Validate number of capturing parentheses

2019-05-06 13:16:15 +02:00 · 2019-05-06 13:16:15 +02:00 · 78199ab566
commit 78199ab566
parent 25f9a2284c
2 changed files with 181 additions and 1 deletions
--- a/pcre2-10.33-Implement-a-check-on-the-number-of-capturing-parenth.patch
+++ b/pcre2-10.33-Implement-a-check-on-the-number-of-capturing-parenth.patch
@ -0,0 +1,174 @@
+From a38f1e7eb827408133178ffac9987157d82edaa2 Mon Sep 17 00:00:00 2001
+From: ph10 <ph10@6239d852-aaf2-0410-a92c-79f79f948069>
+Date: Mon, 22 Apr 2019 12:39:38 +0000
+Subject: [PATCH] Implement a check on the number of capturing parentheses,
+ which for some reason has never existed. This fixes ClusterFuzz issue 14376.
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+git-svn-id: svn://vcs.exim.org/pcre2/code/trunk@1088 6239d852-aaf2-0410-a92c-79f79f948069
+Petr Pisar: Ported to 10.33.
+
+ src/pcre2.h.in           |  1 +
+ src/pcre2_compile.c      | 12 +++++++++++-
+ src/pcre2_error.c        |  1 +
+ testdata/testinput11     |  2 ++
+ testdata/testinput2      |  4 ++++
+ testdata/testinput9      |  2 ++
+ testdata/testoutput11-16 |  3 +++
+ testdata/testoutput11-32 |  2 ++
+ testdata/testoutput2     |  6 ++++++
+ testdata/testoutput9     |  3 +++
+
+diff --git a/src/pcre2.h.in b/src/pcre2.h.in
+index 9415d70..29f3688 100644
+--- a/src/pcre2.h.in
+++ b/src/pcre2.h.in
+@@ -305,6 +305,7 @@ pcre2_pattern_convert(). */
+ #define PCRE2_ERROR_INVALID_HYPHEN_IN_OPTIONS      194
+ #define PCRE2_ERROR_ALPHA_ASSERTION_UNKNOWN        195
+ #define PCRE2_ERROR_SCRIPT_RUN_NOT_AVAILABLE       196
+#define PCRE2_ERROR_TOO_MANY_CAPTURES              197
+ 
+ 
+ /* "Expected" matching error codes: no match and partial match. */
+diff --git a/src/pcre2_compile.c b/src/pcre2_compile.c
+index 068735a..cd6fbea 100644
+--- a/src/pcre2_compile.c
+++ b/src/pcre2_compile.c
+@@ -781,7 +781,7 @@ enum { ERR0 = COMPILE_ERROR_BASE,
+        ERR61, ERR62, ERR63, ERR64, ERR65, ERR66, ERR67, ERR68, ERR69, ERR70,
+        ERR71, ERR72, ERR73, ERR74, ERR75, ERR76, ERR77, ERR78, ERR79, ERR80,
+        ERR81, ERR82, ERR83, ERR84, ERR85, ERR86, ERR87, ERR88, ERR89, ERR90,
+-       ERR91, ERR92, ERR93, ERR94, ERR95, ERR96 };
+       ERR91, ERR92, ERR93, ERR94, ERR95, ERR96, ERR97 };
+ 
+ /* This is a table of start-of-pattern options such as (*UTF) and settings such
+ as (*LIMIT_MATCH=nnnn) and (*CRLF). For completeness and backward
+@@ -3611,6 +3611,11 @@ while (ptr < ptrend)
+         nest_depth++;
+         if ((options & PCRE2_NO_AUTO_CAPTURE) == 0)
+           {
+          if (cb->bracount >= MAX_GROUP_NUMBER)
+            {
+            errorcode = ERR97;
+            goto FAILED;
+            }    
+           cb->bracount++;
+           *parsed_pattern++ = META_CAPTURE | cb->bracount;
+           }
+@@ -4435,6 +4440,11 @@ while (ptr < ptrend)
+       /* We have a name for this capturing group. It is also assigned a number,
+       which is its primary means of identification. */
+ 
+      if (cb->bracount >= MAX_GROUP_NUMBER)
+        {
+        errorcode = ERR97;
+        goto FAILED;
+        }    
+       cb->bracount++;
+       *parsed_pattern++ = META_CAPTURE | cb->bracount;
+       nest_depth++;
+diff --git a/src/pcre2_error.c b/src/pcre2_error.c
+index 1d02cf1..5517e74 100644
+--- a/src/pcre2_error.c
+++ b/src/pcre2_error.c
+@@ -184,6 +184,7 @@ static const unsigned char compile_error_texts[] =
+   /* 95 */
+   "(*alpha_assertion) not recognized\0"
+   "script runs require Unicode support, which this version of PCRE2 does not have\0"
+  "too many capturing groups (maximum 65535)\0"
+   ;
+ 
+ /* Match-time and UTF error texts are in the same format. */
+diff --git a/testdata/testinput11 b/testdata/testinput11
+index 2d267d6..fca6042 100644
+--- a/testdata/testinput11
+++ b/testdata/testinput11
+@@ -368,4 +368,6 @@
+     abÿAz
+     ab\x{80000041}z 
+ 
+/\[()]{65535}/expand
+
+ # End of testinput11
+diff --git a/testdata/testinput2 b/testdata/testinput2
+index 9e59b62..8a98f94 100644
+--- a/testdata/testinput2
+++ b/testdata/testinput2
