Revision: 1587
http://vcs.pcre.org/viewvc?view=rev&revision=1587
Author: zherczeg
Date: 2015-08-08 07:02:16 +0100 (Sat, 08 Aug 2015)
Log Message:
-----------
The JIT compiler did not restore the control verb head in case of *THEN control verbs.
Modified Paths:
--------------
code/trunk/ChangeLog
code/trunk/pcre_jit_compile.c
code/trunk/testdata/testinput2
code/trunk/testdata/testoutput2
Modified: code/trunk/ChangeLog
===================================================================
--- code/trunk/ChangeLog 2015-08-05 17:43:19 UTC (rev 1586)
+++ code/trunk/ChangeLog 2015-08-08 06:02:16 UTC (rev 1587)
@@ -110,7 +110,10 @@
28. If pcregrep was given the -q option with -c or -l, or when handling a
binary file, it incorrectly wrote output to stdout.
+29. The JIT compiler did not restore the control verb head in case of *THEN
+ control verbs. This issue was found by Karl Skomski with a custom LLVM fuzzer.
+
Version 8.37 28-April-2015
--------------------------
Modified: code/trunk/pcre_jit_compile.c
===================================================================
--- code/trunk/pcre_jit_compile.c 2015-08-05 17:43:19 UTC (rev 1586)
+++ code/trunk/pcre_jit_compile.c 2015-08-08 06:02:16 UTC (rev 1587)
@@ -1321,6 +1321,13 @@
cc += 1 + LINK_SIZE + IMM2_SIZE;
break;
+ case OP_THEN:
+ stack_restore = TRUE;
+ if (common->control_head_ptr != 0)
+ *needs_control_head = TRUE;
+ cc ++;
+ break;
+
default:
stack_restore = TRUE;
/* Fall through. */
Modified: code/trunk/testdata/testinput2
===================================================================
--- code/trunk/testdata/testinput2 2015-08-05 17:43:19 UTC (rev 1586)
+++ code/trunk/testdata/testinput2 2015-08-08 06:02:16 UTC (rev 1587)
@@ -4196,4 +4196,7 @@
/(?J:(?|(:(?|(?'R')(\k'R')|((?'R')))H'Rk'Rf)|s(?'R')))/
+/0(?0)|(1)(*THEN)(*SKIP:0)(*FAIL)/
+ 01
+
/-- End of testinput2 --/
Modified: code/trunk/testdata/testoutput2
===================================================================
--- code/trunk/testdata/testoutput2 2015-08-05 17:43:19 UTC (rev 1586)
+++ code/trunk/testdata/testoutput2 2015-08-08 06:02:16 UTC (rev 1587)
@@ -14539,4 +14539,8 @@
/(?J:(?|(:(?|(?'R')(\k'R')|((?'R')))H'Rk'Rf)|s(?'R')))/
+/0(?0)|(1)(*THEN)(*SKIP:0)(*FAIL)/
+ 01
+No match
+
/-- End of testinput2 --/