Revision: 459
http://www.exim.org/viewvc/pcre2?view=rev&revision=459
Author: ph10
Date: 2015-12-03 18:36:36 +0000 (Thu, 03 Dec 2015)
Log Message:
-----------
Fix \) in (*verb) "name" bug.
Modified Paths:
--------------
code/trunk/ChangeLog
code/trunk/src/pcre2_compile.c
code/trunk/testdata/testinput2
code/trunk/testdata/testoutput2
Modified: code/trunk/ChangeLog
===================================================================
--- code/trunk/ChangeLog 2015-12-03 17:19:13 UTC (rev 458)
+++ code/trunk/ChangeLog 2015-12-03 18:36:36 UTC (rev 459)
@@ -376,7 +376,11 @@
PCRE2_INFO_ALLOPTIONS. In fact, this was an anachronism that should have
changed when the effects of those options were all moved to compile time.
+109. An escaped closing parenthesis in the "name" part of a (*verb) when
+PCRE2_ALT_VERBNAMES was set caused pcre2_compile() to malfunction. This bug
+was found by the LLVM fuzzer.
+
Version 10.20 30-June-2015
--------------------------
Modified: code/trunk/src/pcre2_compile.c
===================================================================
--- code/trunk/src/pcre2_compile.c 2015-12-03 17:19:13 UTC (rev 458)
+++ code/trunk/src/pcre2_compile.c 2015-12-03 18:36:36 UTC (rev 459)
@@ -2978,6 +2978,7 @@
ptrptr pointer to the input pointer
codeptr pointer to the compiled code pointer
errorcodeptr pointer to the error code
+ options the options bits
utf TRUE if processing UTF
cb compile data block
@@ -3375,10 +3376,29 @@
{
if ((options & PCRE2_NO_AUTO_CAPTURE) == 0) cb->bracount++;
}
- else /* (*something) - just skip to closing ket */
+
+ /* (*something) - just skip to closing ket unless PCRE2_ALT_VERBNAMES is
+ set, in which case we have to process escapes in the string after the
+ name. */
+
+ else
{
ptr += 2;
- while (ptr < cb->end_pattern && *ptr != CHAR_RIGHT_PARENTHESIS) ptr++;
+ while (MAX_255(*ptr) && (cb->ctypes[*ptr] & ctype_word) != 0) ptr++;
+ if (*ptr == CHAR_COLON)
+ {
+ ptr++;
+ if ((options & PCRE2_ALT_VERBNAMES) != 0)
+ {
+ if (process_verb_name(&ptr, NULL, &errorcode, options, utf, cb) < 0)
+ goto FAILED;
+ }
+ else
+ {
+ while (ptr < cb->end_pattern && *ptr != CHAR_RIGHT_PARENTHESIS)
+ ptr++;
+ }
+ }
nest_depth--;
}
}
Modified: code/trunk/testdata/testinput2
===================================================================
--- code/trunk/testdata/testinput2 2015-12-03 17:19:13 UTC (rev 458)
+++ code/trunk/testdata/testinput2 2015-12-03 18:36:36 UTC (rev 459)
@@ -4735,4 +4735,6 @@
/#comment
(?-x):?/extended
+/(8(*:6^\x09x\xa6l\)6!|\xd0:[^:|)\x09d\Z\d{85*m(?'(?<1!)*\W[*\xff]!!h\w]*\xbe;/alt_bsux,alt_verbnames,allow_empty_class,dollar_endonly,extended,multiline,never_utf,no_dotstar_anchor,no_start_optimize
+
# End of testinput2
Modified: code/trunk/testdata/testoutput2
===================================================================
--- code/trunk/testdata/testoutput2 2015-12-03 17:19:13 UTC (rev 458)
+++ code/trunk/testdata/testoutput2 2015-12-03 18:36:36 UTC (rev 459)
@@ -15054,4 +15054,7 @@
/#comment
(?-x):?/extended
+/(8(*:6^\x09x\xa6l\)6!|\xd0:[^:|)\x09d\Z\d{85*m(?'(?<1!)*\W[*\xff]!!h\w]*\xbe;/alt_bsux,alt_verbnames,allow_empty_class,dollar_endonly,extended,multiline,never_utf,no_dotstar_anchor,no_start_optimize
+Failed: error 124 at offset 49: letter or underscore expected after (?< or (?'
+
# End of testinput2