+@@ -5587,4 +5587,8 @@ a)"xI
+ \= Expect error message
+     abc\=null_context
+ 
+/\[()]{65535}()/expand
+
+/\[()]{65535}(?<A>)/expand
+
+ # End of testinput2
+diff --git a/testdata/testinput9 b/testdata/testinput9
+index 7be4b15..792d610 100644
+--- a/testdata/testinput9
+++ b/testdata/testinput9
+@@ -260,4 +260,6 @@
+ 
+ /(*:*++++++++++++''''''''''''''''''''+''+++'+++x+++++++++++++++++++++++++++++++++++(++++++++++++++++++++:++++++%++:''''''''''''''''''''''''+++++++++++++++++++++++++++++++++++++++++++++++++++++-++++++++k+++++++''''+++'+++++++++++++++++++++++''''++++++++++++':Æ¿)/
+ 
+/\[()]{65535}/expand
+
+ # End of testinput9
+diff --git a/testdata/testoutput11-16 b/testdata/testoutput11-16
+index 78bf7fb..f2b9637 100644
+--- a/testdata/testoutput11-16
+++ b/testdata/testoutput11-16
+@@ -661,4 +661,7 @@ Subject length lower bound = 1
+     abÿAz
+     ab\x{80000041}z 
+ 
+/\[()]{65535}/expand
+Failed: error 120 at offset 131070: regular expression is too large
+
+ # End of testinput11
+diff --git a/testdata/testoutput11-32 b/testdata/testoutput11-32
+index 4b00384..1908ab7 100644
+--- a/testdata/testoutput11-32
+++ b/testdata/testoutput11-32
+@@ -667,4 +667,6 @@ Subject length lower bound = 1
+     ab\x{80000041}z 
+  0: ab\x{80000041}z
+ 
+/\[()]{65535}/expand
+
+ # End of testinput11
+diff --git a/testdata/testoutput2 b/testdata/testoutput2
+index 2f91c38..158fbad 100644
+--- a/testdata/testoutput2
+++ b/testdata/testoutput2
+@@ -16934,6 +16934,12 @@ Subject length lower bound = 0
+     abc\=null_context
+ ** Replacement callouts are not supported with null_context.
+ 
+/\[()]{65535}()/expand
+Failed: error 197 at offset 131071: too many capturing groups (maximum 65535)
+
+/\[()]{65535}(?<A>)/expand
+Failed: error 197 at offset 131075: too many capturing groups (maximum 65535)
+
+ # End of testinput2
+ Error -70: PCRE2_ERROR_BADDATA (unknown error number)
+ Error -62: bad serialized data
+diff --git a/testdata/testoutput9 b/testdata/testoutput9
+index f98f276..f66ca3d 100644
+--- a/testdata/testoutput9
+++ b/testdata/testoutput9
+@@ -367,4 +367,7 @@ Failed: error 134 at offset 14: character code point value in \x{} or \o{} is to
+ /(*:*++++++++++++''''''''''''''''''''+''+++'+++x+++++++++++++++++++++++++++++++++++(++++++++++++++++++++:++++++%++:''''''''''''''''''''''''+++++++++++++++++++++++++++++++++++++++++++++++++++++-++++++++k+++++++''''+++'+++++++++++++++++++++++''''++++++++++++':Æ¿)/
+ Failed: error 176 at offset 259: name is too long in (*MARK), (*PRUNE), (*SKIP), or (*THEN)
+ 
+/\[()]{65535}/expand
+Failed: error 120 at offset 131070: regular expression is too large
+
+ # End of testinput9
+-- 
+2.20.1
+
--- a/pcre2.spec
+++ b/pcre2.spec
@ -9,7 +9,7 @@
 #%%global rcversion RC1
 Name:       pcre2
 Version:    10.33
-Release:    %{?rcversion:0.}1%{?rcversion:.%rcversion}%{?dist}
+Release:    %{?rcversion:0.}2%{?rcversion:.%rcversion}%{?dist}
 %global     myversion %{version}%{?rcversion:-%rcversion}
 Summary:    Perl-compatible regular expression library
 # the library:                          BSD with exceptions
@ -49,6 +49,8 @@ URL:        http://www.pcre.org/
 Source:     ftp://ftp.csx.cam.ac.uk/pub/software/programming/pcre/%{?rcversion:Testing/}%{name}-%{myversion}.tar.bz2
 # Do no set RPATH if libdir is not /usr/lib
 Patch0:     pcre2-10.10-Fix-multilib.patch
+# Validate number of capturing parentheses, in upstream after 10.33
+Patch1:     pcre2-10.33-Implement-a-check-on-the-number-of-capturing-parenth.patch
 BuildRequires:  autoconf
 BuildRequires:  automake
 BuildRequires:  coreutils
@ -125,6 +127,7 @@ Utilities demonstrating PCRE2 capabilities like pcre2grep or pcre2test.
 %prep
 %setup -q -n %{name}-%{myversion}
 %patch0 -p1
+%patch1 -p1
 # Because of multilib patch
 libtoolize --copy --force
 autoreconf -vif
@ -223,6 +226,9 @@ make %{?_smp_mflags} check VERBOSE=yes
 %{_mandir}/man1/pcre2test.*

 %changelog
+* Mon May 06 2019 Petr Pisar <ppisar@redhat.com> - 10.33-2
+- Validate number of capturing parentheses
+
 * Tue Apr 16 2019 Petr Pisar <ppisar@redhat.com> - 10.33-1
 - 10.33 bump