[Pcre-svn] [1620] code/trunk: Fix get_substring_list() bug when \K is used in an assertion.

Author: Subversion repository
Date:
To: pcre-svn
Subject: [Pcre-svn] [1620] code/trunk: Fix get_substring_list() bug when \K is used in an assertion.

Revision: 1620

          http://vcs.pcre.org/viewvc?view=rev&revision=1620
Author:   ph10
Date:     2015-12-08 11:06:40 +0000 (Tue, 08 Dec 2015)
Log Message:
-----------
Fix get_substring_list() bug when \K is used in an assertion.

Modified Paths:
--------------
    code/trunk/ChangeLog
    code/trunk/pcre_get.c
    code/trunk/testdata/testinput2
    code/trunk/testdata/testoutput2

Modified: code/trunk/ChangeLog
===================================================================
--- code/trunk/ChangeLog    2015-12-05 16:58:46 UTC (rev 1619)
+++ code/trunk/ChangeLog    2015-12-08 11:06:40 UTC (rev 1620)
@@ -40,6 +40,9 @@
     group that reset capture numbers (compare 8.38/7 below). Once again, I have
     just allowed for more memory, even if not needed. (A proper fix is
     implemented in PCRE2, but it involves a lot of refactoring.)
+    
+10. pcre_get_substring_list() crashed if the use of \K in a match caused the 
+    start of the match to be earlier than the end.

Version 8.38 23-November-2015

Modified: code/trunk/pcre_get.c
===================================================================
--- code/trunk/pcre_get.c    2015-12-05 16:58:46 UTC (rev 1619)
+++ code/trunk/pcre_get.c    2015-12-08 11:06:40 UTC (rev 1620)
@@ -461,7 +461,10 @@
 pcre_uchar *p;

for (i = 0; i < double_count; i += 2)
- size += sizeof(pcre_uchar *) + IN_UCHARS(ovector[i+1] - ovector[i] + 1);
+ {
+ size += sizeof(pcre_uchar *) + IN_UCHARS(1);
+ if (ovector[i+1] > ovector[i]) size += IN_UCHARS(ovector[i+1] - ovector[i]);
+ }

stringlist = (pcre_uchar **)(PUBL(malloc))(size);
if (stringlist == NULL) return PCRE_ERROR_NOMEMORY;
@@ -477,7 +480,7 @@

for (i = 0; i < double_count; i += 2)
{
- int len = ovector[i+1] - ovector[i];
+ int len = (ovector[i+1] > ovector[i])? (ovector[i+1] - ovector[i]) : 0;
memcpy(p, subject + ovector[i], IN_UCHARS(len));
*stringlist++ = p;
p += len;

Modified: code/trunk/testdata/testinput2
===================================================================
--- code/trunk/testdata/testinput2    2015-12-05 16:58:46 UTC (rev 1619)
+++ code/trunk/testdata/testinput2    2015-12-08 11:06:40 UTC (rev 1620)
@@ -4232,4 +4232,7 @@
 /(?<A>)(?J:(?<B>)(?<B>))(?<C>)/
     \O\CC

+/(?=a\K)/ 
+    ring bpattingbobnd $ 1,oern cou \rb\L
+
 /-- End of testinput2 --/

Modified: code/trunk/testdata/testoutput2
===================================================================
--- code/trunk/testdata/testoutput2    2015-12-05 16:58:46 UTC (rev 1619)
+++ code/trunk/testdata/testoutput2    2015-12-08 11:06:40 UTC (rev 1620)
@@ -14644,4 +14644,10 @@
 Matched, but too many substrings
 copy substring C failed -7

+/(?=a\K)/ 
+    ring bpattingbobnd $ 1,oern cou \rb\L
+Start of matched string is beyond its end - displaying from end to start.
+ 0: a
+ 0L 
+
 /-- End of testinput2 --/

This message is part of the following thread:
	the complete thread tree sorted by date

[Pcre-svn] [1620] code/trunk: Fix get_substring_list() bug w…