fix a possible integer overflow in DFA matching (#305)

(cherry picked from commit 2a38eb8cf0ea512b022a3223debb76724d3a22d2)

backport-fix-a-possible-integer-overflow-in-DFA-matching-305.patch

@@ -0,0 +1,24 @@
+From d231944236c6516de2831cbdde3069dab180ae81 Mon Sep 17 00:00:00 2001
+From: pkuzco <b.naamneh@gmail.com>
+Date: Mon, 9 Oct 2023 17:46:42 +0200
+Subject: [PATCH] fix a possible integer overflow in DFA matching (#305)
+ 
+---
+ src/pcre2_dfa_match.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+ 
+diff --git a/src/pcre2_dfa_match.c b/src/pcre2_dfa_match.c
+index 518ac07..13b1ae4 100644
+--- a/src/pcre2_dfa_match.c
++++ b/src/pcre2_dfa_match.c
+@@ -428,7 +428,7 @@ overflow. */
+ 
+ else
+   {
+-  uint32_t newsize = (rws->size >= UINT32_MAX/2)? UINT32_MAX/2 : rws->size * 2;
++  uint32_t newsize = (rws->size >= UINT32_MAX/(sizeof(int)*2))? UINT32_MAX/sizeof(int) : rws->size * 2;
+   uint32_t newsizeK = newsize/(1024/sizeof(int));
+ 
+   if (newsizeK + mb->heap_used > mb->heap_limit)
+-- 
+2.33.0

pcre2.spec

@@ -1,6 +1,6 @@
 Name:        pcre2
 Version:     10.35
-Release:     5
+Release:     6
 Summary:     Perl Compatible Regular Expressions
 License:     BSD
 URL:         http://www.pcre.org/
@@ -36,6 +36,7 @@ Patch6019:     backport-Fixed-an-issue-in-the-backtracking-optimization-of-c.pat
 Patch6020:     backport-jit-fail-early-in-ffcps_-if-subject-shorter-than-off.patch
 Patch6021:     backport-jit-fix-pcre2_jit_free_unused_memory-if-sljit-not-us.patch
 Patch6022:     backport-fix-CVE-2022-41409.patch
+Patch6023:     backport-fix-a-possible-integer-overflow-in-DFA-matching-305.patch
 
 BuildRequires:  autoconf libtool automake coreutils gcc make readline-devel
 Obsoletes:      pcre2-utf16 pcre2-utf32 pcre2-tools
@@ -152,6 +153,9 @@ make check
 %{_pkgdocdir}/html/
 
 %changelog
+* Thu Dec 14 2023 xujing <xujing125@huawei.com> - 10.35-6
+- DESC:fix a possible integer overflow in DFA matching (#305)
+
 * Mon Jul 31 2023 yangmingtai <yangmingtai@huawei.com> - 10.35-5
 - DESC:fix CVE-2022-41409