diff options
| author | ph10 <ph10@2f5784b3-3f2a-0410-8824-cb99058d5e15> | 2012-04-19 17:30:38 +0000 |
|---|---|---|
| committer | ph10 <ph10@2f5784b3-3f2a-0410-8824-cb99058d5e15> | 2012-04-19 17:30:38 +0000 |
| commit | b45e17ad7d67d522e1d38780aeb74c31a83e8ac7 (patch) | |
| tree | 0df7093935ea4c4a4e499bca3e93880157bb6edc /pcre_dfa_exec.c | |
| parent | 0f3d6a0cb51bff6c1c8ba82df3d5e8f7bb87465e (diff) | |
| download | pcre-b45e17ad7d67d522e1d38780aeb74c31a83e8ac7.tar.gz | |
Fix long-standing DFA testing restart bug in pcretest, and add some
plausibility checks when restarting in pcre_dfa_exec().
git-svn-id: svn://vcs.exim.org/pcre/code/trunk@960 2f5784b3-3f2a-0410-8824-cb99058d5e15
Diffstat (limited to 'pcre_dfa_exec.c')
| -rw-r--r-- | pcre_dfa_exec.c | 39 |
1 files changed, 23 insertions, 16 deletions
diff --git a/pcre_dfa_exec.c b/pcre_dfa_exec.c index 840a04c..efe4681 100644 --- a/pcre_dfa_exec.c +++ b/pcre_dfa_exec.c @@ -41,7 +41,7 @@ POSSIBILITY OF SUCH DAMAGE. /* This module contains the external function pcre_dfa_exec(), which is an alternative matching function that uses a sort of DFA algorithm (not a true -FSM). This is NOT Perl- compatible, but it has advantages in certain +FSM). This is NOT Perl-compatible, but it has advantages in certain applications. */ @@ -282,7 +282,7 @@ typedef struct stateblock { int data; /* Some use extra data */ } stateblock; -#define INTS_PER_STATEBLOCK (sizeof(stateblock)/sizeof(int)) +#define INTS_PER_STATEBLOCK (int)(sizeof(stateblock)/sizeof(int)) #ifdef PCRE_DEBUG @@ -3162,10 +3162,27 @@ if (offsetcount < 0) return PCRE_ERROR_BADCOUNT; if (wscount < 20) return PCRE_ERROR_DFA_WSSIZE; if (start_offset < 0 || start_offset > length) return PCRE_ERROR_BADOFFSET; -/* We need to find the pointer to any study data before we test for byte -flipping, so we scan the extra_data block first. This may set two fields in the -match block, so we must initialize them beforehand. However, the other fields -in the match block must not be set until after the byte flipping. */ +/* Check that the first field in the block is the magic number. If it is not, +return with PCRE_ERROR_BADMAGIC. However, if the magic number is equal to +REVERSED_MAGIC_NUMBER we return with PCRE_ERROR_BADENDIANNESS, which +means that the pattern is likely compiled with different endianness. */ + +if (re->magic_number != MAGIC_NUMBER) + return re->magic_number == REVERSED_MAGIC_NUMBER? + PCRE_ERROR_BADENDIANNESS:PCRE_ERROR_BADMAGIC; +if ((re->flags & PCRE_MODE) == 0) return PCRE_ERROR_BADMODE; + +/* If restarting after a partial match, do some sanity checks on the contents +of the workspace. */ + +if ((options & PCRE_DFA_RESTART) != 0) + { + if ((workspace[0] & (-2)) != 0 || workspace[1] < 1 || + workspace[1] > (wscount - 2)/INTS_PER_STATEBLOCK) + return PCRE_ERROR_DFA_BADRESTART; + } + +/* Set up study, callout, and table data */ md->tables = re->tables; md->callout_data = NULL; @@ -3184,16 +3201,6 @@ if (extra_data != NULL) md->tables = extra_data->tables; } -/* Check that the first field in the block is the magic number. If it is not, -return with PCRE_ERROR_BADMAGIC. However, if the magic number is equal to -REVERSED_MAGIC_NUMBER we return with PCRE_ERROR_BADENDIANNESS, which -means that the pattern is likely compiled with different endianness. */ - -if (re->magic_number != MAGIC_NUMBER) - return re->magic_number == REVERSED_MAGIC_NUMBER? - PCRE_ERROR_BADENDIANNESS:PCRE_ERROR_BADMAGIC; -if ((re->flags & PCRE_MODE) == 0) return PCRE_ERROR_BADMODE; - /* Set some local values */ current_subject = (const pcre_uchar *)subject + start_offset; |