Revision: 324
http://www.exim.org/viewvc/pcre2?view=rev&revision=324
Author: ph10
Date: 2015-07-22 10:29:09 +0100 (Wed, 22 Jul 2015)
Log Message:
-----------
Fix (?R- not being correctly diagnosed.
Modified Paths:
--------------
code/trunk/ChangeLog
code/trunk/src/pcre2_compile.c
code/trunk/testdata/testinput2
code/trunk/testdata/testoutput2
Modified: code/trunk/ChangeLog
===================================================================
--- code/trunk/ChangeLog 2015-07-22 09:01:50 UTC (rev 323)
+++ code/trunk/ChangeLog 2015-07-22 09:29:09 UTC (rev 324)
@@ -69,7 +69,10 @@
18. A conditional group with only one branch has an implicit empty alternative
branch and must therefore be treated as potentially matching an empty string.
+19. If (?R was followed by - or + incorrect behaviour happened instead of a
+diagnostic. This bug was discovered by Karl Skomski with the LLVM fuzzer.
+
Version 10.20 30-June-2015
--------------------------
Modified: code/trunk/src/pcre2_compile.c
===================================================================
--- code/trunk/src/pcre2_compile.c 2015-07-22 09:01:50 UTC (rev 323)
+++ code/trunk/src/pcre2_compile.c 2015-07-22 09:29:09 UTC (rev 324)
@@ -2583,8 +2583,8 @@
A user pointed out that PCRE was rejecting [:a[:digit:]] whereas Perl was not.
It seems that the appearance of a nested POSIX class supersedes an apparent
external class. For example, [:a[:digit:]b:] matches "a", "b", ":", or
-a digit. This is handled by returning FALSE if the start of a new group with
-the same terminator is encountered, since the next closing sequence must close
+a digit. This is handled by returning FALSE if the start of a new group with
+the same terminator is encountered, since the next closing sequence must close
the nested group, not the outer one.
In Perl, unescaped square brackets may also appear as part of class names. For
@@ -3282,7 +3282,7 @@
/* Handle a string argument */
else
- {
+ {
ptr++;
delimiter = 0;
for (i = 0; PRIV(callout_start_delims)[i] != 0; i++)
@@ -3293,13 +3293,13 @@
break;
}
}
-
+
if (delimiter == 0)
{
errorcode = ERR82;
goto FAILED;
}
-
+
start = ptr;
do
{
@@ -3312,8 +3312,8 @@
if (ptr[0] == delimiter && ptr[1] == delimiter) ptr += 2;
}
while (ptr[0] != delimiter);
- }
-
+ }
+
/* Check terminating ) */
if (ptr[1] != CHAR_RIGHT_PARENTHESIS)
@@ -5324,12 +5324,12 @@
scode += GET(scode, 1);
}
while (*scode == OP_ALT);
-
- /* A conditional group with only one branch has an implicit empty
+
+ /* A conditional group with only one branch has an implicit empty
alternative branch. */
if (*bracode == OP_COND && bracode[GET(bracode,1)] != OP_ALT)
- *bracode = OP_SCOND;
+ *bracode = OP_SCOND;
}
/* Handle possessive quantifiers. */
@@ -6394,9 +6394,14 @@
/* ------------------------------------------------------------ */
- case CHAR_R: /* Recursion */
- ptr++; /* Same as (?0) */
- /* Fall through */
+ case CHAR_R: /* Recursion, same as (?0) */
+ recno = 0;
+ if (*(++ptr) != CHAR_RIGHT_PARENTHESIS)
+ {
+ *errorcodeptr = ERR29;
+ goto FAILED;
+ }
+ goto HANDLE_RECURSION;
/* ------------------------------------------------------------ */
Modified: code/trunk/testdata/testinput2
===================================================================
--- code/trunk/testdata/testinput2 2015-07-22 09:01:50 UTC (rev 323)
+++ code/trunk/testdata/testinput2 2015-07-22 09:29:09 UTC (rev 324)
@@ -4354,4 +4354,6 @@
/()(?(R)0)*+/B
+/(?R-:(?</
+
# End of testinput2
Modified: code/trunk/testdata/testoutput2
===================================================================
--- code/trunk/testdata/testoutput2 2015-07-22 09:01:50 UTC (rev 323)
+++ code/trunk/testdata/testoutput2 2015-07-22 09:29:09 UTC (rev 324)
@@ -14553,4 +14553,7 @@
End
------------------------------------------------------------------
+/(?R-:(?</
+Failed: error 129 at offset 3: (?R or (?[+-]digits must be followed by )
+
# End of testinput2
