pcre2/pcre2-10.33-Fix-bug-in-recent-patch-for-lookbehinds-within-looka.patch

115 lines
3.7 KiB
Diff
Raw Normal View History

From 007b635b6788f8317747842b02f9c85137277c20 Mon Sep 17 00:00:00 2001
From: ph10 <ph10@6239d852-aaf2-0410-a92c-79f79f948069>
Date: Thu, 18 Jul 2019 17:20:29 +0000
Subject: [PATCH] Fix bug in recent patch for lookbehinds within lookaheads.
Fixes ClusterFuzz 15933.
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
git-svn-id: svn://vcs.exim.org/pcre2/code/trunk@1138 6239d852-aaf2-0410-a92c-79f79f948069
Petr Písař: Ported to 10.33.
Signed-off-by: Petr Písař <ppisar@redhat.com>
---
src/pcre2_compile.c | 22 +++++++++++++---------
testdata/testinput2 | 3 +++
testdata/testoutput2 | 4 ++++
3 files changed, 20 insertions(+), 9 deletions(-)
diff --git a/src/pcre2_compile.c b/src/pcre2_compile.c
index 2ae95ed..b68c154 100644
--- a/src/pcre2_compile.c
+++ b/src/pcre2_compile.c
@@ -136,7 +136,8 @@ static BOOL
compile_block *);
static int
- check_lookbehinds(uint32_t *, uint32_t **, compile_block *);
+ check_lookbehinds(uint32_t *, uint32_t **, parsed_recurse_check *,
+ compile_block *);
/*************************************************
@@ -9004,7 +9005,7 @@ for (;; pptr++)
case META_LOOKAHEAD:
case META_LOOKAHEADNOT:
- *errcodeptr = check_lookbehinds(pptr + 1, &pptr, cb);
+ *errcodeptr = check_lookbehinds(pptr + 1, &pptr, recurses, cb);
if (*errcodeptr != 0) return -1;
/* Ignore any qualifiers that follow a lookahead assertion. */
@@ -9326,15 +9327,17 @@ order to process any lookbehinds that they may contain. It stops when it hits a
non-nested closing parenthesis in this case, returning a pointer to it.
Arguments
- pptr points to where to start (start of pattern or start of lookahead)
- retptr if not NULL, return the ket pointer here
- cb points to the compile block
+ pptr points to where to start (start of pattern or start of lookahead)
+ retptr if not NULL, return the ket pointer here
+ recurses chain of recurse_check to catch mutual recursion
+ cb points to the compile block
-Returns: 0 on success, or an errorcode (cb->erroroffset will be set)
+Returns: 0 on success, or an errorcode (cb->erroroffset will be set)
*/
static int
-check_lookbehinds(uint32_t *pptr, uint32_t **retptr, compile_block *cb)
+check_lookbehinds(uint32_t *pptr, uint32_t **retptr,
+ parsed_recurse_check *recurses, compile_block *cb)
{
int errorcode = 0;
int loopcount = 0;
@@ -9449,7 +9452,8 @@ for (; *pptr != META_END; pptr++)
case META_LOOKBEHIND:
case META_LOOKBEHINDNOT:
- if (!set_lookbehind_lengths(&pptr, &errorcode, &loopcount, NULL, cb))
+ if (!set_lookbehind_lengths(&pptr, &errorcode, &loopcount,
+ recurses, cb))
return errorcode;
break;
}
@@ -9899,7 +9903,7 @@ lengths. */
if (has_lookbehind)
{
- errorcode = check_lookbehinds(cb.parsed_pattern, NULL, &cb);
+ errorcode = check_lookbehinds(cb.parsed_pattern, NULL, NULL, &cb);
if (errorcode != 0) goto HAD_CB_ERROR;
}
diff --git a/testdata/testinput2 b/testdata/testinput2
index d85fc5f..1bfe591 100644
--- a/testdata/testinput2
+++ b/testdata/testinput2
@@ -5600,4 +5600,7 @@ a)"xI
/(?<=(?=.(?<=x)))/
ab\=ph
+# Expect error (recursion => not fixed length)
+/(\2)((?=(?<=\1)))/
+
# End of testinput2
diff --git a/testdata/testoutput2 b/testdata/testoutput2
index 6405e26..758b4db 100644
--- a/testdata/testoutput2
+++ b/testdata/testoutput2
@@ -16952,6 +16952,10 @@ Failed: error 187 at offset 10: lookbehind assertion is too long
ab\=ph
No match
+# Expect error (recursion => not fixed length)
+/(\2)((?=(?<=\1)))/
+Failed: error 125 at offset 8: lookbehind assertion is not fixed length
+
# End of testinput2
Error -70: PCRE2_ERROR_BADDATA (unknown error number)
Error -62: bad serialized data
--
2.20.1