On Fri, 26 Feb 2016, Michael McConville wrote:
> The expression (1 << (c&7)) is used as a boolean in:
>
> pcre, pcre_study:1374
> pcre2, src/pcre2_study.c:1455
>
> This is technically a constant true value, as the only potential
> outcomes are:
>
> * no overflow
> * undefined overflow
>
> Nonetheless, considering the '&7' part, overflow is impossible.
>
> Thanks for your time,
Thanks for your report. This is, of course, a typo. In the line
if ((classmap[c/8] && (1 << (c&7))) != 0)
"&&" should be "&". I have fixed this in both PCRE1 and PCRE2. By sheer
luck, this bug did not actually affect anything. I have spent some time
trying to figure out a way of testing the fix, but I have failed.
What it might have done is set up unnecessary potential starting bytes
in UTF-8 mode, but in practice, there are only two possible starting
bytes for characters in the range 128-255, and all the bits in any one
classmap byte use the same one, so testing all of them (instead of just
one) does not cause anything to go wrong.
Philip
--
Philip Hazel
