Revision: 698
http://www.exim.org/viewvc/pcre2?view=rev&revision=698
Author: ph10
Date: 2017-03-22 15:12:06 +0000 (Wed, 22 Mar 2017)
Log Message:
-----------
Fix misbehaving DFA match for possessively repeated character class (Bugzilla
2086).
Modified Paths:
--------------
code/trunk/ChangeLog
code/trunk/src/pcre2_dfa_match.c
code/trunk/testdata/testinput6
code/trunk/testdata/testoutput6
Modified: code/trunk/ChangeLog
===================================================================
--- code/trunk/ChangeLog 2017-03-21 18:36:13 UTC (rev 697)
+++ code/trunk/ChangeLog 2017-03-22 15:12:06 UTC (rev 698)
@@ -80,7 +80,10 @@
were longer than 64 code units could cause a buffer overflow. This was a bug in
pcre2test.
+14. The alternative matching function, pcre2_dfa_match() misbehaved if it
+encountered a character class with a possessive repeat, for example [a-f]{3}+.
+
Version 10.23 14-February-2017
------------------------------
Modified: code/trunk/src/pcre2_dfa_match.c
===================================================================
--- code/trunk/src/pcre2_dfa_match.c 2017-03-21 18:36:13 UTC (rev 697)
+++ code/trunk/src/pcre2_dfa_match.c 2017-03-22 15:12:06 UTC (rev 698)
@@ -544,7 +544,7 @@
BOOL partial_newline = FALSE;
BOOL could_continue = reset_could_continue;
reset_could_continue = FALSE;
-
+
if (ptr > mb->last_used_ptr) mb->last_used_ptr = ptr;
/* Make the new state list into the active state list and empty the
@@ -597,7 +597,7 @@
int state_offset = current_state->offset;
int rrc;
int count;
-
+
/* A negative offset is a special case meaning "hold off going to this
(negated) state until the number of characters in the data field have
been skipped". If the could_continue flag was passed over from a previous
@@ -633,7 +633,7 @@
code = start_code + state_offset;
codevalue = *code;
-
+
/* If this opcode inspects a character, but we are at the end of the
subject, remember the fact for use when testing for a partial match. */
@@ -2539,11 +2539,13 @@
if (isinclass)
{
int max = (int)GET2(ecode, 1 + IMM2_SIZE);
- if (*ecode == OP_CRPOSRANGE)
+
+ if (*ecode == OP_CRPOSRANGE && count >= (int)GET2(ecode, 1))
{
active_count--; /* Remove non-match possibility */
next_active_state--;
}
+
if (++count >= max && max != 0) /* Max 0 => no limit */
{ ADD_NEW(next_state_offset + 1 + 2 * IMM2_SIZE, 0); }
else
Modified: code/trunk/testdata/testinput6
===================================================================
--- code/trunk/testdata/testinput6 2017-03-21 18:36:13 UTC (rev 697)
+++ code/trunk/testdata/testinput6 2017-03-22 15:12:06 UTC (rev 698)
@@ -4886,4 +4886,7 @@
\= Expect depth limit exceeded
a[00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]
+/(02-)?[0-9]{3}-[0-9]{3}/
+ 02-123-123
+
# End of testinput6
Modified: code/trunk/testdata/testoutput6
===================================================================
--- code/trunk/testdata/testoutput6 2017-03-21 18:36:13 UTC (rev 697)
+++ code/trunk/testdata/testoutput6 2017-03-22 15:12:06 UTC (rev 698)
@@ -7685,4 +7685,8 @@
a[00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]
Failed: error -53: matching depth limit exceeded
+/(02-)?[0-9]{3}-[0-9]{3}/
+ 02-123-123
+ 0: 02-123-123
+
# End of testinput6