vbscript.dll regular expression object (RegExp) memory leak

Hello,

The following vbscript, which uses the RegExp object,
causes memory leak (tested under Windows XP SP2 with
Script Engine V5.6); when you run it, locate the
associated wscript.exe or cscript.exe process in the
Windows task manager, then click "OK" in the "Start"
message box, and see how the "Mem Usage" value grows
in the task manager.

Dim PatternStr
Dim oRegExp
Dim oMatches

PatternStrBuggy = "^(?:\<([0-9]+)\>)?(?:([A-Za-z]+)
)?(?:([\d ]\d) )?(?:(\d+)
)?(?:([0-9]+:[0-9]+:[0-9]+(?:\.[0-9]+)?) )?(?:([^ :]+)
)?((?:(?:([^ \[\:]+)(?:\[([0-9]+)\])?:)? )?(.*))"
strng = "c"

Set oRegExp = New RegExp
oRegExp.Global = true
oRegExp.Multiline = true
oRegExp.Pattern = PatternStrBuggy
On Error Resume Next
MsgBox "start"
For i=1 to 10000000
Set oMatches = oRegExp.Execute(strng)
Next
MsgBox "stop"

*** end of mail***

Do you Yahoo!?
Yahoo! Mail - Easier than ever with enhanced search. Learn more.
http://info.mail.yahoo.com/mail_250

–
NTBugtraq Editor's Note:

Most viruses these days use spoofed email addresses. As such, using an Anti-Virus product which
automatically notifies the perceived sender of a message it believes is infected may well cause more harm
than good. Someone who did not actually send you a virus may receive the notification and scramble their
support staff to find an infection which never existed in the first place. Suggest such notifications be
disabled by whomever is responsible for your AV, or at least that the idea is considered.