This patch fixes CVE-2016-1283, filed upstream as:
See also:
This problem has already been fixed upstream in the svn code repository at:
--- pcre-8.38/pcre_compile.c.orig 2016-03-02 10:28:48.735223798 -0800
+++ pcre-8.38/pcre_compile.c 2016-03-02 10:30:50.856995461 -0800
@@ -7274,7 +7274,12 @@
so far in order to get the number. If the name is not found, leave
the value of recno as 0 for a forward reference. */
- else
+ /* This patch (removing "else") fixes a problem when a reference is
+ to multiple identically named nested groups from within the nest.
+ Once again, it is not the "proper" fix, and it results in an
+ over-allocation of memory. */
+
+ /* else */
{
ng = cd->named_groups;
for (i = 0; i < cd->names_found; i++, ng++)