Print an error if you use too many captures in a regex pattern (fixes #2059)

git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2614 152afb58-edef-0310-8abb-c4023f1b3aa9

2 files changed, 10 insertions, 1 deletions

diff --git a/NEWS b/NEWS
index ecb3f968..f8eec811 100644
--- a/NEWS
+++ b/NEWS
@@ -35,6 +35,7 @@ NEWS
   * Print errors from include_shell to stderr
   * Set tm.tm_isdst = 0 before mktime() (fixes #2047)
   * Use linux-epoll by default if available (fixes #2021, thx Olaf van der Spek)
+  * Print an error if you use too many captures in a regex pattern (fixes #2059)
 
 - 1.4.23 - 2009-06-19
   * Added some extra warning options in cmake and fix the resulting warnings (unused/static functions)
diff --git a/src/configparser.y b/src/configparser.y
index 03f50f95..b0042c5e 100644
--- a/src/configparser.y
+++ b/src/configparser.y
@@ -469,7 +469,7 @@ context ::= DOLLAR SRVVARNAME(B) LBRACKET stringop(C) RBRACKET cond(E) expressio
     case CONFIG_COND_MATCH: {
 #ifdef HAVE_PCRE_H
       const char *errptr;
-      int erroff;
+      int erroff, captures;
 
       if (NULL == (dc->regex =
           pcre_compile(rvalue->ptr, 0, &errptr, &erroff, NULL))) {
@@ -486,6 +486,14 @@ context ::= DOLLAR SRVVARNAME(B) LBRACKET stringop(C) RBRACKET cond(E) expressio
         fprintf(stderr, "studying regex failed: %s -> %s\n",
             rvalue->ptr, errptr);
         ctx->ok = 0;
+      } else if (0 != (pcre_fullinfo(dc->regex, dc->regex_study, PCRE_INFO_CAPTURECOUNT, &captures))) {
+        fprintf(stderr, "getting capture count for regex failed: %s\n",
+            rvalue->ptr);
+        ctx->ok = 0;
+      } else if (captures > 9) {
+        fprintf(stderr, "Too many captures in regex, use (?:...) instead of (...): %s\n",
+            rvalue->ptr);
+        ctx->ok = 0;
       } else {
         dc->string = buffer_init_buffer(rvalue);
       }