BUG/MEDIUM: regex: allocate a large enough pcre2 match for all matches

In 3.3 with commit fda6dc959 ("MINOR: regex: use a thread-local match
pointer for pcre2") we got a thread-local match that saves us from having
to allocate a match array with each match. However something was clearly
overlooked or misunderstood in the pcre2 API because the local match
array was initialized via pcre2_match_data_create() for MAX_MATCH-1
entries instead of MAX_MATCH, despite the commit message mentioning
MAX_MATCH entries. It was possibly confused with an index. Due to this
there is a risk of crash when matching more than 9 groups in a regex.

This fix must be backported to 3.3.

diff --git a/src/regex.c b/src/regex.c
index 524afc92574b694d6757cd0e95da6315100bbc04..0f192f725a816fa3476302c9102a8d53278956d6 100644 (file)
--- a/src/regex.c
+++ b/src/regex.c
@@ -444,7 +444,7 @@ INITCALL0(STG_REGISTER, regex_register_build_options);
 #ifdef USE_PCRE2
 static int init_pcre2_per_thread(void)
 {
-       local_pcre2_match = pcre2_match_data_create(MAX_MATCH - 1, NULL);
+       local_pcre2_match = pcre2_match_data_create(MAX_MATCH, NULL);
        if (!local_pcre2_match) {
                ha_alert("Failed to allocate PCRE2 match data context for thread %u.\n", tid);
                return 0;