diff options
| author | ph10 <ph10@2f5784b3-3f2a-0410-8824-cb99058d5e15> | 2015-07-21 13:47:22 +0000 |
|---|---|---|
| committer | ph10 <ph10@2f5784b3-3f2a-0410-8824-cb99058d5e15> | 2015-07-21 13:47:22 +0000 |
| commit | 485a930d11bfd1ba8c292fe14976f0a3e12c2b93 (patch) | |
| tree | 525cfdb1259a65fd675ced40fa770f4c885c7a64 | |
| parent | 084a8fe109a94f6d146c6a7a0e397cc3d40c6b67 (diff) | |
| download | pcre-485a930d11bfd1ba8c292fe14976f0a3e12c2b93.tar.gz | |
Fix "run for ever" bug for deeply nested [: sequences.
git-svn-id: svn://vcs.exim.org/pcre/code/trunk@1579 2f5784b3-3f2a-0410-8824-cb99058d5e15
| -rw-r--r-- | ChangeLog | 3 | ||||
| -rw-r--r-- | pcre_compile.c | 17 | ||||
| -rw-r--r-- | testdata/testinput2 | 2 | ||||
| -rw-r--r-- | testdata/testoutput2 | 3 |
4 files changed, 13 insertions, 12 deletions
@@ -88,6 +88,9 @@ Version 8.38 xx-xxx-xxxx compiled and could cause reading from uninitialized memory or an incorrect error diagnosis. +16. Pathological patterns containing many nested occurrences of [: caused + pcre_compile() to run for a very long time. + Version 8.37 28-April-2015 -------------------------- diff --git a/pcre_compile.c b/pcre_compile.c index 7912cc6..bc88c76 100644 --- a/pcre_compile.c +++ b/pcre_compile.c @@ -3940,19 +3940,12 @@ for (++ptr; *ptr != CHAR_NULL; ptr++) (ptr[1] == CHAR_RIGHT_SQUARE_BRACKET || ptr[1] == CHAR_BACKSLASH)) ptr++; - else if (*ptr == CHAR_RIGHT_SQUARE_BRACKET) return FALSE; - else + else if ((*ptr == CHAR_LEFT_SQUARE_BRACKET && ptr[1] == terminator) || + *ptr == CHAR_RIGHT_SQUARE_BRACKET) return FALSE; + else if (*ptr == terminator && ptr[1] == CHAR_RIGHT_SQUARE_BRACKET) { - if (*ptr == terminator && ptr[1] == CHAR_RIGHT_SQUARE_BRACKET) - { - *endptr = ptr; - return TRUE; - } - if (*ptr == CHAR_LEFT_SQUARE_BRACKET && - (ptr[1] == CHAR_COLON || ptr[1] == CHAR_DOT || - ptr[1] == CHAR_EQUALS_SIGN) && - check_posix_syntax(ptr, endptr)) - return FALSE; + *endptr = ptr; + return TRUE; } } return FALSE; diff --git a/testdata/testinput2 b/testdata/testinput2 index ddb4b99..92a65df 100644 --- a/testdata/testinput2 +++ b/testdata/testinput2 @@ -4186,4 +4186,6 @@ backtracking verbs. --/ /[[:\\](?'abc')[a:]/ +"[[[.\xe8Nq\xffq\xff\xe0\x2|||::Nq\xffq\xff\xe0\x6\x2|||::[[[:[::::::[[[[[::::::::[:[[[:[:::[[[[[[[[[[[[:::::::::::::::::[[.\xe8Nq\xffq\xff\xe0\x2|||::Nq\xffq\xff\xe0\x6\x2|||::[[[:[::::::[[[[[::::::::[:[[[:[:::[[[[[[[[[[[[[[:::E[[[:[:[[:[:::[[:::E[[[:[:[[:'[:::::E[[[:[::::::[[[:[[[[[[[::E[[[:[::::::[[[:[[[[[[[[:[[::[::::[[:::::::[[:[[[[[[[:[[::[:[[:[~" + /-- End of testinput2 --/ diff --git a/testdata/testoutput2 b/testdata/testoutput2 index ab0892b..cda48f5 100644 --- a/testdata/testoutput2 +++ b/testdata/testoutput2 @@ -14504,4 +14504,7 @@ Failed: unmatched parentheses at offset 23 /[[:\\](?'abc')[a:]/ +"[[[.\xe8Nq\xffq\xff\xe0\x2|||::Nq\xffq\xff\xe0\x6\x2|||::[[[:[::::::[[[[[::::::::[:[[[:[:::[[[[[[[[[[[[:::::::::::::::::[[.\xe8Nq\xffq\xff\xe0\x2|||::Nq\xffq\xff\xe0\x6\x2|||::[[[:[::::::[[[[[::::::::[:[[[:[:::[[[[[[[[[[[[[[:::E[[[:[:[[:[:::[[:::E[[[:[:[[:'[:::::E[[[:[::::::[[[:[[[[[[[::E[[[:[::::::[[[:[[[[[[[[:[[::[::::[[:::::::[[:[[[[[[[:[[::[:[[:[~" +Failed: missing terminating ] for character class at offset 353 + /-- End of testinput2 --/ |