Revision: 1593
http://vcs.pcre.org/viewvc?view=rev&revision=1593
Author: zherczeg
Date: 2015-08-14 10:34:32 +0100 (Fri, 14 Aug 2015)
Log Message:
-----------
Match limit check added to recursion.
Modified Paths:
--------------
code/trunk/ChangeLog
code/trunk/pcre_jit_compile.c
Modified: code/trunk/ChangeLog
===================================================================
--- code/trunk/ChangeLog 2015-08-11 13:34:44 UTC (rev 1592)
+++ code/trunk/ChangeLog 2015-08-14 09:34:32 UTC (rev 1593)
@@ -132,7 +132,10 @@
34. The JIT compiler should restore the control chain for empty possessive
repeats. This issue was found by Karl Skomski with a custom LLVM fuzzer.
+35. Match limit check added to recursion. This issue was found by Karl Skomski
+ with a custom LLVM fuzzer.
+
Version 8.37 28-April-2015
--------------------------
Modified: code/trunk/pcre_jit_compile.c
===================================================================
--- code/trunk/pcre_jit_compile.c 2015-08-11 13:34:44 UTC (rev 1592)
+++ code/trunk/pcre_jit_compile.c 2015-08-14 09:34:32 UTC (rev 1593)
@@ -9684,6 +9684,7 @@
sljit_emit_fast_enter(compiler, TMP2, 0);
allocate_stack(common, private_data_size + framesize + alternativesize);
+count_match(common);
OP1(SLJIT_MOV, SLJIT_MEM1(STACK_TOP), STACK(private_data_size + framesize + alternativesize - 1), TMP2, 0);
copy_private_data(common, ccbegin, ccend, TRUE, private_data_size + framesize + alternativesize, framesize + alternativesize, needs_control_head);
if (needs_control_head)
@@ -10028,6 +10029,7 @@
OP1(SLJIT_MOV_UI, TMP1, 0, SLJIT_MEM1(TMP1), SLJIT_OFFSETOF(jit_arguments, limit_match));
OP1(SLJIT_MOV, STACK_TOP, 0, SLJIT_MEM1(TMP2), SLJIT_OFFSETOF(struct sljit_stack, base));
OP1(SLJIT_MOV, STACK_LIMIT, 0, SLJIT_MEM1(TMP2), SLJIT_OFFSETOF(struct sljit_stack, limit));
+OP2(SLJIT_ADD, TMP1, 0, TMP1, 0, SLJIT_IMM, 1);
OP1(SLJIT_MOV, SLJIT_MEM1(SLJIT_SP), LIMIT_MATCH, TMP1, 0);
if (mode == JIT_PARTIAL_SOFT_COMPILE)