diff options
| author | ph10 <ph10@2f5784b3-3f2a-0410-8824-cb99058d5e15> | 2015-03-29 15:44:40 +0000 |
|---|---|---|
| committer | ph10 <ph10@2f5784b3-3f2a-0410-8824-cb99058d5e15> | 2015-03-29 15:44:40 +0000 |
| commit | f2f972a69aac98b34316d2e944d55f9ef2ca6712 (patch) | |
| tree | 3f36d4a2ad7135645ca109cc1bec075246585511 | |
| parent | 0bff93ec6f942ad9703a33416c3ca2ddc060de73 (diff) | |
| download | pcre-f2f972a69aac98b34316d2e944d55f9ef2ca6712.tar.gz | |
Fix non-diagnosis of missing assertion after (?(?< not followed by ! or =.
git-svn-id: svn://vcs.exim.org/pcre/code/trunk@1539 2f5784b3-3f2a-0410-8824-cb99058d5e15
| -rw-r--r-- | ChangeLog | 5 | ||||
| -rw-r--r-- | pcre_compile.c | 28 | ||||
| -rw-r--r-- | testdata/testinput2 | 2 | ||||
| -rw-r--r-- | testdata/testoutput2 | 5 |
4 files changed, 26 insertions, 14 deletions
@@ -131,6 +131,11 @@ Version 8.37 xx-xxx-2015 between a subroutine call and its quantifier was incorrectly compiled, leading to buffer overflow or other errors. This bug was discovered by the LLVM fuzzer. + +33. The illegal pattern /(?(?<E>.*!.*)?)/ was not being diagnosed as missing an + assertion after (?(. The code was failing to check the character after + (?(?< for the ! or = that would indicate a lookbehind assertion. This bug + was discovered by the LLVM fuzzer. Version 8.36 26-September-2014 diff --git a/pcre_compile.c b/pcre_compile.c index 810df84..94e78db 100644 --- a/pcre_compile.c +++ b/pcre_compile.c @@ -2497,7 +2497,7 @@ for (code = first_significant_code(code + PRIV(OP_lengths)[*code], TRUE); empty_branch = FALSE; do { - if (!empty_branch && could_be_empty_branch(code, endcode, utf, cd, + if (!empty_branch && could_be_empty_branch(code, endcode, utf, cd, recurses)) empty_branch = TRUE; code += GET(code, 1); } @@ -6476,18 +6476,18 @@ for (;; ptr++) /* First deal with comments. Putting this code right at the start ensures that comments have no bad side effects. */ - - if (ptr[0] == CHAR_QUESTION_MARK && ptr[1] == CHAR_NUMBER_SIGN) - { - ptr += 2; + + if (ptr[0] == CHAR_QUESTION_MARK && ptr[1] == CHAR_NUMBER_SIGN) + { + ptr += 2; while (*ptr != CHAR_NULL && *ptr != CHAR_RIGHT_PARENTHESIS) ptr++; - if (*ptr == CHAR_NULL) - { - *errorcodeptr = ERR18; - goto FAILED; - } - continue; - } + if (*ptr == CHAR_NULL) + { + *errorcodeptr = ERR18; + goto FAILED; + } + continue; + } /* Now deal with various "verbs" that can be introduced by '*'. */ @@ -6679,7 +6679,9 @@ for (;; ptr++) if (tempptr[1] == CHAR_QUESTION_MARK && (tempptr[2] == CHAR_EQUALS_SIGN || tempptr[2] == CHAR_EXCLAMATION_MARK || - tempptr[2] == CHAR_LESS_THAN_SIGN)) + (tempptr[2] == CHAR_LESS_THAN_SIGN && + (tempptr[3] == CHAR_EQUALS_SIGN || + tempptr[3] == CHAR_EXCLAMATION_MARK)))) { cd->iscondassert = TRUE; break; diff --git a/testdata/testinput2 b/testdata/testinput2 index 40593e3..0e29c7a 100644 --- a/testdata/testinput2 +++ b/testdata/testinput2 @@ -4136,4 +4136,6 @@ backtracking verbs. --/ "((?2)+)((?1))" +"(?(?<E>.*!.*)?)" + /-- End of testinput2 --/ diff --git a/testdata/testoutput2 b/testdata/testoutput2 index 28937c8..f3b2dc4 100644 --- a/testdata/testoutput2 +++ b/testdata/testoutput2 @@ -561,7 +561,7 @@ Failed: assertion expected after (?( at offset 3 Failed: reference to non-existent subpattern at offset 7 /(?(?<ab))/ -Failed: syntax error in subpattern name (missing terminator) at offset 7 +Failed: assertion expected after (?( at offset 3 /((?s)blah)\s+\1/I Capturing subpattern count = 1 @@ -14345,4 +14345,7 @@ No match "((?2)+)((?1))" +"(?(?<E>.*!.*)?)" +Failed: assertion expected after (?( at offset 3 + /-- End of testinput2 --/ |