[Pcre-svn] [1539] code/trunk: Fix non-diagnosis of missing …

Top Page
Delete this message
Author: Subversion repository
Date:  
To: pcre-svn
Subject: [Pcre-svn] [1539] code/trunk: Fix non-diagnosis of missing assertion after (?(?< not followed by ! or =.
Revision: 1539
          http://vcs.pcre.org/viewvc?view=rev&revision=1539
Author:   ph10
Date:     2015-03-29 16:44:40 +0100 (Sun, 29 Mar 2015)


Log Message:
-----------
Fix non-diagnosis of missing assertion after (?(?< not followed by ! or =.

Modified Paths:
--------------
    code/trunk/ChangeLog
    code/trunk/pcre_compile.c
    code/trunk/testdata/testinput2
    code/trunk/testdata/testoutput2


Modified: code/trunk/ChangeLog
===================================================================
--- code/trunk/ChangeLog    2015-03-29 11:22:24 UTC (rev 1538)
+++ code/trunk/ChangeLog    2015-03-29 15:44:40 UTC (rev 1539)
@@ -131,6 +131,11 @@
     between a subroutine call and its quantifier was incorrectly compiled,
     leading to buffer overflow or other errors. This bug was discovered by the
     LLVM fuzzer.
+    
+33. The illegal pattern /(?(?<E>.*!.*)?)/ was not being diagnosed as missing an
+    assertion after (?(. The code was failing to check the character after
+    (?(?< for the ! or = that would indicate a lookbehind assertion. This bug
+    was discovered by the LLVM fuzzer.



Version 8.36 26-September-2014

Modified: code/trunk/pcre_compile.c
===================================================================
--- code/trunk/pcre_compile.c    2015-03-29 11:22:24 UTC (rev 1538)
+++ code/trunk/pcre_compile.c    2015-03-29 15:44:40 UTC (rev 1539)
@@ -2497,7 +2497,7 @@
       empty_branch = FALSE;
       do
         {
-        if (!empty_branch && could_be_empty_branch(code, endcode, utf, cd, 
+        if (!empty_branch && could_be_empty_branch(code, endcode, utf, cd,
           recurses)) empty_branch = TRUE;
         code += GET(code, 1);
         }
@@ -6476,18 +6476,18 @@


     /* First deal with comments. Putting this code right at the start ensures
     that comments have no bad side effects. */
-                                                                            
-    if (ptr[0] == CHAR_QUESTION_MARK && ptr[1] == CHAR_NUMBER_SIGN)       
-      {                                                       
-      ptr += 2;                
+
+    if (ptr[0] == CHAR_QUESTION_MARK && ptr[1] == CHAR_NUMBER_SIGN)
+      {
+      ptr += 2;
       while (*ptr != CHAR_NULL && *ptr != CHAR_RIGHT_PARENTHESIS) ptr++;
-      if (*ptr == CHAR_NULL)                                     
-        {                                                                 
-        *errorcodeptr = ERR18;                                          
-        goto FAILED;                                               
-        }                                                           
-      continue;                                                         
-      }                        
+      if (*ptr == CHAR_NULL)
+        {
+        *errorcodeptr = ERR18;
+        goto FAILED;
+        }
+      continue;
+      }


     /* Now deal with various "verbs" that can be introduced by '*'. */


@@ -6679,7 +6679,9 @@
         if (tempptr[1] == CHAR_QUESTION_MARK &&
               (tempptr[2] == CHAR_EQUALS_SIGN ||
                tempptr[2] == CHAR_EXCLAMATION_MARK ||
-               tempptr[2] == CHAR_LESS_THAN_SIGN))
+                 (tempptr[2] == CHAR_LESS_THAN_SIGN &&
+                   (tempptr[3] == CHAR_EQUALS_SIGN ||
+                    tempptr[3] == CHAR_EXCLAMATION_MARK))))
           {
           cd->iscondassert = TRUE;
           break;


Modified: code/trunk/testdata/testinput2
===================================================================
--- code/trunk/testdata/testinput2    2015-03-29 11:22:24 UTC (rev 1538)
+++ code/trunk/testdata/testinput2    2015-03-29 15:44:40 UTC (rev 1539)
@@ -4136,4 +4136,6 @@


"((?2)+)((?1))"

+"(?(?<E>.*!.*)?)"
+
/-- End of testinput2 --/

Modified: code/trunk/testdata/testoutput2
===================================================================
--- code/trunk/testdata/testoutput2    2015-03-29 11:22:24 UTC (rev 1538)
+++ code/trunk/testdata/testoutput2    2015-03-29 15:44:40 UTC (rev 1539)
@@ -561,7 +561,7 @@
 Failed: reference to non-existent subpattern at offset 7


/(?(?<ab))/
-Failed: syntax error in subpattern name (missing terminator) at offset 7
+Failed: assertion expected after (?( at offset 3

/((?s)blah)\s+\1/I
Capturing subpattern count = 1
@@ -14345,4 +14345,7 @@

"((?2)+)((?1))"

+"(?(?<E>.*!.*)?)"
+Failed: assertion expected after (?( at offset 3
+
/-- End of testinput2 --/