Fix a crash in JITted code when a *THEN verb is used in a lookahead assertion

2020-01-13 11:34:38 +01:00 · 2020-01-13 11:34:38 +01:00 · 6431485ab5
commit 6431485ab5
parent 6632bdc8b3
2 changed files with 52 additions and 1 deletions
--- a/pcre2-10.34-Fix-THEN-verbs-in-lookahead-assertions-in-JIT.patch
+++ b/pcre2-10.34-Fix-THEN-verbs-in-lookahead-assertions-in-JIT.patch
@ -0,0 +1,43 @@
 From 5e6a7641c60a1fcee8ae445be3511ce398c0baaa Mon Sep 17 00:00:00 2001
 From: zherczeg <zherczeg@6239d852-aaf2-0410-a92c-79f79f948069>
 Date: Sat, 11 Jan 2020 15:28:15 +0000
 Subject: [PATCH] Fix *THEN verbs in lookahead assertions in JIT.
 MIME-Version: 1.0
 Content-Type: text/plain; charset=UTF-8
 Content-Transfer-Encoding: 8bit
 git-svn-id: svn://vcs.exim.org/pcre2/code/trunk@1204 6239d852-aaf2-0410-a92c-79f79f948069
 Petr Písař: Ported to 10.34.
 ---
 src/pcre2_jit_compile.c | 3 ++-
 src/pcre2_jit_test.c    | 1 +
 diff --git a/src/pcre2_jit_compile.c b/src/pcre2_jit_compile.c
 index 78b94c1..00d13f1 100644
 --- a/src/pcre2_jit_compile.c
 +++ b/src/pcre2_jit_compile.c
@@ -9597,7 +9597,8 @@ if (opcode == OP_ASSERT || opcode == OP_ASSERTBACK)
         }
       else
         {
 -        OP1(SLJIT_MOV, STR_PTR, 0, SLJIT_MEM1(STACK_TOP), 0);
 +        SLJIT_ASSERT(extrasize == 3);
 +        OP1(SLJIT_MOV, STR_PTR, 0, SLJIT_MEM1(STACK_TOP), STACK(-1));
         OP1(SLJIT_MOV, SLJIT_MEM1(STACK_TOP), STACK(0), bra == OP_BRAZERO ? STR_PTR : SLJIT_IMM, 0);
         }
       }
 diff --git a/src/pcre2_jit_test.c b/src/pcre2_jit_test.c
 index e0638ef..a188724 100644
 --- a/src/pcre2_jit_test.c
 +++ b/src/pcre2_jit_test.c
@@ -860,6 +860,7 @@ static struct regression_test_case regression_test_cases[] = {
 	{ MU, A, 0, 0, "(?(?!a(*THEN)b)ad|add)", "add" },
 	{ MU, A, 0, 0 | F_NOMATCH, "(?(?=a)a(*THEN)b|ad)", "ad" },
 	{ MU, A, 0, 0, "(?!(?(?=a)ab|b(*THEN)d))bn|bnn", "bnn" },
 +	{ MU, A, 0, 0, "(?=(*THEN: ))* ", " " },
 	/* Recurse and control verbs. */
 	{ MU, A, 0, 0, "(a(*ACCEPT)b){0}a(?1)b", "aacaabb" },
 -- 
 2.21.1
--- a/pcre2.spec
+++ b/pcre2.spec
@ -9,7 +9,7 @@
 #%%global rcversion RC1
 Name:       pcre2
 Version:    10.34
-Release:    %{?rcversion:0.}3%{?rcversion:.%rcversion}%{?dist}
+Release:    %{?rcversion:0.}3%{?rcversion:.%rcversion}%{?dist}.1
 %global     myversion %{version}%{?rcversion:-%rcversion}
 Summary:    Perl-compatible regular expression library
 # the library:                          BSD with exceptions
@ -57,6 +57,9 @@ Patch1:     pcre2-10.34-Use-PCRE2_MATCH_EMPTY-flag-to-detect-empty-matches-i.pat
 # Fix a crash in pcre2_jit_compile when passing a NULL code argument,
 # upstream bug #2487, in upsream after 10.34
 Patch2:     pcre2-10.34-Fix-the-too-early-access-of-the-fields-of-a-compiled.patch
 # Fix a crash in JITted code when a *THEN verb is used in a lookahead assertion,
 # upstream bug #2510, in upstream after 10.34
 Patch3:     pcre2-10.34-Fix-THEN-verbs-in-lookahead-assertions-in-JIT.patch
 BuildRequires:  autoconf
 BuildRequires:  automake
 BuildRequires:  coreutils
@ -137,6 +140,7 @@ Utilities demonstrating PCRE2 capabilities like pcre2grep or pcre2test.
 %patch0 -p1
 %patch1 -p1
 %patch2 -p1
 %patch3 -p1
 # Because of multilib patch
 libtoolize --copy --force
 autoreconf -vif
@ -234,6 +238,10 @@ make %{?_smp_mflags} check VERBOSE=yes
 %{_mandir}/man1/pcre2test.*
 %changelog
 * Mon Jan 13 2020 Petr Pisar <ppisar@redhat.com> - 10.34-3.1
 - Fix a crash in JITted code when a *THEN verb is used in a lookahead assertion
  (upstream bug #2510)
 * Mon Dec 09 2019 Petr Pisar <ppisar@redhat.com> - 10.34-3
 - Fix a crash in pcre2_jit_compile when passing a NULL code argument (upstream
  bug #2487)