Revision: 1539
http://vcs.pcre.org/viewvc?view=rev&revision=1539
Author: ph10
Date: 2015-03-29 16:44:40 +0100 (Sun, 29 Mar 2015)
Log Message:
-----------
Fix non-diagnosis of missing assertion after (?(?< not followed by ! or =.
Modified Paths:
--------------
code/trunk/ChangeLog
code/trunk/pcre_compile.c
code/trunk/testdata/testinput2
code/trunk/testdata/testoutput2
Modified: code/trunk/ChangeLog
===================================================================
--- code/trunk/ChangeLog 2015-03-29 11:22:24 UTC (rev 1538)
+++ code/trunk/ChangeLog 2015-03-29 15:44:40 UTC (rev 1539)
@@ -131,6 +131,11 @@
between a subroutine call and its quantifier was incorrectly compiled,
leading to buffer overflow or other errors. This bug was discovered by the
LLVM fuzzer.
+
+33. The illegal pattern /(?(?<E>.*!.*)?)/ was not being diagnosed as missing an
+ assertion after (?(. The code was failing to check the character after
+ (?(?< for the ! or = that would indicate a lookbehind assertion. This bug
+ was discovered by the LLVM fuzzer.
Version 8.36 26-September-2014
Modified: code/trunk/pcre_compile.c
===================================================================
--- code/trunk/pcre_compile.c 2015-03-29 11:22:24 UTC (rev 1538)
+++ code/trunk/pcre_compile.c 2015-03-29 15:44:40 UTC (rev 1539)
@@ -2497,7 +2497,7 @@
empty_branch = FALSE;
do
{
- if (!empty_branch && could_be_empty_branch(code, endcode, utf, cd,
+ if (!empty_branch && could_be_empty_branch(code, endcode, utf, cd,
recurses)) empty_branch = TRUE;
code += GET(code, 1);
}
@@ -6476,18 +6476,18 @@
/* First deal with comments. Putting this code right at the start ensures
that comments have no bad side effects. */
-
- if (ptr[0] == CHAR_QUESTION_MARK && ptr[1] == CHAR_NUMBER_SIGN)
- {
- ptr += 2;
+
+ if (ptr[0] == CHAR_QUESTION_MARK && ptr[1] == CHAR_NUMBER_SIGN)
+ {
+ ptr += 2;
while (*ptr != CHAR_NULL && *ptr != CHAR_RIGHT_PARENTHESIS) ptr++;
- if (*ptr == CHAR_NULL)
- {
- *errorcodeptr = ERR18;
- goto FAILED;
- }
- continue;
- }
+ if (*ptr == CHAR_NULL)
+ {
+ *errorcodeptr = ERR18;
+ goto FAILED;
+ }
+ continue;
+ }
/* Now deal with various "verbs" that can be introduced by '*'. */
@@ -6679,7 +6679,9 @@
if (tempptr[1] == CHAR_QUESTION_MARK &&
(tempptr[2] == CHAR_EQUALS_SIGN ||
tempptr[2] == CHAR_EXCLAMATION_MARK ||
- tempptr[2] == CHAR_LESS_THAN_SIGN))
+ (tempptr[2] == CHAR_LESS_THAN_SIGN &&
+ (tempptr[3] == CHAR_EQUALS_SIGN ||
+ tempptr[3] == CHAR_EXCLAMATION_MARK))))
{
cd->iscondassert = TRUE;
break;
Modified: code/trunk/testdata/testinput2
===================================================================
--- code/trunk/testdata/testinput2 2015-03-29 11:22:24 UTC (rev 1538)
+++ code/trunk/testdata/testinput2 2015-03-29 15:44:40 UTC (rev 1539)
@@ -4136,4 +4136,6 @@
"((?2)+)((?1))"
+"(?(?<E>.*!.*)?)"
+
/-- End of testinput2 --/
Modified: code/trunk/testdata/testoutput2
===================================================================
--- code/trunk/testdata/testoutput2 2015-03-29 11:22:24 UTC (rev 1538)
+++ code/trunk/testdata/testoutput2 2015-03-29 15:44:40 UTC (rev 1539)
@@ -561,7 +561,7 @@
Failed: reference to non-existent subpattern at offset 7
/(?(?<ab))/
-Failed: syntax error in subpattern name (missing terminator) at offset 7
+Failed: assertion expected after (?( at offset 3
/((?s)blah)\s+\1/I
Capturing subpattern count = 1
@@ -14345,4 +14345,7 @@
"((?2)+)((?1))"
+"(?(?<E>.*!.*)?)"
+Failed: assertion expected after (?( at offset 3
+
/-- End of testinput2 --/