From f499822963db6a3e2f2c09987fb7e7f3f339fcc9 Mon Sep 17 00:00:00 2001
From: yanggao <yang_gao@bupt.edu.cn>
Date: Thu, 9 Mar 2023 14:54:59 +0800
Subject: [PATCH] =?UTF-8?q?CVE-2020-14155=20=E5=AE=89=E5=85=A8=E6=9B=B4?=
 =?UTF-8?q?=E6=96=B0=EF=BC=9APCRE=20=E8=BE=93=E5=85=A5=E9=AA=8C=E8=AF=81?=
 =?UTF-8?q?=E9=94=99=E8=AF=AF=E6=BC=8F=E6=B4=9E.?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 debian/changelog |  6 ++++++
 pcre_compile.c   | 12 +++++++-----
 2 files changed, 13 insertions(+), 5 deletions(-)

diff --git a/debian/changelog b/debian/changelog
index 96dbfbf..1c124fd 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,9 @@
+pcre3 (2:8.39-ok3) yangtze; urgency=medium
+
+  * damizhou CVE-2020-14155 安全更新：PCRE 输入验证错误漏洞.
+
+ -- panchuanzhou <panchuanzhou@bupt.edu.cn>  Thu, 09 Mar 2023 14:52:57 +0800
+
 pcre3 (2:8.39-ok2) yangtze; urgency=medium
 
   * gjq0613 CVE-2019-20838 安全更新:Buffer error vulnerability
diff --git a/pcre_compile.c b/pcre_compile.c
index 7cd3950..c742227 100644
--- a/pcre_compile.c
+++ b/pcre_compile.c
@@ -7086,17 +7086,19 @@ for (;; ptr++)
           int n = 0;
           ptr++;
           while(IS_DIGIT(*ptr))
+            { 
             n = n * 10 + *ptr++ - CHAR_0;
+            if (n > 255)
+              {
+              *errorcodeptr = ERR38;
+              goto FAILED;
+              }
+            } 
           if (*ptr != CHAR_RIGHT_PARENTHESIS)
             {
             *errorcodeptr = ERR39;
             goto FAILED;
             }
-          if (n > 255)
-            {
-            *errorcodeptr = ERR38;
-            goto FAILED;
-            }
           *code++ = n;
           PUT(code, 0, (int)(ptr - cd->start_pattern + 1)); /* Pattern offset */
           PUT(code, LINK_SIZE, 0);                          /* Default length */
-- 
Gitee