Match limit check added to recursion.

git-svn-id: svn://vcs.exim.org/pcre/code/trunk@1593 2f5784b3-3f2a-0410-8824-cb99058d5e15

2 files changed, 5 insertions, 0 deletions

diff --git a/ChangeLog b/ChangeLog
index d4a5468..40b1b6c 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -132,6 +132,9 @@ Version 8.38 xx-xxx-xxxx
 34. The JIT compiler should restore the control chain for empty possessive
     repeats. This issue was found by Karl Skomski with a custom LLVM fuzzer.
 
+35. Match limit check added to recursion. This issue was found by Karl Skomski
+    with a custom LLVM fuzzer.
+
 
 Version 8.37 28-April-2015
 --------------------------
diff --git a/pcre_jit_compile.c b/pcre_jit_compile.c
index 05f04f0..868d1d9 100644
--- a/pcre_jit_compile.c
+++ b/pcre_jit_compile.c
@@ -9684,6 +9684,7 @@ set_jumps(common->currententry->calls, common->currententry->entry);
 
 sljit_emit_fast_enter(compiler, TMP2, 0);
 allocate_stack(common, private_data_size + framesize + alternativesize);
+count_match(common);
 OP1(SLJIT_MOV, SLJIT_MEM1(STACK_TOP), STACK(private_data_size + framesize + alternativesize - 1), TMP2, 0);
 copy_private_data(common, ccbegin, ccend, TRUE, private_data_size + framesize + alternativesize, framesize + alternativesize, needs_control_head);
 if (needs_control_head)
@@ -10028,6 +10029,7 @@ OP1(SLJIT_MOV, TMP2, 0, SLJIT_MEM1(TMP1), SLJIT_OFFSETOF(jit_arguments, stack));
 OP1(SLJIT_MOV_UI, TMP1, 0, SLJIT_MEM1(TMP1), SLJIT_OFFSETOF(jit_arguments, limit_match));
 OP1(SLJIT_MOV, STACK_TOP, 0, SLJIT_MEM1(TMP2), SLJIT_OFFSETOF(struct sljit_stack, base));
 OP1(SLJIT_MOV, STACK_LIMIT, 0, SLJIT_MEM1(TMP2), SLJIT_OFFSETOF(struct sljit_stack, limit));
+OP2(SLJIT_ADD, TMP1, 0, TMP1, 0, SLJIT_IMM, 1);
 OP1(SLJIT_MOV, SLJIT_MEM1(SLJIT_SP), LIMIT_MATCH, TMP1, 0);
 
 if (mode == JIT_PARTIAL_SOFT_COMPILE)