (May 2017, #01; Mon, 1)
  - From: Ævar Arnfjörð Bjarmason
- Re: PCRE v2 compile error, was Re: What's cooking in git.git (May 2017, #01; Mon, 1)
  - From: brian m. carlson
- Re: PCRE v2 compile error, was Re: What's cooking in git.git (May 2017, #01; Mon, 1)
  - From: Ævar Arnfjörð Bjarmason

Prev by Date: Re: [GIT PULL] l10n updates for 2.13.0 round 2.1
Next by Date: Re: [GIT PULL] l10n updates for 2.13.0 round 2
Previous by thread: Re: PCRE v2 compile error, was Re: What's cooking in git.git (May 2017, #01; Mon, 1)
Next by thread: Re: PCRE v2 compile error, was Re: What's cooking in git.git (May 2017, #01; Mon, 1)
Index(es):
- Date
- Thread

[Index of Archives] [Linux Kernel Development] [Gcc Help] [IETF Annouce] [DCCP] [Netdev] [Networking] [Security] [V4L] [Bugtraq] [Yosemite] [MIPS Linux] [ARM Linux] [Linux Security] [Linux RAID] [Linux SCSI] [Fedora Users]