Revision: 1611
http://vcs.pcre.org/viewvc?view=rev&revision=1611
Author: ph10
Date: 2015-11-26 20:29:13 +0000 (Thu, 26 Nov 2015)
Log Message:
-----------
Fix auto-callout (?# comment bug.
Modified Paths:
--------------
code/trunk/ChangeLog
code/trunk/configure.ac
code/trunk/pcre_compile.c
code/trunk/testdata/testinput2
code/trunk/testdata/testinput7
code/trunk/testdata/testoutput2
code/trunk/testdata/testoutput7
Modified: code/trunk/ChangeLog
===================================================================
--- code/trunk/ChangeLog 2015-11-23 12:41:32 UTC (rev 1610)
+++ code/trunk/ChangeLog 2015-11-26 20:29:13 UTC (rev 1611)
@@ -4,6 +4,14 @@
Note that the PCRE 8.xx series (PCRE1) is now in a bugfix-only state. All
development is happening in the PCRE2 10.xx series.
+Version 8.39 xx-xxxxxx-201x
+---------------------------
+
+1. If PCRE_AUTO_CALLOUT was set on a pattern that had a (?# comment between
+ an item and its qualifier (for example, A(?#comment)?B) pcre_compile()
+ misbehaved. This bug was found by the LLVM fuzzer.
+
+
Version 8.38 23-November-2015
-----------------------------
Modified: code/trunk/configure.ac
===================================================================
--- code/trunk/configure.ac 2015-11-23 12:41:32 UTC (rev 1610)
+++ code/trunk/configure.ac 2015-11-26 20:29:13 UTC (rev 1611)
@@ -9,8 +9,8 @@
dnl be defined as -RC2, for example. For real releases, it should be empty.
m4_define(pcre_major, [8])
-m4_define(pcre_minor, [38])
-m4_define(pcre_prerelease, [])
+m4_define(pcre_minor, [39])
+m4_define(pcre_prerelease, [-RC1])
m4_define(pcre_date, [2015-11-23])
# NOTE: The CMakeLists.txt file searches for the above variables in the first
Modified: code/trunk/pcre_compile.c
===================================================================
--- code/trunk/pcre_compile.c 2015-11-23 12:41:32 UTC (rev 1610)
+++ code/trunk/pcre_compile.c 2015-11-26 20:29:13 UTC (rev 1611)
@@ -4699,6 +4699,23 @@
}
}
+ /* Skip over (?# comments. We need to do this here because we want to know if
+ the next thing is a quantifier, and these comments may come between an item
+ and its quantifier. */
+
+ if (c == CHAR_LEFT_PARENTHESIS && ptr[1] == CHAR_QUESTION_MARK &&
+ ptr[2] == CHAR_NUMBER_SIGN)
+ {
+ ptr += 3;
+ while (*ptr != CHAR_NULL && *ptr != CHAR_RIGHT_PARENTHESIS) ptr++;
+ if (*ptr == CHAR_NULL)
+ {
+ *errorcodeptr = ERR18;
+ goto FAILED;
+ }
+ continue;
+ }
+
/* See if the next thing is a quantifier. */
is_quantifier =
@@ -6529,21 +6546,6 @@
case CHAR_LEFT_PARENTHESIS:
ptr++;
- /* First deal with comments. Putting this code right at the start ensures
- that comments have no bad side effects. */
-
- if (ptr[0] == CHAR_QUESTION_MARK && ptr[1] == CHAR_NUMBER_SIGN)
- {
- ptr += 2;
- while (*ptr != CHAR_NULL && *ptr != CHAR_RIGHT_PARENTHESIS) ptr++;
- if (*ptr == CHAR_NULL)
- {
- *errorcodeptr = ERR18;
- goto FAILED;
- }
- continue;
- }
-
/* Now deal with various "verbs" that can be introduced by '*'. */
if (ptr[0] == CHAR_ASTERISK && (ptr[1] == ':'
Modified: code/trunk/testdata/testinput2
===================================================================
--- code/trunk/testdata/testinput2 2015-11-23 12:41:32 UTC (rev 1610)
+++ code/trunk/testdata/testinput2 2015-11-26 20:29:13 UTC (rev 1611)
@@ -4217,4 +4217,12 @@
/a[[:punct:]b]/BZ
+/L(?#(|++<!(2)?/BZ
+
+/L(?#(|++<!(2)?/BOZ
+
+/L(?#(|++<!(2)?/BCZ
+
+/L(?#(|++<!(2)?/BCOZ
+
/-- End of testinput2 --/
Modified: code/trunk/testdata/testinput7
===================================================================
--- code/trunk/testdata/testinput7 2015-11-23 12:41:32 UTC (rev 1610)
+++ code/trunk/testdata/testinput7 2015-11-26 20:29:13 UTC (rev 1611)
@@ -853,4 +853,8 @@
/a[b[:punct:]]/8WBZ
+/L(?#(|++<!(2)?/B8COZ
+
+/L(?#(|++<!(2)?/B8WCZ
+
/-- End of testinput7 --/
Modified: code/trunk/testdata/testoutput2
===================================================================
--- code/trunk/testdata/testoutput2 2015-11-23 12:41:32 UTC (rev 1610)
+++ code/trunk/testdata/testoutput2 2015-11-26 20:29:13 UTC (rev 1611)
@@ -14574,4 +14574,40 @@
End
------------------------------------------------------------------
+/L(?#(|++<!(2)?/BZ
+------------------------------------------------------------------
+ Bra
+ L?+
+ Ket
+ End
+------------------------------------------------------------------
+
+/L(?#(|++<!(2)?/BOZ
+------------------------------------------------------------------
+ Bra
+ L?
+ Ket
+ End
+------------------------------------------------------------------
+
+/L(?#(|++<!(2)?/BCZ
+------------------------------------------------------------------
+ Bra
+ Callout 255 0 14
+ L?+
+ Callout 255 14 0
+ Ket
+ End
+------------------------------------------------------------------
+
+/L(?#(|++<!(2)?/BCOZ
+------------------------------------------------------------------
+ Bra
+ Callout 255 0 14
+ L?
+ Callout 255 14 0
+ Ket
+ End
+------------------------------------------------------------------
+
/-- End of testinput2 --/
Modified: code/trunk/testdata/testoutput7
===================================================================
--- code/trunk/testdata/testoutput7 2015-11-23 12:41:32 UTC (rev 1610)
+++ code/trunk/testdata/testoutput7 2015-11-26 20:29:13 UTC (rev 1611)
@@ -2348,4 +2348,24 @@
End
------------------------------------------------------------------
+/L(?#(|++<!(2)?/B8COZ
+------------------------------------------------------------------
+ Bra
+ Callout 255 0 14
+ L?
+ Callout 255 14 0
+ Ket
+ End
+------------------------------------------------------------------
+
+/L(?#(|++<!(2)?/B8WCZ
+------------------------------------------------------------------
+ Bra
+ Callout 255 0 14
+ L?+
+ Callout 255 14 0
+ Ket
+ End
+------------------------------------------------------------------
+
/-- End of testinput7 --/
