Revision: 1594
http://vcs.pcre.org/viewvc?view=rev&revision=1594
Author: ph10
Date: 2015-08-21 17:08:33 +0100 (Fri, 21 Aug 2015)
Log Message:
-----------
Hack in yet other patch for a bug in size computation that is fixed "properly"
in PCRE2.
Modified Paths:
--------------
code/trunk/ChangeLog
code/trunk/pcre_compile.c
code/trunk/testdata/testinput2
code/trunk/testdata/testoutput2
Modified: code/trunk/ChangeLog
===================================================================
--- code/trunk/ChangeLog 2015-08-14 09:34:32 UTC (rev 1593)
+++ code/trunk/ChangeLog 2015-08-21 16:08:33 UTC (rev 1594)
@@ -132,8 +132,13 @@
34. The JIT compiler should restore the control chain for empty possessive
repeats. This issue was found by Karl Skomski with a custom LLVM fuzzer.
-35. Match limit check added to recursion. This issue was found by Karl Skomski
- with a custom LLVM fuzzer.
+35. Match limit check added to JIT recursion. This issue was found by Karl
+ Skomski with a custom LLVM fuzzer.
+
+36. Yet another case similar to 27 above has been circumvented by an
+ unconditional allocation of extra memory. This issue is fixed "properly" in
+ PCRE2 by refactoring the way references are handled. Wen Guanxing
+ from Venustech ADLAB discovered this bug.
Version 8.37 28-April-2015
Modified: code/trunk/pcre_compile.c
===================================================================
--- code/trunk/pcre_compile.c 2015-08-14 09:34:32 UTC (rev 1593)
+++ code/trunk/pcre_compile.c 2015-08-21 16:08:33 UTC (rev 1594)
@@ -7238,7 +7238,7 @@
encountered. In that case, we allow yet more memory, just in case.
(Again, this is fixed "properly" in PCRE2. */
- if (cd->dupgroups) *lengthptr += 2 + 2*LINK_SIZE;
+ if (cd->dupgroups) *lengthptr += 4 + 4*LINK_SIZE;
/* Otherwise, check for recursion here. The name table does not exist
in the first pass; instead we must scan the list of names encountered
@@ -9474,7 +9474,7 @@
"const" attribute if the cast (pcre_uchar *)codestart is used directly in the
function call. */
-if ((options & PCRE_NO_AUTO_POSSESS) == 0)
+if (errorcode == 0 && (options & PCRE_NO_AUTO_POSSESS) == 0)
{
pcre_uchar *temp = (pcre_uchar *)codestart;
auto_possessify(temp, utf, cd);
@@ -9701,4 +9701,3 @@
}
/* End of pcre_compile.c */
-
Modified: code/trunk/testdata/testinput2
===================================================================
--- code/trunk/testdata/testinput2 2015-08-14 09:34:32 UTC (rev 1593)
+++ code/trunk/testdata/testinput2 2015-08-21 16:08:33 UTC (rev 1594)
@@ -4211,4 +4211,6 @@
/((*MARK:A))++a(*SKIP:B)b/
aacb
+/(?J:(?|(:(?|(?'R')(\z(?|(?'R')(\k'R')|((?'R')))k'R')|((?'R')))H'Ak'Rf)|s(?'R')))/
+
/-- End of testinput2 --/
Modified: code/trunk/testdata/testoutput2
===================================================================
--- code/trunk/testdata/testoutput2 2015-08-14 09:34:32 UTC (rev 1593)
+++ code/trunk/testdata/testoutput2 2015-08-21 16:08:33 UTC (rev 1594)
@@ -14561,4 +14561,6 @@
aacb
No match
+/(?J:(?|(:(?|(?'R')(\z(?|(?'R')(\k'R')|((?'R')))k'R')|((?'R')))H'Ak'Rf)|s(?'R')))/
+
/-- End of testinput2 --/
