Revision: 1616
http://vcs.pcre.org/viewvc?view=rev&revision=1616
Author: ph10
Date: 2015-11-30 17:44:45 +0000 (Mon, 30 Nov 2015)
Log Message:
-----------
Fix \Q\E before qualifier bug when auto callouts are enabled.
Modified Paths:
--------------
code/trunk/ChangeLog
code/trunk/pcre_compile.c
code/trunk/testdata/testinput2
code/trunk/testdata/testoutput2
Modified: code/trunk/ChangeLog
===================================================================
--- code/trunk/ChangeLog 2015-11-29 17:46:23 UTC (rev 1615)
+++ code/trunk/ChangeLog 2015-11-30 17:44:45 UTC (rev 1616)
@@ -23,7 +23,11 @@
5. Allow for up to 32-bit numbers in the ordin() function in pcregrep.
+6 . An empty \Q\E sequence between an item and its qualifier caused
+ pcre_compile() to misbehave when auto callouts were enabled. This bug was
+ found by the LLVM fuzzer.
+
Version 8.38 23-November-2015
-----------------------------
Modified: code/trunk/pcre_compile.c
===================================================================
--- code/trunk/pcre_compile.c 2015-11-29 17:46:23 UTC (rev 1615)
+++ code/trunk/pcre_compile.c 2015-11-30 17:44:45 UTC (rev 1616)
@@ -4671,17 +4671,27 @@
}
goto NORMAL_CHAR;
}
+
+ /* Check for the start of a \Q...\E sequence. We must do this here rather
+ than later in case it is immediately followed by \E, which turns it into a
+ "do nothing" sequence. */
+
+ if (c == CHAR_BACKSLASH && ptr[1] == CHAR_Q)
+ {
+ inescq = TRUE;
+ ptr++;
+ continue;
+ }
}
- /* In extended mode, skip white space and comments. We need a loop in order
- to check for more white space and more comments after a comment. */
+ /* In extended mode, skip white space and comments. */
if ((options & PCRE_EXTENDED) != 0)
{
- for (;;)
+ const pcre_uchar *wscptr = ptr;
+ while (MAX_255(c) && (cd->ctypes[c] & ctype_space) != 0) c = *(++ptr);
+ if (c == CHAR_NUMBER_SIGN)
{
- while (MAX_255(c) && (cd->ctypes[c] & ctype_space) != 0) c = *(++ptr);
- if (c != CHAR_NUMBER_SIGN) break;
ptr++;
while (*ptr != CHAR_NULL)
{
@@ -4695,8 +4705,16 @@
if (utf) FORWARDCHAR(ptr);
#endif
}
- c = *ptr; /* Either NULL or the char after a newline */
}
+
+ /* If we skipped any characters, restart the loop. Otherwise, we didn't see
+ a comment. */
+
+ if (ptr > wscptr)
+ {
+ ptr--;
+ continue;
+ }
}
/* Skip over (?# comments. We need to do this here because we want to know if
@@ -7900,16 +7918,6 @@
c = ec;
else
{
- if (escape == ESC_Q) /* Handle start of quoted string */
- {
- if (ptr[1] == CHAR_BACKSLASH && ptr[2] == CHAR_E)
- ptr += 2; /* avoid empty string */
- else inescq = TRUE;
- continue;
- }
-
- if (escape == ESC_E) continue; /* Perl ignores an orphan \E */
-
/* For metasequences that actually match a character, we disable the
setting of a first character if it hasn't already been set. */
Modified: code/trunk/testdata/testinput2
===================================================================
--- code/trunk/testdata/testinput2 2015-11-29 17:46:23 UTC (rev 1615)
+++ code/trunk/testdata/testinput2 2015-11-30 17:44:45 UTC (rev 1616)
@@ -4227,4 +4227,6 @@
/(A*)\E+/CBZ
+/()\Q\E*]/BCZ
+
/-- End of testinput2 --/
Modified: code/trunk/testdata/testoutput2
===================================================================
--- code/trunk/testdata/testoutput2 2015-11-29 17:46:23 UTC (rev 1615)
+++ code/trunk/testdata/testoutput2 2015-11-30 17:44:45 UTC (rev 1616)
@@ -14624,4 +14624,19 @@
End
------------------------------------------------------------------
+/()\Q\E*]/BCZ
+------------------------------------------------------------------
+ Bra
+ Callout 255 0 7
+ Brazero
+ SCBra 1
+ Callout 255 1 0
+ KetRmax
+ Callout 255 7 1
+ ]
+ Callout 255 8 0
+ Ket
+ End
+------------------------------------------------------------------
+
/-- End of testinput2 --/
