2016-12-16 17:43:55 UTC
the last check (len < length1) was added to "avoid overflow in computing sum of lengths". But I thought int overflow was undefined behaviour, so why does the len < length1 check make sense?You're right, it doesn't. I fixed this by installing the attached patch into
Gnulib. You should look at the Gnulib version and not the glibc version: Gnulib
regex has portability and other fixes that glibc regex doesn't. I never have
gotten up the energy to propagate the Gnulib fixes back into glibc.