Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Fix CVE-2019-13225: problem in converting if-then-else pattern to byt…
…ecode.
- Loading branch information
Showing
1 changed file
with
17 additions
and
8 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
c509265
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Hello,
I am currently investigating CVE-2019-13225 because we still maintain version 5.9.1 of oniguruma. The code base is completely different and the patch does not apply at all. Can you provide a test case to reproduce this problem or can you even rule out that version 5.9.1 is not affected? Thank you
c509265
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
5.X.X does not have if-then-else pattern (?(cond)then|else) feature.
This bug fix is about implementation of the if-then-else pattern, so it has nothing to do with 5.X.X.
c509265
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thank you for the confirmation