Tracker: Bugs
Running the latest vulnerabilities for Windows XP, I ran into this
recursion problem (stack overflow).
ovaldiD.exe!REGEX::IsMatch(const char * patternIn=0x0452f848, const char *
searchStringIn=0x0452b8f8) Line 318 + 0x2c bytes C++
ovaldiD.exe!RegistryFinder::IsMatch(std::basic_string<char,std::char_trai
ts<char>,std::allocator<char> >
patternStr="^S-[-0-9]+\\Identities\\\{[-0-9A-Z]+\}\\Software\\Microsoft\\Ou
tlook\ Express\\5\.0\\Mail$",
std::basic_string<char,std::char_traits<char>,std::allocator<char> >
valueStr="S-1-5-21-3251166223-642990835-1595411953-1158\Software\Microsoft\
SystemCertificates\ACRS\PhysicalStores\.LocalMachine", bool isRegex=true)
Line 741 + 0x1c bytes C++
ovaldiD.exe!RegistryFinder::GetRegistriesForPattern(std::basic_string<cha
r,std::char_traits<char>,std::allocator<char> > hiveStr="HKEY_USERS",
std::basic_string<char,std::char_traits<char>,std::allocator<char> >
keyStr="S-1-5-21-3251166223-642990835-1595411953-1158\Software\Microsoft\Sy
stemCertificates\ACRS\PhysicalStores\",
std::basic_string<char,std::char_traits<char>,std::allocator<char> >
regexStr="^S-[-0-9]+\\Identities\\\{[-0-9A-Z]+\}\\Software\\Microsoft\\Outl
ook\ Express\\5\.0\\Mail$",
std::set<std::basic_string<char,std::char_traits<char>,std::allocator<char>
>,std::less<std::basic_string<char,std::char_traits<char>,std::allocator<ch
ar> >
>,std::allocator<std::basic_string<char,std::char_traits<char>,std::allocat
or<char> > > > *
keys=[1]("S-1-5-21-3251166223-642990835-1595411953-1158\Identities\{73B903B
0-2932-41E9-BB68-60F8BFEC913A}\Software\Microsoft\Outlook
Express\5.0\Mail"), bool isRegex=true) Line 718 + 0x58 bytes C++
ovaldiD.exe!RegistryFinder::GetRegistriesForPattern(std::basic_string<cha
r,std::char_traits<char>,std::allocator<char> > hiveStr="HKEY_USERS",
std::basic_string<char,std::char_traits<char>,std::allocator<char> >
keyStr="S-1-5-21-3251166223-642990835-1595411953-1158\Software\Microsoft\Sy
stemCertificates\ACRS\",
std::basic_string<char,std::char_traits<char>,std::allocator<char> >
regexStr="^S-[-0-9]+\\Identities\\\{[-0-9A-Z]+\}\\Software\\Microsoft\\Outl
ook\ Express\\5\.0\\Mail$",
std::set<std::basic_string<char,std::char_traits<char>,std::allocator<char>
>,std::less<std::basic_string<char,std::char_traits<char>,std::allocator<ch
ar> >
>,std::allocator<std::basic_string<char,std::char_traits<char>,std::allocat
or<char> > > > *
keys=[1]("S-1-5-21-3251166223-642990835-1595411953-1158\Identities\{73B903B
0-2932-41E9-BB68-60F8BFEC913A}\Software\Microsoft\Outlook
Express\5.0\Mail"), bool isRegex=true) Line 717 C++
Goes on for a long time.
The object that seems to be the trigger is:
<registry_object id="oval:org.mitre.oval:obj:532" version="1"
xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
<hive>HKEY_USERS</hive>
<key operation="pattern
match">^S-[-0-9]+\\Identities\\\{[-0-9A-Z]+\}\\Software\\Microsoft\\Outlook
\ Express\\5\.0\\Mail$</key>
<name operation="equals">ShowHybridView</name>
</registry_object>
I attached a xml file with just that test in it.
Nobody/Anonymous
Probe Specific
None
Public
Comments
No follow-up comments have been posted.
Attached File ( 1 )
| Filename | Description | Download |
|---|---|---|
| prob1.oval.xml | Oval file with just the test thats causing the issue. | Download |
Changes ( 5 )
| Field | Old Value | Date | By |
|---|---|---|---|
| status_id | Open | 2009-11-17 14:40 | djhaynes |
| resolution_id | None | 2009-11-17 14:40 | djhaynes |
| allow_comments | 1 | 2009-11-17 14:40 | djhaynes |
| close_date | - | 2009-11-17 14:40 | djhaynes |
| File Added | 349564: prob1.oval.xml | 2009-11-04 20:52 | bonesgoodrich |
About SourceForge
Develop Software
Community
Copyright © 2009 Geeknet, Inc. All rights reserved. Terms of Use
